Marketplace
BrowsePublish
Marketplace
devops-toolkit/dot-kubernetes@v0.12.80
cluster-azure

cluster-azure

cluster-azure
devops-toolkit/dot-kubernetes@v0.12.80cluster-azure
Type

Composition

Referenced XRD

CompositeCluster

Source Codegithub.com/vfarcic/crossplane-kubernetes
YAML
kind: Composition
apiVersion: apiextensions.crossplane.io/v1
metadata:
  name: cluster-azure
  creationTimestamp: null
  labels:
    cluster: aks
    provider: azure
spec:
  compositeTypeRef:
    apiVersion: devopstoolkitseries.com/v1alpha1
    kind: CompositeCluster
  mode: Pipeline
  pipeline:
    - step: patch-and-transform
      functionRef:
        name: crossplane-contrib-function-patch-and-transform
      input:
        apiVersion: pt.fn.crossplane.io/v1beta1
        kind: Resources
        resources:
          - base:
              apiVersion: azure.upbound.io/v1beta1
              kind: ResourceGroup
              spec:
                forProvider:
                  location: eastus
            name: resourcegroup
            patches:
              - fromFieldPath: spec.id
                toFieldPath: metadata.name
          - base:
              apiVersion: containerservice.azure.upbound.io/v1beta1
              kind: KubernetesCluster
              spec:
                forProvider:
                  defaultNodePool:
                    - enableAutoScaling: true
                      maxCount: 10
                      vmSize: Standard_D2_v2
                  dnsPrefix: dot
                  identity:
                    - type: SystemAssigned
                  location: eastus
                  networkProfile:
                    - networkPlugin: none
            connectionDetails:
              - fromConnectionSecretKey: kubeconfig
                name: kubeconfig
                type: FromConnectionSecretKey
              - fromConnectionSecretKey: kubeconfig
                name: value
                type: FromConnectionSecretKey
            name: aks
            patches:
              - fromFieldPath: spec.id
                toFieldPath: metadata.name
              - fromFieldPath: spec.id
                toFieldPath: spec.writeConnectionSecretToRef.name
                transforms:
                  - string:
                      fmt: "%s-cluster"
                      type: Format
                    type: string
              - fromFieldPath: spec.claimRef.namespace
                toFieldPath: spec.writeConnectionSecretToRef.namespace
              - fromFieldPath: spec.id
                toFieldPath: spec.forProvider.defaultNodePool[0].name
              - fromFieldPath: spec.id
                toFieldPath: spec.forProvider.resourceGroupName
              - fromFieldPath: spec.parameters.version
                toFieldPath: spec.forProvider.kubernetesVersion
              - fromFieldPath: spec.parameters.minNodeCount
                toFieldPath: spec.forProvider.defaultNodePool[0].minCount
              - fromFieldPath: spec.parameters.nodeSize
                toFieldPath: spec.forProvider.defaultNodePool[0].vmSize
                transforms:
                  - map:
                      large: Standard_D4_v2
                      medium: Standard_D3_v2
                      small: Standard_D2_v2
                    type: map
              - fromFieldPath: metadata.name
                toFieldPath: status.clusterName
                type: ToCompositeFieldPath
              - fromFieldPath: status.conditions[0].reason
                toFieldPath: status.controlPlaneStatus
                type: ToCompositeFieldPath
              - fromFieldPath: status.conditions[0].reason
                toFieldPath: status.nodePoolStatus
                type: ToCompositeFieldPath
          - base:
              apiVersion: helm.crossplane.io/v1beta1
              kind: ProviderConfig
              spec:
                credentials:
                  secretRef:
                    key: kubeconfig
                    name: kubeconfig
                    namespace: crossplane-system
                  source: Secret
            name: helm
            patches:
              - fromFieldPath: spec.id
                toFieldPath: metadata.name
              - fromFieldPath: spec.claimRef.namespace
                toFieldPath: spec.credentials.secretRef.namespace
              - fromFieldPath: spec.id
                toFieldPath: spec.credentials.secretRef.name
                transforms:
                  - string:
                      fmt: "%s-cluster"
                      type: Format
                    type: string
            readinessChecks:
              - type: None
          - base:
              apiVersion: helm.crossplane.io/v1beta1
              kind: ProviderConfig
              spec:
                credentials:
                  source: InjectedIdentity
            name: helm-local
            patches:
              - fromFieldPath: spec.id
                toFieldPath: metadata.name
                transforms:
                  - string:
                      fmt: "%s-local"
                      type: Format
                    type: string
              - fromFieldPath: metadata.annotations
                toFieldPath: metadata.annotations
            readinessChecks:
              - type: None
          - base:
              apiVersion: helm.crossplane.io/v1beta1
              kind: Release
              spec:
                forProvider:
                  chart:
                    name: cilium
                    repository: https://helm.cilium.io
                    version: 1.14.2
                  namespace: kube-system
                  set:
                    - name: aksbyocni.enabled
                      value: "true"
                    - name: nodeinit.enabled
                      value: "true"
                    - name: authentication.mutual.spire.enabled
                      value: "true"
                    - name: authentication.mutual.spire.install.enabled
                      value: "true"
                rollbackLimit: 3
            name: cilium
            patches:
              - fromFieldPath: spec.id
                toFieldPath: metadata.name
                transforms:
                  - string:
                      fmt: "%s-cilium"
                      type: Format
                    type: string
              - fromFieldPath: spec.id
                toFieldPath: spec.providerConfigRef.name
          - base:
              apiVersion: kubernetes.crossplane.io/v1alpha1
              kind: ProviderConfig
              spec:
                credentials:
                  secretRef:
                    key: kubeconfig
                    name: kubeconfig
                    namespace: crossplane-system
                  source: Secret
            name: kubernetes
            patches:
              - fromFieldPath: spec.id
                toFieldPath: metadata.name
              - fromFieldPath: spec.claimRef.namespace
                toFieldPath: spec.credentials.secretRef.namespace
              - fromFieldPath: spec.id
                toFieldPath: spec.credentials.secretRef.name
                transforms:
                  - string:
                      fmt: "%s-cluster"
                      type: Format
                    type: string
            readinessChecks:
              - type: None
    - step: app-crossplane
      functionRef:
        name: crossplane-contrib-function-go-templating
      input:
        apiVersion: gotemplating.fn.crossplane.io/v1beta1
        inline:
          template: >-
            {{ if
            .observed.composite.resource.spec.parameters.apps.crossplane.enabled
            }}

