DevFW-CICD/stacks
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

first commit

Browse source
This commit is contained in:
Richard Robert Reitz 2024-11-20 15:18:39 +01:00
commit 24ed43ec46
89 changed files with 14683 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

37
kind/stacks/crossplane-integrations/README.md Executable file
View file

@ -0,0 +1,37 @@
# Crossplane Integrations for Backstage
`idpBuilder` is extensible to launch custom Crossplane patterns using package extensions.
Please use the below command to deploy an IDP reference implementation with an Argo application for preparing up the setup for terraform integrations:
```bash
idpbuilder create \
--use-path-routing \
--package https://github.com/cnoe-io/stacks//ref-implementation \
--package https://github.com/cnoe-io/stacks//crossplane-integrations
```
## What is installed?
1. Crossplane Runtime
1. AWS providers
1. Basic Compositions
This needs your credentials for this to work. Follow the Crossplane installation documentation on how to add your credentials.
## Application with cloud resources.
With this integration, we can deploy an application with cloud resources using Backstage templates from the reference implementation, together with Crossplane integrations.
In this example, we will create an application with a S3 Bucket.
Choose a template named `App with S3 bucket`, type `demo3` as the name, then choose a region to create this bucket in.
Once you click the create button, you will have a very similar setup as the basic example.
The only difference is we now have a resource for a S3 Bucket which is managed by Crossplane.
Note that Bucket is **not** created because Crossplane doesn't have necessary credentials to do so.
If you'd like it to actually create a bucket, update [the credentials secret file](crossplane-providers/provider-secret.yaml), then run `idpbuilder create --package https://github.com/cnoe-io/stacks//ref-implementation`.
In this example, we used Crossplane to provision resources, but you can use other cloud resource management tools such as Terraform instead.
Regardless of your tool choice, concepts are the same. We use Backstage as the templating mechanism and UI for users, then use Kubernetes API with GitOps to deploy resources.

22
kind/stacks/crossplane-integrations/crossplane-compositions.yaml Executable file
View file

@ -0,0 +1,22 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: crossplane-compositions
namespace: argocd
labels:
env: dev
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: default
source:
repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot
targetRevision: HEAD
path: "stacks/crossplane-integrations/crossplane-compositions"
directory:
recurse: true
destination:
server: "https://kubernetes.default.svc"
namespace: crossplane-system
syncPolicy:
automated: {}

76
kind/stacks/crossplane-integrations/crossplane-compositions/s3/definition.yaml Normal file
View file

@ -0,0 +1,76 @@
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
apiVersion: apiextensions.crossplane.io/v1
kind: CompositeResourceDefinition
metadata:
name: xobjectstorages.awsblueprints.io
spec:
claimNames:
kind: ObjectStorage
plural: objectstorages
group: awsblueprints.io
names:
kind: XObjectStorage
plural: xobjectstorages
connectionSecretKeys:
- region
- bucket-name
- s3-put-policy
versions:
- name: v1alpha1
served: true
referenceable: true
schema:
openAPIV3Schema:
properties:
spec:
description: ObjectStorageSpec defines the desired state of ObjectStorage
properties:
resourceConfig:
description: ResourceConfig defines general properties of this AWS
resource.
properties:
deletionPolicy:
description: Defaults to Delete
enum:
- Delete
- Orphan
type: string
name:
description: Set the name of this resource in AWS to the value
provided by this field.
type: string
providerConfigName:
type: string
region:
type: string
tags:
items:
properties:
key:
type: string
value:
type: string
required:
- key
- value
type: object
type: array
required:
- providerConfigName
- region
- tags
type: object
required:
- resourceConfig
type: object
status:
description: ObjectStorageStatus defines the observed state of ObjectStorage
properties:
bucketName:
type: string
bucketArn:
type: string
type: object
type: object

80
kind/stacks/crossplane-integrations/crossplane-compositions/s3/general-purpose.yaml Normal file
View file

