devops-toolkit/dot-kubernetes@v0.10.43cluster-aws
Resources (42)
The following resources are composed to implement the referenced Composite Resource Definition (XRD).
Kind
Group
Version
Cluster
eks.aws.crossplane.io
v1beta1
NodeGroup
eks.aws.crossplane.io
v1alpha1
Role
iam.aws.crossplane.io
v1beta1
Role
iam.aws.crossplane.io
v1beta1
RolePolicyAttachment
iam.aws.crossplane.io
v1beta1
RolePolicyAttachment
iam.aws.crossplane.io
v1beta1
RolePolicyAttachment
iam.aws.crossplane.io
v1beta1
RolePolicyAttachment
iam.aws.crossplane.io
v1beta1
RolePolicyAttachment
iam.aws.crossplane.io
v1beta1
VPC
ec2.aws.crossplane.io
v1beta1
SecurityGroup
ec2.aws.crossplane.io
v1beta1
Subnet
ec2.aws.crossplane.io
v1beta1
Subnet
ec2.aws.crossplane.io
v1beta1
Subnet
ec2.aws.crossplane.io
v1beta1
InternetGateway
ec2.aws.crossplane.io
v1beta1
RouteTable
ec2.aws.crossplane.io
v1beta1
ProviderConfig
helm.crossplane.io
v1beta1
Release
helm.crossplane.io
v1beta1
Release
helm.crossplane.io
v1beta1
ProviderConfig
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
Object
kubernetes.crossplane.io
v1alpha1
YAML
kind: Composition
apiVersion: apiextensions.crossplane.io/v1
metadata:
name: cluster-aws
creationTimestamp: null
labels:
cluster: eks
provider: aws
spec:
compositeTypeRef:
apiVersion: devopstoolkitseries.com/v1alpha1
kind: CompositeCluster
patchSets:
- name: metadata
patches:
- fromFieldPath: metadata.labels
resources:
- name: ekscluster
base:
apiVersion: eks.aws.crossplane.io/v1beta1
kind: Cluster
spec:
forProvider:
region: us-east-1
resourcesVpcConfig:
endpointPrivateAccess: true
endpointPublicAccess: true
subnetIdSelector:
matchControllerRef: true
roleArnSelector:
matchControllerRef: true
version: "1.23"
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
- fromFieldPath: spec.parameters.version
toFieldPath: spec.forProvider.version
- fromFieldPath: spec.id
toFieldPath: spec.writeConnectionSecretToRef.name
transforms:
- type: string
string:
fmt: "%s-cluster"
- fromFieldPath: spec.claimRef.namespace
toFieldPath: spec.writeConnectionSecretToRef.namespace
- fromFieldPath: spec.id
toFieldPath: spec.forProvider.roleArnSelector.matchLabels.role
transforms:
- type: string
string:
fmt: "%s-controlplane"
- type: ToCompositeFieldPath
fromFieldPath: metadata.name
toFieldPath: status.clusterName
- type: ToCompositeFieldPath
fromFieldPath: status.atProvider.status
toFieldPath: status.controlPlaneStatus
connectionDetails:
- fromConnectionSecretKey: kubeconfig
- name: value
fromConnectionSecretKey: kubeconfig
readinessChecks:
- type: MatchString
fieldPath: status.atProvider.status
matchString: ACTIVE
- name: eksnodegroup
base:
apiVersion: eks.aws.crossplane.io/v1alpha1
kind: NodeGroup
spec:
forProvider:
clusterNameSelector:
matchControllerRef: true
instanceTypes:
- t3.small
nodeRoleSelector:
matchControllerRef: true
region: us-east-1
scalingConfig:
desiredSize: 1
maxSize: 10
minSize: 1
subnetSelector:
matchControllerRef: true
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
- fromFieldPath: spec.parameters.nodeSize
toFieldPath: spec.forProvider.instanceTypes[0]
transforms:
- type: map
map:
large: t3.large
medium: t3.medium
small: t3.small
- fromFieldPath: spec.id
toFieldPath: spec.forProvider.nodeRoleSelector.matchLabels.role
transforms:
- type: string
string:
fmt: "%s-nodegroup"
- fromFieldPath: 1.parameters.minNodeCount
toFieldPath: spec.forProvider.scalingConfig.minSize
- fromFieldPath: spec.parameters.minNodeCount
toFieldPath: spec.forProvider.scalingConfig.desiredSize
- type: ToCompositeFieldPath
fromFieldPath: status.atProvider.status
toFieldPath: status.nodePoolStatus
readinessChecks:
- type: MatchString
fieldPath: status.atProvider.status
matchString: ACTIVE
- name: iamrole-controlplane
base:
apiVersion: iam.aws.crossplane.io/v1beta1
kind: Role
spec:
forProvider:
assumeRolePolicyDocument: |
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"eks.amazonaws.com"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
}
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-controlplane"
- fromFieldPath: spec.id
toFieldPath: metadata.labels.role
transforms:
- type: string
string:
fmt: "%s-controlplane"
- name: iamrole-nodegroup
base:
apiVersion: iam.aws.crossplane.io/v1beta1
kind: Role
spec:
forProvider:
assumeRolePolicyDocument: |
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"ec2.amazonaws.com"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
}
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-nodegroup"
- fromFieldPath: spec.id
toFieldPath: metadata.labels.role
transforms:
- type: string
string:
fmt: "%s-nodegroup"
- name: iamattachment-controlplane
base:
apiVersion: iam.aws.crossplane.io/v1beta1
kind: RolePolicyAttachment
spec:
forProvider:
policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy
roleNameSelector:
matchControllerRef: true
