-
Notifications
You must be signed in to change notification settings - Fork 3
/
composition.yaml
181 lines (179 loc) · 7.07 KB
/
composition.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: xaks.azure.platform.upbound.io
labels:
provider: azure
spec:
compositeTypeRef:
apiVersion: azure.platform.upbound.io/v1alpha1
kind: XAKS
mode: Pipeline
pipeline:
- step: patch-and-transform
functionRef:
name: crossplane-contrib-function-patch-and-transform
input:
apiVersion: pt.fn.crossplane.io/v1beta1
kind: Resources
patchSets:
- name: providerConfigRef
patches:
- fromFieldPath: spec.parameters.providerConfigName
toFieldPath: spec.providerConfigRef.name
type: FromCompositeFieldPath
- name: deletionPolicy
patches:
- fromFieldPath: spec.parameters.deletionPolicy
toFieldPath: spec.deletionPolicy
type: FromCompositeFieldPath
- name: region
patches:
- fromFieldPath: spec.parameters.region
toFieldPath: spec.forProvider.location
type: FromCompositeFieldPath
resources:
- name: kubernetesCluster
base:
apiVersion: containerservice.azure.upbound.io/v1beta2
kind: KubernetesCluster
spec:
forProvider:
defaultNodePool:
name: default
identity:
type: SystemAssigned
oidcIssuerEnabled: true
workloadIdentityEnabled: true
connectionDetails:
- fromConnectionSecretKey: kubeconfig
name: kubeconfig
type: FromConnectionSecretKey
patches:
- type: PatchSet
patchSetName: providerConfigRef
- type: PatchSet
patchSetName: deletionPolicy
- type: PatchSet
patchSetName: region
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.version
toFieldPath: spec.forProvider.kubernetesVersion
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: '%s-aks'
type: Format
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.id
toFieldPath: spec.forProvider.resourceGroupNameSelector.matchLabels[azure.platform.upbound.io/network-id]
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.id
toFieldPath: spec.forProvider.defaultNodePool.vnetSubnetIdSelector.matchLabels[azure.platform.upbound.io/network-id]
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.id
toFieldPath: spec.forProvider.dnsPrefix
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.nodes.instanceType
toFieldPath: spec.forProvider.defaultNodePool.vmSize
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.nodes.count
toFieldPath: spec.forProvider.defaultNodePool.nodeCount
- type: FromCompositeFieldPath
fromFieldPath: spec.writeConnectionSecretToRef.namespace
toFieldPath: spec.writeConnectionSecretToRef.namespace
- type: FromCompositeFieldPath
fromFieldPath: metadata.uid
toFieldPath: spec.writeConnectionSecretToRef.name
transforms:
- type: string
string:
fmt: '%s-akscluster'
type: Format
- type: ToCompositeFieldPath
fromFieldPath: status.atProvider.oidcIssuerUrl
policy:
fromFieldPath: Optional
toFieldPath: status.aks.oidcUrl
- name: workloadIdentitySettings
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
deletionPolicy: Orphan
forProvider:
manifest:
apiVersion: v1
kind: ConfigMap
metadata:
namespace: default
patches:
- fromFieldPath: spec.parameters.id
toFieldPath: spec.providerConfigRef.name
type: FromCompositeFieldPath
- fromFieldPath: spec.parameters.id
toFieldPath: spec.forProvider.manifest.metadata.name
transforms:
- string:
fmt: '%s-workloadidentity-settings'
type: Format
type: string
type: FromCompositeFieldPath
- fromFieldPath: status.aks.oidcUrl
toFieldPath: spec.forProvider.manifest.data.oidc_url
type: FromCompositeFieldPath
- name: providerConfigHelm
base:
apiVersion: helm.crossplane.io/v1beta1
kind: ProviderConfig
spec:
credentials:
secretRef:
key: kubeconfig
source: Secret
patches:
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.id
toFieldPath: metadata.name
- type: FromCompositeFieldPath
fromFieldPath: spec.writeConnectionSecretToRef.namespace
toFieldPath: spec.credentials.secretRef.namespace
- type: FromCompositeFieldPath
fromFieldPath: metadata.uid
toFieldPath: spec.credentials.secretRef.name
transforms:
- type: string
string:
fmt: '%s-akscluster'
type: Format
readinessChecks:
- type: None
- name: providerConfigKubernetes
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: ProviderConfig
spec:
credentials:
secretRef:
key: kubeconfig
source: Secret
patches:
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.id
toFieldPath: metadata.name
- type: FromCompositeFieldPath
fromFieldPath: spec.writeConnectionSecretToRef.namespace
toFieldPath: spec.credentials.secretRef.namespace
- type: FromCompositeFieldPath
fromFieldPath: metadata.uid
toFieldPath: spec.credentials.secretRef.name
transforms:
- type: string
string:
fmt: '%s-akscluster'
type: Format
readinessChecks:
- type: None