@ -0,0 +1,80 @@
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: s3bucket.awsblueprints.io
labels:
awsblueprints.io/provider: aws
awsblueprints.io/environment: dev
s3.awsblueprints.io/configuration: standard
spec:
writeConnectionSecretsToNamespace: crossplane-system
compositeTypeRef:
apiVersion: awsblueprints.io/v1alpha1
kind: XObjectStorage
patchSets:
- name: common-fields
patches:
- type: FromCompositeFieldPath
fromFieldPath: spec.resourceConfig.providerConfigName
toFieldPath: spec.providerConfigRef.name
- type: FromCompositeFieldPath
fromFieldPath: spec.resourceConfig.deletionPolicy
toFieldPath: spec.deletionPolicy
- type: FromCompositeFieldPath
fromFieldPath: spec.resourceConfig.region
toFieldPath: spec.forProvider.region
- type: FromCompositeFieldPath
fromFieldPath: spec.resourceConfig.name
toFieldPath: metadata.annotations[crossplane.io/external-name]
resources:
- name: s3-bucket
connectionDetails:
- name: bucket-name
fromConnectionSecretKey: endpoint
- name: region
fromConnectionSecretKey: region
base:
apiVersion: s3.aws.crossplane.io/v1beta1
kind: Bucket
spec:
deletionPolicy: Delete
forProvider:
objectOwnership: BucketOwnerEnforced
publicAccessBlockConfiguration:
blockPublicPolicy: true
restrictPublicBuckets: true
serverSideEncryptionConfiguration:
rules:
- applyServerSideEncryptionByDefault:
sseAlgorithm: AES256
tagging:
tagSet:
- key: cnoe
value: "1"
patches:
- type: PatchSet
patchSetName: common-fields
- type: FromCompositeFieldPath
fromFieldPath: spec.resourceConfig.tags
toFieldPath: spec.forProvider.tagging.tagSet
policy:
mergeOptions:
appendSlice: true
keepMapValues: true
- type: FromCompositeFieldPath
fromFieldPath: spec.resourceConfig.region
toFieldPath: spec.forProvider.locationConstraint
- fromFieldPath: spec.writeConnectionSecretToRef.namespace
toFieldPath: spec.writeConnectionSecretToRef.namespace
- type: ToCompositeFieldPath
fromFieldPath: metadata.annotations[crossplane.io/external-name]
toFieldPath: status.bucketName
- type: ToCompositeFieldPath
fromFieldPath: status.atProvider.arn
toFieldPath: status.bucketArn
- fromFieldPath: metadata.uid
toFieldPath: spec.writeConnectionSecretToRef.name
transforms:
- type: string
string:
fmt: "%s-bucket"

22
kind/stacks/crossplane-integrations/crossplane-providers.yaml Executable file
View file

@ -0,0 +1,22 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: crossplane-providers
namespace: argocd
labels:
env: dev
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: default
source:
repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot
targetRevision: HEAD
path: "stacks/crossplane-integrations/crossplane-providers"
destination:
server: "https://kubernetes.default.svc"
namespace: crossplane-system
syncPolicy:
automated: {}
syncOptions:
- CreateNamespace=true

6
kind/stacks/crossplane-integrations/crossplane-providers/provider-aws.yaml Normal file
View file

@ -0,0 +1,6 @@
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
name: provider-aws
spec:
package: xpkg.upbound.io/crossplane-contrib/provider-aws:v0.48.0

14
kind/stacks/crossplane-integrations/crossplane-providers/provider-config.yaml Normal file
View file

@ -0,0 +1,14 @@
apiVersion: aws.crossplane.io/v1beta1
kind: ProviderConfig
metadata:
name: default
annotations:
argocd.argoproj.io/sync-wave: "20"
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
spec:
credentials:
source: Secret
secretRef:
namespace: crossplane-system
name: local-secret
key: creds

11
kind/stacks/crossplane-integrations/crossplane-providers/provider-secret.yaml Normal file
View file

@ -0,0 +1,11 @@
apiVersion: v1
kind: Secret
metadata:
name: local-secret
namespace: crossplane-system
stringData:
creds: |
[default]
aws_access_key_id = replaceme
aws_secret_access_key = replaceme
aws_session_token = replacemeifneeded

26
kind/stacks/crossplane-integrations/crossplane.yaml Executable file
View file

@ -0,0 +1,26 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: crossplane
namespace: argocd
labels:
env: dev
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: default
source:
repoURL: 'https://charts.crossplane.io/stable'
targetRevision: 1.15.0
helm:
releaseName: crossplane
chart: crossplane
destination:
server: 'https://kubernetes.default.svc'
namespace: crossplane-system
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true