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-controlplane"
- fromFieldPath: spec.id
toFieldPath: spec.forProvider.roleNameSelector.matchLabels.role
transforms:
- type: string
string:
fmt: "%s-controlplane"
- name: iamattachment-service
base:
apiVersion: iam.aws.crossplane.io/v1beta1
kind: RolePolicyAttachment
spec:
forProvider:
policyArn: arn:aws:iam::aws:policy/AmazonEKSServicePolicy
roleNameSelector:
matchControllerRef: true
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-service"
- fromFieldPath: spec.id
toFieldPath: spec.forProvider.roleNameSelector.matchLabels.role
transforms:
- type: string
string:
fmt: "%s-controlplane"
- name: iamattachment-worker
base:
apiVersion: iam.aws.crossplane.io/v1beta1
kind: RolePolicyAttachment
spec:
forProvider:
policyArn: arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy
roleNameSelector:
matchControllerRef: true
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-worker"
- fromFieldPath: spec.id
toFieldPath: spec.forProvider.roleNameSelector.matchLabels.role
transforms:
- type: string
string:
fmt: "%s-nodegroup"
- name: iamattachment-cni
base:
apiVersion: iam.aws.crossplane.io/v1beta1
kind: RolePolicyAttachment
spec:
forProvider:
policyArn: arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
roleNameSelector:
matchControllerRef: true
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-cni"
- fromFieldPath: spec.id
toFieldPath: spec.forProvider.roleNameSelector.matchLabels.role
transforms:
- type: string
string:
fmt: "%s-nodegroup"
- name: iamattachment-registry
base:
apiVersion: iam.aws.crossplane.io/v1beta1
kind: RolePolicyAttachment
spec:
forProvider:
policyArn: arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly
roleNameSelector:
matchControllerRef: true
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-registry"
- fromFieldPath: spec.id
toFieldPath: spec.forProvider.roleNameSelector.matchLabels.role
transforms:
- type: string
string:
fmt: "%s-nodegroup"
- name: vpc-nodepool
base:
apiVersion: ec2.aws.crossplane.io/v1beta1
kind: VPC
spec:
forProvider:
cidrBlock: 10.0.0.0/16
enableDnsSupport: true
region: us-east-1
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
- name: sg-nodepool
base:
apiVersion: ec2.aws.crossplane.io/v1beta1
kind: SecurityGroup
spec:
forProvider:
description: Cluster communication with worker nodes
egress:
- ipProtocol: "-1"
ipRanges:
- cidrIp: 0.0.0.0/0
region: us-east-1
vpcIdSelector:
matchControllerRef: true
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
- fromFieldPath: spec.id
toFieldPath: spec.forProvider.groupName
readinessChecks:
- type: None
- name: subnet-nodepool-1a
base:
apiVersion: ec2.aws.crossplane.io/v1beta1
kind: Subnet
metadata:
labels:
access: public
zone: us-east-1a
spec:
forProvider:
availabilityZone: us-east-1a
cidrBlock: 10.0.0.0/24
mapPublicIPOnLaunch: true
region: us-east-1
tags:
- key: kubernetes.io/role/elb
value: "1"
vpcIdSelector:
matchControllerRef: true
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-1a"
- name: subnet-nodepool-1b
base:
apiVersion: ec2.aws.crossplane.io/v1beta1
kind: Subnet
metadata:
labels:
access: public
zone: us-east-1b
spec:
forProvider:
availabilityZone: us-east-1b
cidrBlock: 10.0.1.0/24
mapPublicIPOnLaunch: true
region: us-east-1
tags:
- key: kubernetes.io/role/elb
value: "1"
vpcIdSelector:
matchControllerRef: true
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-1b"
- name: subnet-nodepool-1c
base:
apiVersion: ec2.aws.crossplane.io/v1beta1
kind: Subnet
metadata:
labels:
access: public
zone: us-east-1c
spec:
forProvider:
availabilityZone: us-east-1c
cidrBlock: 10.0.2.0/24
mapPublicIPOnLaunch: true
region: us-east-1
tags:
- key: kubernetes.io/role/elb
value: "1"
vpcIdSelector:
matchControllerRef: true
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-1c"
- name: gateway
base:
apiVersion: ec2.aws.crossplane.io/v1beta1
kind: InternetGateway
spec:
forProvider:
region: us-east-1
vpcIdSelector:
matchControllerRef: true
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
- name: routetable
base:
apiVersion: ec2.aws.crossplane.io/v1beta1
kind: RouteTable
spec:
forProvider:
associations:
- subnetIdSelector:
matchControllerRef: true
matchLabels:
access: public
zone: us-east-1a
- subnetIdSelector:
matchControllerRef: true
matchLabels:
access: public
zone: us-east-1b
- subnetIdSelector:
matchControllerRef: true
matchLabels:
access: public
zone: us-east-1c
region: us-east-1
routes:
- destinationCidrBlock: 0.0.0.0/0
gatewayIdSelector:
matchControllerRef: true
vpcIdSelector:
matchControllerRef: true
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
- name: helm
base:
apiVersion: helm.crossplane.io/v1beta1
kind: ProviderConfig
spec:
credentials:
secretRef:
key: kubeconfig
source: Secret
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
- fromFieldPath: spec.claimRef.namespace
toFieldPath: spec.credentials.secretRef.namespace