            ---

            apiVersion: helm.crossplane.io/v1beta1

            kind: Release

            metadata:
              name: '{{ $.observed.composite.resource.spec.id }}-app-crossplane'
              annotations:
                crossplane.io/external-name: crossplane
                gotemplating.fn.crossplane.io/composition-resource-name: '{{ $.observed.composite.resource.spec.id }}-app-crossplane'
            spec:
              forProvider:
                chart:
                  name: crossplane
                  repository: https://charts.crossplane.io/stable
                  version: 1.14.5
                  url: ""
                set: []
                values: {}
                namespace: crossplane-system
              rollbackLimit: 3
              providerConfigRef:
                name: '{{ $.observed.composite.resource.spec.id }}'

            {{ end }}
        kind: GoTemplate
        source: Inline
    - step: app-openfunction
      functionRef:
        name: crossplane-contrib-function-go-templating
      input:
        apiVersion: gotemplating.fn.crossplane.io/v1beta1
        inline:
          template: >-
            {{ if
            .observed.composite.resource.spec.parameters.apps.openfunction.enabled
            }}

            ---

            apiVersion: helm.crossplane.io/v1beta1

            kind: Release

            metadata:
              name: '{{ $.observed.composite.resource.spec.id }}-app-openfunction'
              annotations:
                crossplane.io/external-name: openfunction
                gotemplating.fn.crossplane.io/composition-resource-name: '{{ $.observed.composite.resource.spec.id }}-app-openfunction'
            spec:
              forProvider:
                chart:
                  name: openfunction
                  repository: ""
                  version: ""
                  url: https://openfunction.github.io/charts/openfunction-v1.2.0-v0.7.0.tgz
                set:
                  - name: revisionController.enable
                    value: "true"
                values: {}
                namespace: openfunction
              rollbackLimit: 3
              providerConfigRef:
                name: '{{ $.observed.composite.resource.spec.id }}'

            {{ end }}
        kind: GoTemplate
        source: Inline
    - step: app-dapr
      functionRef:
        name: crossplane-contrib-function-go-templating
      input:
        apiVersion: gotemplating.fn.crossplane.io/v1beta1
        inline:
          template: >-
            {{ if .observed.composite.resource.spec.parameters.apps.dapr.enabled
            }}

