mirror of
https://github.com/nold360/hive-apps
synced 2024-12-22 21:41:13 +00:00
add: crossplane resources
This commit is contained in:
parent
dc4759ef49
commit
e92c9bed0e
6 changed files with 398 additions and 0 deletions
138
projects/crossplane/manifests/composition-bucket.yml
Normal file
138
projects/crossplane/manifests/composition-bucket.yml
Normal file
|
@ -0,0 +1,138 @@
|
|||
apiVersion: apiextensions.crossplane.io/v1
|
||||
kind: Composition
|
||||
metadata:
|
||||
annotations:
|
||||
labels:
|
||||
implementation: terraform
|
||||
provider: minio
|
||||
name: tf-bucket.gnu.one
|
||||
spec:
|
||||
compositeTypeRef:
|
||||
apiVersion: s3.gnu.one/v1alpha1
|
||||
kind: XBucket
|
||||
mode: Resources
|
||||
publishConnectionDetailsWithStoreConfigRef:
|
||||
name: default
|
||||
resources:
|
||||
- base:
|
||||
apiVersion: tf.upbound.io/v1beta1
|
||||
kind: Workspace
|
||||
spec:
|
||||
forProvider:
|
||||
module: |
|
||||
terraform {
|
||||
required_providers {
|
||||
minio = {
|
||||
source = "aminueza/minio"
|
||||
version = "1.17.2"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
variable "access_key" {
|
||||
description = "S3 Access Key"
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "secret_key" {
|
||||
description = "S2 Secret Key"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "name" {
|
||||
description = "Name of Bucket & Service Account"
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "endpoint" {
|
||||
description = "Minio Endpoint"
|
||||
type = string
|
||||
default = "s3-minio.s3.svc.cluster.local:9000"
|
||||
}
|
||||
|
||||
provider "minio" {
|
||||
minio_server = var.endpoint
|
||||
minio_user = var.access_key
|
||||
minio_password = var.secret_key
|
||||
}
|
||||
|
||||
resource "minio_s3_bucket" "bucket" {
|
||||
bucket = var.name
|
||||
acl = "private"
|
||||
force_destroy = false
|
||||
}
|
||||
|
||||
resource "minio_iam_policy" "policy" {
|
||||
name = var.name
|
||||
policy= <<EOF
|
||||
{
|
||||
"Version": "2012-10-17",
|
||||
"Statement": [
|
||||
{
|
||||
"Effect": "Allow",
|
||||
"Action": [
|
||||
"s3:*"
|
||||
],
|
||||
"Resource": [
|
||||
"arn:aws:s3:::${var.name}/*",
|
||||
"arn:aws:s3:::${var.name}"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
EOF
|
||||
}
|
||||
|
||||
resource "minio_iam_user" "user" {
|
||||
name = var.name
|
||||
force_destroy = true
|
||||
}
|
||||
|
||||
resource "minio_iam_user_policy_attachment" "policy_to_user" {
|
||||
user_name = minio_iam_user.user.id
|
||||
policy_name = minio_iam_policy.policy.id
|
||||
}
|
||||
|
||||
resource "minio_iam_service_account" "service_account" {
|
||||
target_user = minio_iam_user.user.name
|
||||
}
|
||||
|
||||
output "endpoint" {
|
||||
value = var.endpoint
|
||||
}
|
||||
|
||||
output "access_key" {
|
||||
value = minio_iam_service_account.service_account.access_key
|
||||
}
|
||||
|
||||
output "secret_key" {
|
||||
value = minio_iam_service_account.service_account.secret_key
|
||||
sensitive = true
|
||||
}
|
||||
source: Inline
|
||||
varFiles:
|
||||
- format: JSON
|
||||
secretKeyRef:
|
||||
key: secret.json
|
||||
name: terraform
|
||||
namespace: crossplane-system
|
||||
source: SecretKey
|
||||
vars:
|
||||
- key: name
|
||||
- key: endpoint
|
||||
value: s3-minio.s3.svc.cluster.local:9000
|
||||
writeConnectionSecretToRef:
|
||||
name: s3-bucket
|
||||
namespace: default
|
||||
name: tf-bucket-and-user
|
||||
patches:
|
||||
- fromFieldPath: spec.name
|
||||
toFieldPath: spec.forProvider.vars[0].value
|
||||
type: FromCompositeFieldPath
|
||||
- fromFieldPath: spec.claimRef.namespace
|
||||
toFieldPath: spec.writeConnectionSecretToRef.namespace
|
||||
type: FromCompositeFieldPath
|
||||
- fromFieldPath: spec.secretName
|
||||
toFieldPath: spec.writeConnectionSecretToRef.name
|
||||
type: FromCompositeFieldPath
|
164
projects/crossplane/manifests/composition-postgres.yml