- fromFieldPath: spec.id
toFieldPath: spec.credentials.secretRef.name
transforms:
- type: string
string:
fmt: "%s-cluster"
readinessChecks:
- type: None
- name: ingress
base:
apiVersion: helm.crossplane.io/v1beta1
kind: Release
spec:
forProvider:
chart:
name: ingress-nginx
repository: https://kubernetes.github.io/ingress-nginx
version: 4.2.0
namespace: ingress-nginx
values:
controller:
annotations:
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
service.beta.kubernetes.io/aws-load-balancer-type: nlb
ingressClassResource:
default: true
rollbackLimit: 3
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-ingress"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: crossplane
base:
apiVersion: helm.crossplane.io/v1beta1
kind: Release
spec:
forProvider:
chart:
name: crossplane
repository: https://charts.crossplane.io/stable
version: 1.9.0
namespace: crossplane-system
rollbackLimit: 3
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-crossplane"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: kubernetes
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: ProviderConfig
spec:
credentials:
secretRef:
key: kubeconfig
source: Secret
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
- fromFieldPath: spec.claimRef.namespace
toFieldPath: spec.credentials.secretRef.namespace
- fromFieldPath: spec.id
toFieldPath: spec.credentials.secretRef.name
transforms:
- type: string
string:
fmt: "%s-cluster"
readinessChecks:
- type: None
- name: ns-prod
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: v1
kind: Namespace
metadata:
name: production
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-ns-prod"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: ns-dev
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: v1
kind: Namespace
metadata:
name: dev
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-ns-dev"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: k8s-provider-sa
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: v1
kind: ServiceAccount
metadata:
name: provider-kubernetes
namespace: crossplane-system
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-k8s-provider-sa"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: k8s-provider-crd
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: provider-kubernetes
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: provider-kubernetes
namespace: crossplane-system
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-k8s-provider-crb"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: k8s-provider-cc
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: pkg.crossplane.io/v1alpha1
kind: ControllerConfig
metadata:
name: provider-kubernetes
spec:
serviceAccountName: provider-kubernetes
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-k8s-provider-cc"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: kubernetes-provider
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
name: crossplane-provider-kubernetes
spec:
controllerConfigRef:
name: provider-kubernetes
package: xpkg.upbound.io/crossplane-contrib/provider-kubernetes:v0.6.0
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-kubernetes-provider"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: helm-provider
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
name: crossplane-provider-helm
spec:
controllerConfigRef:
name: provider-kubernetes
package: xpkg.upbound.io/crossplane-contrib/provider-helm:v0.13.0
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-helm-provider"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: sql-provider
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
name: crossplane-provider-sql
spec:
package: crossplane/provider-sql:v0.5.0
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-sql-provider"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: config-app
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: pkg.crossplane.io/v1
kind: Configuration
metadata:
name: crossplane-app
spec:
package: xpkg.upbound.io/devops-toolkit/dot-application:v0.3.8
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-config-app"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: config-monitoring
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: pkg.crossplane.io/v1
kind: Configuration
metadata:
name: crossplane-monitoring
spec:
package: xpkg.upbound.io/devops-toolkit/dot-monitoring:v0.0.41
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-config-monitoring"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: config-sql
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: pkg.crossplane.io/v1
kind: Configuration
metadata:
name: crossplane-sql
spec:
package: xpkg.upbound.io/devops-toolkit/dot-sql:v0.7.14
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-config-sql"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: aws-p