            ---

            apiVersion: helm.crossplane.io/v1beta1

            kind: Release

            metadata:
              name: '{{ $.observed.composite.resource.spec.id }}-app-dapr'
              annotations:
                crossplane.io/external-name: dapr
                gotemplating.fn.crossplane.io/composition-resource-name: '{{ $.observed.composite.resource.spec.id }}-app-dapr'
            spec:
              forProvider:
                chart:
                  name: dapr
                  repository: https://dapr.github.io/helm-charts/
                  version: 1.12.4
                  url: ""
                set: []
                values: {}
                namespace: dapr-system
              rollbackLimit: 3
              providerConfigRef:
                name: '{{ $.observed.composite.resource.spec.id }}'

            {{ end }}
        kind: GoTemplate
        source: Inline
    - step: app-traefik
      functionRef:
        name: crossplane-contrib-function-go-templating
      input:
        apiVersion: gotemplating.fn.crossplane.io/v1beta1
        inline:
          template: >-
            {{ if
            .observed.composite.resource.spec.parameters.apps.traefik.enabled }}

            ---

            apiVersion: helm.crossplane.io/v1beta1

            kind: Release

            metadata:
              name: '{{ $.observed.composite.resource.spec.id }}-app-traefik'
              annotations:
                crossplane.io/external-name: traefik
                gotemplating.fn.crossplane.io/composition-resource-name: '{{ $.observed.composite.resource.spec.id }}-app-traefik'
            spec:
              forProvider:
                chart:
                  name: traefik
                  repository: https://helm.traefik.io/traefik
                  version: 26.0.0
                  url: ""
                set: []
                values: {}
                namespace: traefik
              rollbackLimit: 3
              providerConfigRef:
                name: '{{ $.observed.composite.resource.spec.id }}'

            {{ end }}
        kind: GoTemplate
        source: Inline
    - step: app-dynatrace
      functionRef:
        name: crossplane-contrib-function-go-templating
      input:
        apiVersion: gotemplating.fn.crossplane.io/v1beta1
        inline:
          template: >-
            {{ if
            .observed.composite.resource.spec.parameters.apps.dynatrace.enabled
            }}

            ---

            apiVersion: helm.crossplane.io/v1beta1

            kind: Release

            metadata:
              name: '{{ $.observed.composite.resource.spec.id }}-app-dynatrace-operator'
              annotations:
                crossplane.io/external-name: dynatrace-operator
                gotemplating.fn.crossplane.io/composition-resource-name: '{{ $.observed.composite.resource.spec.id }}-app-dynatrace-operator'
            spec:
              forProvider:
                chart:
                  name: dynatrace-operator
                  repository: https://raw.githubusercontent.com/Dynatrace/dynatrace-operator/main/config/helm/repos/stable
                  version: 0.15.0
                  url: ""
                set:
                  - name: installCRD
                    value: "true"
                  - name: csidriver.enabled
                    value: "true"
                values: {}
                namespace: dynatrace
              rollbackLimit: 3
              providerConfigRef:
                name: '{{ $.observed.composite.resource.spec.id }}'

            ---

            apiVersion: kubernetes.crossplane.io/v1alpha2

            kind: Object

            metadata:
              name: '{{ $.observed.composite.resource.spec.id }}-app-dynakube'
              annotations:
                crossplane.io/external-name: dynakube
                gotemplating.fn.crossplane.io/composition-resource-name: '{{ $.observed.composite.resource.spec.id }}-app-dynakube'
            spec:
              forProvider:
                manifest:
                  apiVersion: dynatrace.com/v1beta1
                  kind: DynaKube
                  metadata:
                    name: '{{ $.observed.composite.resource.spec.id }}'
                    namespace: dynatrace
                    annotations:
                      feature.dynatrace.com/k8s-app-enabled: "true"
                  spec:
                    apiUrl: '{{ $.observed.composite.resource.spec.parameters.apps.dynatrace.apiUrl }}'
                    oneAgent:
                      cloudNativeFullStack:
                        image: ""
                    activeGate:
                      capabilities:
                        - kubernetes-monitoring
                        - routing
                        - metrics-ingest
                        - dynatrace-api
                      image: ""
                      resources:
                        requests:
                          cpu: 500m
                          memory: 512Mi
                        limits:
                          cpu: 1000m
                          memory: 1.5Gi
              providerConfigRef:
                name: '{{ $.observed.composite.resource.spec.id }}'