Normal file
164
projects/crossplane/manifests/composition-postgres.yml
Normal file
|
@ -0,0 +1,164 @@
|
|||
apiVersion: apiextensions.crossplane.io/v1
|
||||
kind: Composition
|
||||
metadata:
|
||||
labels:
|
||||
provider: cnpg
|
||||
name: postgres.gnu.one
|
||||
spec:
|
||||
compositeTypeRef:
|
||||
apiVersion: db.gnu.one/v1alpha2
|
||||
kind: XPostgres
|
||||
mode: Resources
|
||||
patchSets:
|
||||
- name: common
|
||||
patches:
|
||||
- fromFieldPath: spec.name
|
||||
toFieldPath: spec.forProvider.manifest.metadata.name
|
||||
type: FromCompositeFieldPath
|
||||
- fromFieldPath: spec.name
|
||||
toFieldPath: spec.forProvider.manifest.spec.name
|
||||
type: FromCompositeFieldPath
|
||||
- fromFieldPath: metadata.labels[crossplane.io/claim-namespace]
|
||||
toFieldPath: spec.forProvider.manifest.metadata.namespace
|
||||
type: FromCompositeFieldPath
|
||||
publishConnectionDetailsWithStoreConfigRef:
|
||||
name: default
|
||||
resources:
|
||||
- base:
|
||||
apiVersion: kubernetes.crossplane.io/v1alpha1
|
||||
kind: Object
|
||||
spec:
|
||||
forProvider:
|
||||
manifest:
|
||||
apiVersion: s3.gnu.one/v1alpha1
|
||||
kind: Bucket
|
||||
metadata:
|
||||
namespace: namespace
|
||||
spec:
|
||||
name: name
|
||||
name: bucket
|
||||
patches:
|
||||
- patchSetName: common
|
||||
type: PatchSet
|
||||
readinessChecks:
|
||||
- matchCondition:
|
||||
status: "True"
|
||||
type: Ready
|
||||
type: MatchCondition
|
||||
- base:
|
||||
apiVersion: kubernetes.crossplane.io/v1alpha1
|
||||
kind: Object
|
||||
spec:
|
||||
forProvider:
|
||||
manifest:
|
||||
apiVersion: postgresql.cnpg.io/v1
|
||||
kind: Cluster
|
||||
metadata:
|
||||
namespace: namespace
|
||||
spec:
|
||||
backup:
|
||||
barmanObjectStore:
|
||||
data:
|
||||
compression: gzip
|
||||
destinationPath: s3://backup
|
||||
endpointURL: http://s3-minio.s3.svc.cluster.local:9000
|
||||
s3Credentials:
|
||||
accessKeyId:
|
||||
key: access_key
|
||||
name: bucket-creds
|
||||
secretAccessKey:
|
||||
key: secret_key
|
||||
name: bucket-creds
|
||||
wal:
|
||||
compression: gzip
|
||||
retentionPolicy: 90d
|
||||
bootstrap:
|
||||
initdb:
|
||||
database: app
|
||||
owner: app
|
||||
externalClusters:
|
||||
- barmanObjectStore:
|
||||
destinationPath: s3://bucket/
|
||||
endpointURL: http://s3-minio.s3.svc.cluster.local:9000
|
||||
s3Credentials:
|
||||
accessKeyId:
|
||||
key: access_key
|
||||
name: bucket-creds
|
||||
secretAccessKey:
|
||||
key: secret_key
|
||||
name: bucket-creds
|
||||
wal:
|
||||
maxParallel: 8
|
||||
name: db
|
||||
imageName: ghcr.io/cloudnative-pg/postgresql:15
|
||||
instances: 1
|
||||
resources:
|
||||
limits:
|
||||
cpu: "1"
|
||||
memory: 1Gi
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 64Mi
|
||||
storage:
|
||||
size: 10Gi
|
||||
name: postgres-db
|
||||
patches:
|
||||
- patchSetName: common
|
||||
type: PatchSet
|
||||
- fromFieldPath: spec.name
|
||||
toFieldPath: spec.forProvider.manifest.spec.backup.barmanObjectStore.destinationPath
|
||||
transforms:
|
||||
- string:
|
||||
fmt: s3://%s/
|
||||
type: Format
|
||||
type: string
|
||||
type: FromCompositeFieldPath
|
||||
- fromFieldPath: spec.instances
|
||||
toFieldPath: spec.forProvider.manifest.spec.instances
|
||||
type: FromCompositeFieldPath
|
||||
- fromFieldPath: spec.name
|
||||
toFieldPath: spec.forProvider.manifest.spec.externalClusters[0].barmanObjectStore.destinationPath
|
||||
transforms:
|
||||
- string:
|
||||
fmt: s3://%s/
|
||||
type: Format
|
||||
type: string
|
||||
type: FromCompositeFieldPath
|
||||
- fromFieldPath: spec.storage.size
|
||||
toFieldPath: spec.forProvider.manifest.spec.storage.size
|
||||
type: FromCompositeFieldPath
|
||||
- fromFieldPath: spec.storage.class
|
||||
toFieldPath: spec.forProvider.manifest.spec.storage.storageClass
|
||||
type: FromCompositeFieldPath
|
||||