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
name: crossplane-provider-aws
spec:
package: crossplane/provider-aws:v0.24.1
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-aws-p"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: aws-pc
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: aws.crossplane.io/v1beta1
kind: ProviderConfig
metadata:
name: default
spec:
credentials:
secretRef:
key: creds
name: aws-creds
namespace: crossplane-system
source: Secret
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-aws-pc"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: schemahero-ns
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: v1
kind: Namespace
metadata:
name: schemahero-system
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-schemahero-ns"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: schemahero-cr
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: schemahero-role
rules:
- apiGroups:
- apps
resources:
- deployments
- statefulsets
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- apps
resources:
- deployments/status
- statefulset/status
verbs:
- get
- update
- patch
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- pods/log
verbs:
- get
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- serviceaccounts
verbs:
- get
- list
- create
- update
- delete
- watch
- apiGroups:
- rbac.authorization.k8s.io
resources:
- roles
- rolebindings
verbs:
- get
- list
- create
- update
- delete
- watch
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
- validatingwebhookconfigurations
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- databases.schemahero.io
resources:
- databases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- databases.schemahero.io
resources:
- databases/status
verbs:
- get
- update
- patch
- apiGroups:
- schemas.schemahero.io
resources:
- migrations
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- schemas.schemahero.io
resources:
- migrations/status
verbs:
- get
- update
- patch
- apiGroups:
- schemas.schemahero.io
resources:
- tables
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- schemas.schemahero.io
resources:
- tables/status
verbs:
- get
- update
- patch
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-schemahero-cr"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: schemahero-crb
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
name: schemahero-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: schemahero-role
subjects:
- kind: ServiceAccount
name: default
namespace: schemahero-system
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-schemahero-crb"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: schemahero-service
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
name: controller-manager-service
namespace: schemahero-system
spec:
ports:
- port: 443
targetPort: 9876
selector:
control-plane: schemahero
status:
loadBalancer: {}
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-schemahero-service"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: schemahero-secret
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: v1
kind: Secret
metadata:
creationTimestamp: null
name: webhook-server-secret
namespace: schemahero-system
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-schemahero-secret"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: schemahero-sts
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: apps/v1
kind: StatefulSet
metadata:
creationTimestamp: null
labels:
control-plane: schemahero
name: schemahero
namespace: schemahero-system
spec:
selector:
matchLabels:
control-plane: schemahero
serviceName: ""
template:
metadata:
creationTimestamp: null
labels:
control-plane: schemahero
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
values:
- linux
- key: kubernetes.io/arch
operator: In
values:
- amd64
containers:
- command:
- /manager
- run
- --enable-database-controller
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: SECRET_NAME
value: webhook-server-secret
image: schemahero/schemahero-manager:0.13.2
imagePullPolicy: Always
name: manager
ports:
- containerPort: 9876
name: webhook-server
protocol: TCP
resources:
limits:
cpu: "1"
memory: 150Mi
requests:
cpu: 100m
memory: 50Mi
volumeMounts:
- mountPath: /tmp/cert
name: cert
readOnly: true
terminationGracePeriodSeconds: 10
volumes:
- name: cert
secret:
defaultMode: 420
secretName: webhook-server-secret
updateStrategy: {}
status:
availableReplicas: 0
replicas: 0
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-schemahero-sts"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: schemahero-crd-db
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: databases.databases.schemahero.io
spec:
group: databases.schemahero.io
names:
kind: Database
listKind: DatabaseList
plural: databases
singular: database
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.namespace