            ---

            apiVersion: helm.crossplane.io/v1beta1

            kind: Release

            metadata:
              name: '{{ $.observed.composite.resource.spec.id }}-app-dynatrace-dashboard'
              annotations:
                crossplane.io/external-name: dynatrace-dashboard
                gotemplating.fn.crossplane.io/composition-resource-name: '{{ $.observed.composite.resource.spec.id }}-app-dynatrace-dashboard'
            spec:
              forProvider:
                chart:
                  name: kubernetes-cluster
                  repository: https://katharinasick.github.io/crossplane-observability-demo-dynatrace
                  version: 0.2.2
                  url: ""
                set: []
                values:
                  oauthCredentialsSecretName: '{{ $.observed.composite.resource.spec.parameters.apps.dynatrace.oathCredentialsSecretName }}'
                  cluster: '{{ $.observed.composite.resource.spec.id }}'
                  dashboards:
                    clusterOverview:
                      enabled: true
                    crossplaneMetrics:
                      enabled: false
                namespace: dynatrace
              rollbackLimit: 3
              providerConfigRef:
                name: '{{ $.observed.composite.resource.spec.id }}-local'

            {{ end }}
        kind: GoTemplate
        source: Inline
    - step: app-external-secrets
      functionRef:
        name: crossplane-contrib-function-go-templating
      input:
        apiVersion: gotemplating.fn.crossplane.io/v1beta1
        inline:
          template: >-
            {{ if
            .observed.composite.resource.spec.parameters.apps.externalSecrets.enabled
            }}

            ---

            apiVersion: helm.crossplane.io/v1beta1

            kind: Release

            metadata:
              name: '{{ $.observed.composite.resource.spec.id }}-app-external-secrets'
              annotations:
                crossplane.io/external-name: external-secrets
                gotemplating.fn.crossplane.io/composition-resource-name: '{{ $.observed.composite.resource.spec.id }}-app-external-secrets'
            spec:
              forProvider:
                chart:
                  name: external-secrets
                  repository: https://charts.external-secrets.io
                  version: 0.9.11
                  url: ""
                set:
                  - name: installCRDs
                    value: "true"
                values: {}
                namespace: external-secrets
              rollbackLimit: 3
              providerConfigRef:
                name: '{{ $.observed.composite.resource.spec.id }}'

            {{ end }}
        kind: GoTemplate
        source: Inline
    - step: secret-store
      functionRef:
        name: crossplane-contrib-function-go-templating
      input:
        apiVersion: gotemplating.fn.crossplane.io/v1beta1
        inline:
          template: >-
            {{ if and
            .observed.composite.resource.spec.parameters.apps.externalSecrets.enabled
            .observed.composite.resource.spec.parameters.apps.externalSecrets.store
            .observed.composite.resource.spec.parameters.apps.externalSecrets.azureVaultUrl
            }}

            ---

            apiVersion: kubernetes.crossplane.io/v1alpha2

            kind: Object

            metadata:
              name: {{ $.observed.composite.resource.spec.id }}-secret-store
              annotations:
                crossplane.io/external-name: azure
                gotemplating.fn.crossplane.io/composition-resource-name: {{ $.observed.composite.resource.spec.id }}-secret-store
            spec:
              forProvider:
                manifest:
                  apiVersion: external-secrets.io/v1beta1
                  kind: ClusterSecretStore
                  metadata:
                    name: azure
                  spec:
                    provider:
                      azurekv:
                        authType: ManagedIdentity
                        vaultUrl: {{ $.observed.composite.resource.spec.parameters.apps.externalSecrets.azureVaultUrl }}
              providerConfigRef:
                name: {{ $.observed.composite.resource.spec.id }}
            {{ end }}
        kind: GoTemplate
        source: Inline
    - step: secrets
      functionRef:
        name: crossplane-contrib-function-go-templating
      input:
        apiVersion: gotemplating.fn.crossplane.io/v1beta1
        inline:
          template: >-
            {{ range
            .observed.composite.resource.spec.parameters.apps.externalSecrets.secrets
            }}

