kind: Composition
apiVersion: apiextensions.crossplane.io/v1
metadata:
name: xvaultinstalls.sec.upbound.io
creationTimestamp: null
spec:
compositeTypeRef:
apiVersion: sec.upbound.io/v1alpha1
kind: XVaultInstall
mode: Pipeline
pipeline:
- step: patch-and-transform
functionRef:
name: upbound-function-patch-and-transform
input:
apiVersion: pt.fn.crossplane.io/v1beta1
kind: Resources
resources:
- base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
deletionPolicy: Delete
forProvider:
manifest:
apiVersion: v1
kind: Namespace
metadata:
name: vault
name: vault-namespace
patches:
- fromFieldPath: spec.parameters.providerConfigName
toFieldPath: spec.providerConfigRef.name
type: FromCompositeFieldPath
- base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
metadata:
name: kubernetes-vault-creds-secret
spec:
deletionPolicy: Delete
forProvider:
manifest:
apiVersion: v1
kind: Secret
metadata:
name: vault-creds
namespace: vault
stringData:
credentials: |
{
"token_name": "vault-creds-test-token",
"token": "root"
}
type: Opaque
name: vault-creds
patches:
- fromFieldPath: spec.parameters.providerConfigName
toFieldPath: spec.providerConfigRef.name
type: FromCompositeFieldPath
- base:
apiVersion: helm.crossplane.io/v1beta1
kind: Release
metadata:
annotations:
crossplane.io/external-name: vault
spec:
deletionPolicy: Delete
forProvider:
chart:
name: vault
repository: https://helm.releases.hashicorp.com
version: 0.27.0
namespace: vault
skipCreateNamespace: false
values:
server:
dev:
devRootToken: root
enabled: true
wait: true
rollbackLimit: 3
name: vault-helm-release
patches:
- fromFieldPath: status.atProvider
policy:
fromFieldPath: Required
toFieldPath: status.xVaultInstall
type: ToCompositeFieldPath
- fromFieldPath: spec.parameters.providerConfigName
toFieldPath: spec.providerConfigRef.name
type: FromCompositeFieldPath
- base:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
spec:
deletionPolicy: Delete
forProvider:
manifest:
apiVersion: vault.upbound.io/v1beta1
kind: ProviderConfig
metadata:
name: vault-provider-config
spec:
add_address_to_env: false
credentials:
secretRef:
key: credentials
name: vault-creds
namespace: vault
source: Secret
headers:
name: test
value: e2e
max_lease_ttl_seconds: 300
max_retries: 10
max_retries_ccc: 10
namespace: vault
skip_child_token: true
skip_get_vault_version: true
skip_tls_verify: true
tls_server_name: ""
vault_version_override: 1.15.2
name: vault-provider-config
patches:
- fromFieldPath: spec.parameters.vaultAddress
toFieldPath: spec.forProvider.manifest.spec.address
type: FromCompositeFieldPath
- fromFieldPath: spec.parameters.providerConfigName
toFieldPath: spec.providerConfigRef.name
type: FromCompositeFieldPath
- base:
apiVersion: apiextensions.crossplane.io/v1alpha1
kind: Usage
spec:
by:
apiVersion: helm.crossplane.io/v1beta1
kind: Release
resourceSelector:
matchControllerRef: true
of:
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: Object
resourceSelector:
matchControllerRef: true
name: usageXVaultInstallObjectsByHelmRelease
readinessChecks:
- type: None
© 2022 Upbound, Inc.
Discover the building blocksfor your internal cloud platform.