name: Namespace
priority: 1
type: string
- jsonPath: .spec.immediateDeploy
name: Deploy Immediately
priority: 1
type: boolean
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha4
schema:
openAPIV3Schema:
description: Database is the Schema for the databases API
properties:
apiVersion:
description: "APIVersion defines the versioned schema of this representation of
an object. Servers should convert recognized
schemas to the latest internal value, and may
reject unrecognized values. More info:
https://git.k8s.io/community/contributors/devel/s\
ig-architecture/api-conventions.md#resources"
type: string
kind:
description: "Kind is a string value representing the REST resource this object
represents. Servers may infer this from the
endpoint the client submits requests to. Cannot be
updated. In CamelCase. More info:
https://git.k8s.io/community/contributors/devel/s\
ig-architecture/api-conventions.md#types-kinds"
type: string
metadata:
type: object
spec:
properties:
connection:
description: DatabaseConnection defines connection parameters for the database
driver
properties:
cassandra:
properties:
hosts:
items:
type: string
type: array
keyspace:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
password:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
username:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
required:
- hosts
- keyspace
type: object
cockroachdb:
properties:
dbname:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
host:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
password:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
port:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
schema:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
sslmode:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
uri:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
user:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
type: object
mysql:
properties:
collation:
type: string
dbname:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
defaultCharset:
type: string
disableTLS:
type: boolean
host:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
password:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
port:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
uri:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
user:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
type: object
postgres:
properties:
dbname:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
host:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
password:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
port:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
schema:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
sslmode:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
uri:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
user:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
ssm:
properties:
accessKeyId:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
name:
type: string
region:
type: string
secretAccessKey:
properties:
value:
type: string
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
type: object
required:
- value
type: object
withDecryption:
type: boolean
required:
- name
type: object
vault:
properties:
agentInject:
type: boolean
connectionTemplate:
type: string
endpoint:
type: string
kubernetesAuthEndpoint:
type: string
role:
type: string
secret:
type: string
serviceAccount:
type: string
serviceAccountNamespace:
type: string
required:
- role
- secret
type: object
type: object
type: object
type: object
sqlite:
properties:
dsn:
type: string
required:
- dsn
type: object
type: object
deploySeedData:
type: boolean
enableShellCommand:
type: boolean
immediateDeploy:
default: false
type: boolean
schemahero:
properties:
image:
type: string
nodeSelector:
additionalProperties:
type: string
type: object
type: object
template:
properties:
metadata:
properties:
annotations:
additionalProperties:
type: string
type: object
finalizers:
items:
type: string
type: array
labels:
additionalProperties:
type: string
type: object
name:
type: string
namespace:
type: string
type: object
type: object
type: object
status:
description: DatabaseStatus defines the observed state of Database
properties:
isConnected:
type: boolean
lastPing:
type: string
required:
- isConnected
- lastPing
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-schemahero-crd-db"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: schemahero-crd-table
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: tables.schemas.schemahero.io
spec:
group: schemas.schemahero.io
names:
kind: Table
listKind: TableList
plural: tables
singular: table
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.namespace
name: Namespace
priority: 1
type: string
- jsonPath: .spec.name
name: Table
type: string
- jsonPath: .spec.database
name: Database