            ---

            apiVersion: kubernetes.crossplane.io/v1alpha2

            kind: Object

            metadata:
              name: '{{ $.observed.composite.resource.spec.id }}-secret-{{ .toSecret }}'
              annotations:
                crossplane.io/external-name: '{{ .toSecret }}'
                gotemplating.fn.crossplane.io/composition-resource-name: '{{ $.observed.composite.resource.spec.id }}-secret-{{ .toSecret }}'
            spec:
              forProvider:
                manifest:
                  apiVersion: external-secrets.io/v1beta1
                  kind: ExternalSecret
                  metadata:
                    name: '{{ .toSecret }}'
                    namespace: '{{ .toNamespace }}'
                  spec:
                    refreshInterval: 1h
                    secretStoreRef:
                      kind: ClusterSecretStore
                      name: azure
                    target:
                      name: '{{ .toSecret }}'
                      creationPolicy: Owner
                      template:
                        type: '{{ .type }}'
                    dataFrom:
                      - extract:
                          key: '{{ .fromSecret }}'
              providerConfigRef:
                name: '{{ $.observed.composite.resource.spec.id }}'

            {{ end }}
        kind: GoTemplate
        source: Inline
    - step: namespaces
      functionRef:
        name: crossplane-contrib-function-go-templating
      input:
        apiVersion: gotemplating.fn.crossplane.io/v1beta1
        inline:
          template: >-
            {{ range .observed.composite.resource.spec.parameters.namespaces }}

            ---

            apiVersion: kubernetes.crossplane.io/v1alpha2

            kind: Object

            metadata:
              name: {{ $.observed.composite.resource.spec.id }}-ns-{{ . }}
              annotations:
                crossplane.io/external-name: {{ . }}
                gotemplating.fn.crossplane.io/composition-resource-name: {{ $.observed.composite.resource.spec.id }}-ns-{{ . }}
            spec:
              forProvider:
                manifest:
                  apiVersion: "v1"
                  kind: "Namespace"
                  metadata:
                    name: {{ . }}
              providerConfigRef:
                name: {{ $.observed.composite.resource.spec.id }}
            {{ end }}
        kind: GoTemplate
        source: Inline
    - step: creds
      functionRef:
        name: crossplane-contrib-function-go-templating
      input:
        apiVersion: gotemplating.fn.crossplane.io/v1beta1
        inline:
          template: >-
            {{ if .observed.composite.resource.spec.parameters.creds }}

            ---

            apiVersion: kubernetes.crossplane.io/v1alpha2

            kind: Object

            metadata:
              name: {{ $.observed.composite.resource.spec.id }}-creds
              annotations:
                gotemplating.fn.crossplane.io/composition-resource-name: {{ $.observed.composite.resource.spec.id }}-creds
                crossplane.io/external-name: {{ $.observed.composite.resource.spec.parameters.creds.name }}
            spec:
              references:
              {{ range $.observed.composite.resource.spec.parameters.creds.keys }}
              - patchesFrom:
                  apiVersion: v1
                  kind: Secret
                  name: {{ $.observed.composite.resource.spec.parameters.creds.name }}
                  namespace: {{ $.observed.composite.resource.spec.parameters.creds.namespace }}
                  fieldPath: data.{{ . }}
                toFieldPath: data.{{ . }}
              {{ end }}
              forProvider:
                manifest:
                  apiVersion: v1
                  kind: Secret
                  metadata:
                    name: {{ $.observed.composite.resource.spec.parameters.creds.name }}
                    namespace: {{ $.observed.composite.resource.spec.parameters.creds.namespace }}
              providerConfigRef:
                name: {{ $.observed.composite.resource.spec.id }}
            {{ end }}
        kind: GoTemplate
        source: Inline
    - step: automatically-detect-ready-composed-resources
      functionRef:
        name: crossplane-contrib-function-auto-ready
  writeConnectionSecretsToNamespace: crossplane-system
Marketplace

Discover the building blocks for your internal cloud platform.

© 2022 Upbound, Inc.

SolutionsProvidersConfigurations
LearnDocumentationTry for Free
MorePrivacy PolicyTerms & Conditions
Marketplace

© 2022 Upbound, Inc.

Marketplace

Discover the building blocksfor your internal cloud platform.