readinessChecks:
|
||||
- matchCondition:
|
||||
status: "True"
|
||||
type: Ready
|
||||
type: MatchCondition
|
||||
- base:
|
||||
apiVersion: kubernetes.crossplane.io/v1alpha1
|
||||
kind: Object
|
||||
spec:
|
||||
forProvider:
|
||||
manifest:
|
||||
apiVersion: postgresql.cnpg.io/v1
|
||||
kind: ScheduledBackup
|
||||
metadata:
|
||||
namespace: namespace
|
||||
spec:
|
||||
backupOwnerReference: self
|
||||
cluster:
|
||||
name: name
|
||||
schedule: 0 0 * * * *
|
||||
name: postgres-backup
|
||||
patches:
|
||||
- patchSetName: common
|
||||
type: PatchSet
|
||||
- fromFieldPath: spec.name
|
||||
toFieldPath: spec.forProvider.manifest.spec.cluster.name
|
||||
type: FromCompositeFieldPath
|
||||
readinessChecks:
|
||||
- matchCondition:
|
||||
status: "True"
|
||||
type: Ready
|
||||
type: MatchCondition
|
6
projects/crossplane/manifests/provider-kubernetes.yml
Normal file
6
projects/crossplane/manifests/provider-kubernetes.yml
Normal file
|
@ -0,0 +1,6 @@
|
|||
apiVersion: pkg.crossplane.io/v1
|
||||
kind: Provider
|
||||
metadata:
|
||||
name: provider-kubernetes
|
||||
spec:
|
||||
package: xpkg.upbound.io/crossplane-contrib/provider-kubernetes:v0.9.0
|
42
projects/crossplane/manifests/xrd-bucket.yml
Normal file
42
projects/crossplane/manifests/xrd-bucket.yml
Normal file
|
@ -0,0 +1,42 @@
|
|||
apiVersion: apiextensions.crossplane.io/v1
|
||||
kind: CompositeResourceDefinition
|
||||
metadata:
|
||||
name: xbuckets.s3.gnu.one
|
||||
spec:
|
||||
claimNames:
|
||||
kind: Bucket
|
||||
plural: buckets
|
||||
defaultCompositeDeletePolicy: Background
|
||||
defaultCompositionUpdatePolicy: Automatic
|
||||
group: s3.gnu.one
|
||||
names:
|
||||
kind: XBucket
|
||||
plural: xbuckets
|
||||
versions:
|
||||
- name: v1alpha1
|
||||
referenceable: true
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
properties:
|
||||
spec:
|
||||
properties:
|
||||
name:
|
||||
description: Name of the Bucket to create
|
||||
type: string
|
||||
secretName:
|
||||
default: bucket-creds
|
||||
description: Name of secret to write credentials to
|
||||
type: string
|
||||
required:
|
||||
- name
|
||||
type: object
|
||||
status:
|
||||
description: A Status represents the observed state
|
||||
properties:
|
||||
share:
|
||||
description: Freeform field containing status information
|
||||
type: object
|
||||
x-kubernetes-preserve-unknown-fields: true
|
||||
type: object
|
||||
type: object
|
||||
served: true
|
48
projects/crossplane/manifests/xrd-postgres.yml
Normal file
48
projects/crossplane/manifests/xrd-postgres.yml
Normal file
|
@ -0,0 +1,48 @@
|
|||
apiVersion: apiextensions.crossplane.io/v1
|
||||
kind: CompositeResourceDefinition
|
||||
metadata:
|
||||
name: xpostgres.db.gnu.one
|
||||
spec:
|
||||
claimNames:
|
||||
kind: Postgres
|
||||
plural: postgres
|
||||
defaultCompositeDeletePolicy: Background
|
||||
defaultCompositionUpdatePolicy: Automatic
|
||||
group: db.gnu.one
|
||||
names:
|
||||
kind: XPostgres
|
||||
plural: xpostgres
|
||||
versions:
|
||||
- name: v1alpha2
|
||||
referenceable: true
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
properties:
|
||||
spec:
|
||||
properties:
|
||||
name:
|
||||
description: Name of the DB to create
|
||||
type: string
|
||||
storage:
|
||||
class:
|
||||
default: '-'
|
||||
description: Storage Class to use for DB
|
||||
type: string
|
||||
size:
|
||||
default: 10Gi
|
||||
description: Size of DB Persistent Storage
|
||||
type: string
|
||||
type: object
|
||||
required:
|
||||
- name
|
||||
type: object
|
||||
status:
|
||||
description: A Status represents the observed state
|
||||
properties:
|
||||
share:
|
||||
description: Freeform field containing status information
|
||||
type: object
|
||||
x-kubernetes-preserve-unknown-fields: true
|
||||
type: object
|
||||
type: object
|
||||
served: true
|
Loading…
Reference in a new issue