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha4
schema:
openAPIV3Schema:
description: Table is the Schema for the tables API
properties:
apiVersion:
description: "APIVersion defines the versioned schema of this representation of
an object. Servers should convert recognized
schemas to the latest internal value, and may
reject unrecognized values. More info:
https://git.k8s.io/community/contributors/devel/s\
ig-architecture/api-conventions.md#resources"
type: string
kind:
description: "Kind is a string value representing the REST resource this object
represents. Servers may infer this from the
endpoint the client submits requests to. Cannot be
updated. In CamelCase. More info:
https://git.k8s.io/community/contributors/devel/s\
ig-architecture/api-conventions.md#types-kinds"
type: string
metadata:
type: object
spec:
description: TableSpec defines the desired state of Table
properties:
database:
type: string
name:
type: string
requires:
items:
type: string
type: array
schema:
properties:
cassandra:
properties:
clusteringOrder:
properties:
column:
type: string
isDescending:
type: boolean
required:
- column
type: object
columns:
items:
properties:
isStatic:
type: boolean
name:
type: string
type:
type: string
required:
- name
- type
type: object
type: array
isDeleted:
type: boolean
primaryKey:
items:
items:
type: string
type: array
type: array
properties:
properties:
bloomFilterFPChance:
type: string
caching:
additionalProperties:
type: string
type: object
comment:
type: string
compaction:
additionalProperties:
type: string
type: object
compression:
additionalProperties:
type: string
type: object
crcCheckChance:
type: string
dcLocalReadRepairChance:
type: string
defaultTTL:
type: integer
gcGraceSeconds:
type: integer
maxIndexInterval:
type: integer
memtableFlushPeriodMs:
type: integer
minIndexInterval:
type: integer
readRepairChance:
type: string
speculativeRetry:
type: string
type: object
type: object
cockroachdb:
properties:
columns:
items:
properties:
attributes:
properties:
autoIncrement:
type: boolean
type: object
constraints:
properties:
notNull:
type: boolean
type: object
default:
type: string
name:
type: string
type:
type: string
required:
- name
- type
type: object
type: array
foreignKeys:
items:
properties:
columns:
items:
type: string
type: array
name:
type: string
onDelete:
type: string
references:
properties:
columns:
items:
type: string
type: array
table:
type: string
required:
- columns
- table
type: object
required:
- columns
- references
type: object
type: array
indexes:
items:
properties:
columns:
items:
type: string
type: array
isUnique:
type: boolean
name:
type: string
type:
type: string
required:
- columns
type: object
type: array
isDeleted:
type: boolean
json:triggers:
items:
properties:
arguments:
items:
type: string
type: array
condition:
type: string
constraintTrigger:
type: boolean
events:
items:
type: string
type: array
executeProcedure:
type: string
forEachRun:
type: boolean
forEachStatement:
type: boolean
name:
type: string
required:
- events
- executeProcedure
type: object
type: array
primaryKey:
items:
type: string
type: array
type: object
mysql:
properties:
collation:
type: string
columns:
items:
properties:
attributes:
properties:
autoIncrement:
type: boolean
type: object
charset:
type: string
collation:
type: string
constraints:
properties:
notNull:
type: boolean
type: object
default:
type: string
name:
type: string
type:
type: string
required:
- name
- type
type: object
type: array
defaultCharset:
type: string
foreignKeys:
items:
properties:
columns:
items:
type: string
type: array
name:
type: string
onDelete:
type: string
references:
properties:
columns:
items:
type: string
type: array
table:
type: string
required:
- columns
- table
type: object
required:
- columns
- references
type: object
type: array
indexes:
items:
properties:
columns:
items:
type: string
type: array
isUnique:
type: boolean
name:
type: string
type:
type: string
required:
- columns
type: object
type: array
isDeleted:
type: boolean
primaryKey:
items:
type: string
type: array
type: object
postgres:
properties:
columns:
items:
properties:
attributes:
properties:
autoIncrement:
type: boolean
type: object
constraints:
properties:
notNull:
type: boolean
type: object
default:
type: string
name:
type: string
type:
type: string
required:
- name
- type
type: object
type: array
foreignKeys:
items:
properties:
columns:
items:
type: string
type: array
name:
type: string
onDelete:
type: string
references:
properties:
columns:
items:
type: string
type: array
table:
type: string
required:
- columns
- table
type: object
required:
- columns
- references
type: object
type: array
indexes:
items:
properties:
columns:
items:
type: string
type: array
isUnique:
type: boolean
name:
type: string
type:
type: string
required:
- columns
type: object
type: array
isDeleted:
type: boolean
json:triggers:
items:
properties:
arguments:
items:
type: string
type: array
condition:
type: string
constraintTrigger:
type: boolean
events:
items:
type: string
type: array
executeProcedure:
type: string
forEachRun:
type: boolean
forEachStatement:
type: boolean
name:
type: string
required:
- events
- executeProcedure
type: object
type: array
primaryKey:
items:
type: string
type: array
type: object
sqlite:
properties:
columns:
items:
properties:
attributes:
properties:
autoIncrement:
type: boolean
type: object
constraints:
properties:
notNull:
type: boolean
type: object
default:
type: string
name:
type: string
type:
type: string
required:
- name
- type
type: object
type: array
foreignKeys:
items:
properties:
columns:
items:
type: string
type: array
name:
type: string
onDelete:
type: string
references:
properties:
columns:
items:
type: string
type: array
table:
type: string
required:
- columns
- table
type: object
required:
- columns
- references
type: object
type: array
indexes:
items:
properties:
columns:
items:
type: string
type: array
isUnique:
type: boolean
name:
type: string
type:
type: string
required:
- columns
type: object
type: array
isDeleted:
type: boolean
primaryKey:
items:
type: string
type: array
type: object
type: object
seedData:
properties:
rows:
items:
properties:
columns:
items:
properties:
column:
type: string
value:
properties:
int:
type: integer
str:
type: string
type: object
required:
- column
- value
type: object
type: array
required:
- columns
type: object
type: array
required:
- rows
type: object
required:
- database
- name
type: object
status:
description: TableStatus defines the observed state of Table
properties:
lastPlannedTableSpecSHA:
description: We store the SHA of the table spec from the last time we executed a
plan to make startup less noisy by skipping
re-planning objects that have been planned we
cannot use the resourceVersion or generation
fields because updating them would cause the
object to be modified again
type: string
type: object
type: object
served: true
storage: true
subresources: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-schemahero-crd-table"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
- name: schemahero-crd-migration
base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
forProvider:
manifest:
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: migrations.schemas.schemahero.io
spec:
group: schemas.schemahero.io
names:
kind: Migration
listKind: MigrationList
plural: migrations
singular: migration
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.databaseName
name: Database
type: string
- jsonPath: .spec.tableName
name: Table
type: string
- jsonPath: .metadata.namespace
name: Namespace
priority: 1
type: string
- jsonPath: .status.phase
name: Phase
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha4
schema:
openAPIV3Schema:
description: Migration is the Schema for the migrations API
properties:
apiVersion:
description: "APIVersion defines the versioned schema of this representation of
an object. Servers should convert recognized
schemas to the latest internal value, and may
reject unrecognized values. More info:
https://git.k8s.io/community/contributors/devel/s\
ig-architecture/api-conventions.md#resources"
type: string
kind:
description: "Kind is a string value representing the REST resource this object
represents. Servers may infer this from the
endpoint the client submits requests to. Cannot be
updated. In CamelCase. More info:
https://git.k8s.io/community/contributors/devel/s\
ig-architecture/api-conventions.md#types-kinds"
type: string
metadata:
type: object
spec:
description: MigrationSpec defines the desired state of Migration
properties:
databaseName:
type: string
editedDDL:
type: string
generatedDDL:
type: string
tableName:
type: string
tableNamespace:
type: string
required:
- tableName
- tableNamespace
type: object
status:
description: MigrationStatus defines the observed state of Migration
properties:
approvedAt:
format: int64
type: integer
executedAt:
format: int64
type: integer
invalidatedAt:
description: InvalidatedAt is the unix nano timestamp when this plan was
determined to be invalid or outdated
format: int64
type: integer
phase:
enum:
- PLANNED
- APPROVED
- EXECUTED
- INVALID
type: string
plannedAt:
description: PlannedAt is the unix nano timestamp when the plan was generated
format: int64
type: integer
rejectedAt:
format: int64
type: integer
type: object
type: object
served: true
storage: true
subresources: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
transforms:
- type: string
string:
fmt: "%s-schemahero-crd-migration"
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
writeConnectionSecretsToNamespace: crossplane-system
Marketplace
© 2022 Upbound, Inc.
Marketplace
Discover the building blocksfor your internal cloud platform.