├── .gitignore ├── .teller.yml ├── README.md ├── a-team └── empty ├── argocd ├── apps.yaml └── helm-values.yaml ├── compositions ├── sql-v1 │ ├── aws.yaml │ ├── azure.yaml │ ├── definition.yaml │ └── google.yaml ├── sql-v10 │ ├── .gitignore │ ├── aws.yaml │ ├── azure.yaml │ ├── crossplane.yaml │ ├── definition.yaml │ └── google.yaml ├── sql-v11 │ ├── .gitignore │ ├── aws.yaml │ ├── azure.yaml │ ├── crossplane.yaml │ ├── definition.yaml │ └── google.yaml ├── sql-v2 │ ├── aws.yaml │ ├── azure.yaml │ ├── definition.yaml │ └── google.yaml ├── sql-v3 │ ├── aws.yaml │ ├── azure.yaml │ ├── definition.yaml │ └── google.yaml ├── sql-v4 │ ├── aws.yaml │ ├── azure.yaml │ ├── definition.yaml │ └── google.yaml ├── sql-v5 │ ├── aws.yaml │ ├── azure.yaml │ ├── definition.yaml │ └── google.yaml ├── sql-v6 │ ├── aws.yaml │ ├── azure.yaml │ ├── definition.yaml │ └── google.yaml ├── sql-v7 │ ├── .gitignore │ ├── aws.yaml │ ├── azure.yaml │ ├── crossplane.yaml │ ├── definition.yaml │ └── google.yaml ├── sql-v8 │ ├── .gitignore │ ├── aws.yaml │ ├── azure.yaml │ ├── crossplane.yaml │ ├── definition.yaml │ └── google.yaml └── sql-v9 │ ├── .gitignore │ ├── aws.yaml │ ├── azure.yaml │ ├── crossplane.yaml │ ├── definition.yaml │ └── google.yaml ├── destroy ├── 00-intro.sh ├── 01-managed-resources.sh ├── 02-compositions.sh ├── 03-configurations.sh └── 04-functions.sh ├── devbox.json ├── devbox.lock ├── examples ├── aws-intro.yaml ├── aws-sql-v1.yaml ├── aws-sql-v10.yaml ├── aws-sql-v3.yaml ├── aws-sql-v6.yaml ├── aws-sql-v7.yaml ├── aws-sql-v9.yaml ├── aws-vm-bigger.yaml ├── aws-vm.yaml ├── aws-vpc-external-name.yaml ├── aws-vpc.yaml ├── azure-intro.yaml ├── azure-sql-v1.yaml ├── azure-sql-v10.yaml ├── azure-sql-v3.yaml ├── azure-sql-v6.yaml ├── azure-sql-v7.yaml ├── azure-sql-v9.yaml ├── azure-vm-bigger.yaml ├── azure-vm.yaml ├── google-intro.yaml ├── google-k8s.yaml ├── google-sql-v1.yaml ├── google-sql-v10.yaml ├── google-sql-v3.yaml ├── google-sql-v6.yaml ├── google-sql-v7.yaml ├── google-sql-v9.yaml ├── google-vm-bigger.yaml ├── google-vm-no-network.yaml ├── google-vm.yaml └── sql-v1.yaml ├── gcloud ├── flake.lock └── flake.nix ├── kind.yaml ├── providers ├── aws-config.yaml ├── aws-vm.yaml ├── azure-config.yaml ├── azure-vm.yaml ├── dot-app.yaml ├── dot-kubernetes.yaml ├── dot-sql-v7.yaml ├── dot-sql.yaml ├── function-auto-ready.yaml ├── function-go-templating.yaml ├── function-patch-and-transform.yaml ├── google-config.yaml ├── google-vm.yaml ├── provider-helm-incluster.yaml ├── provider-kubernetes-incluster.yaml ├── sql-v1.yaml └── sql-v5.yaml ├── setup ├── 00-intro.sh ├── 01-managed-resources-nix.sh ├── 01-managed-resources.sh ├── 02-compositions.sh ├── 03-configurations.sh └── 04-functions.sh └── shell.nix /.gitignore: -------------------------------------------------------------------------------- 1 | /.env 2 | /gcp-creds.json 3 | /google-creds.json 4 | /aws-creds.conf 5 | /gke_gcloud_auth_plugin_cache 6 | /kubeconfig.yaml 7 | /azure-creds.json 8 | /bin 9 | /kubeconfig.yaml 10 | -------------------------------------------------------------------------------- /.teller.yml: -------------------------------------------------------------------------------- 1 | providers: 2 | google_secrets_manager: 3 | kind: google_secretmanager 4 | maps: 5 | - id: secrets 6 | path: projects/vfarcic 7 | keys: 8 | upbound-account: UP_ACCOUNT 9 | upbound-token: UP_TOKEN 10 | aws-access-key-id: AWS_ACCESS_KEY_ID 11 | aws-secret-access-key: AWS_SECRET_ACCESS_KEY 12 | aws-account-id: AWS_ACCOUNT_ID 13 | azure-tenant: AZURE_TENANT_ID 14 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Crossplane tutorial 2 | 3 | ## Video tutorial series 4 | 5 | Full playlist: 6 | 7 | ### Part 1 8 | 9 | - Video: 10 | - Gist: 11 | 12 | ### Part 2 13 | 14 | - Video: 15 | - Gist: 16 | 17 | ### Part 3 18 | 19 | - Video: 20 | - Gist: 21 | 22 | ### Part 4 23 | 24 | - Video: 25 | - Gist: 26 | 27 | ### Part 5 28 | 29 | - Video: 30 | - Gist: 31 | 32 | ## Resources 33 | 34 | - Crossplane: 35 | - Say Goodbye to Containers - Ephemeral Environments with Nix Shell: 36 | 37 | ## The Book 38 | 39 | - Amazon: https://www.amazon.com/dp/B0CWCYP5CJ 40 | - LeanPub: https://leanpub.com/crossplane 41 | -------------------------------------------------------------------------------- /a-team/empty: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vfarcic/crossplane-tutorial/e720209e7f60bb5964b224cdefff756d74544d33/a-team/empty -------------------------------------------------------------------------------- /argocd/apps.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: argoproj.io/v1alpha1 3 | kind: Application 4 | metadata: 5 | name: a-team 6 | namespace: argocd 7 | finalizers: 8 | - resources-finalizer.argocd.argoproj.io 9 | spec: 10 | project: default 11 | source: 12 | repoURL: https://github.com/vfarcic/crossplane-tutorial 13 | targetRevision: HEAD 14 | path: a-team 15 | destination: 16 | server: https://kubernetes.default.svc 17 | namespace: a-team 18 | syncPolicy: 19 | automated: 20 | selfHeal: true 21 | prune: true 22 | allowEmpty: true 23 | -------------------------------------------------------------------------------- /argocd/helm-values.yaml: -------------------------------------------------------------------------------- 1 | global: 2 | domain: argocd.127.0.0.1.nip.io 3 | configs: 4 | secret: 5 | argocdServerAdminPassword: "$2a$10$m3eTlEdRen0nS86c5Zph5u/bDFQMcWZYdG3NVdiyaACCqoxLJaz16" 6 | argocdServerAdminPasswordMtime: "2021-11-08T15:04:05Z" 7 | cm: 8 | application.resourceTrackingMethod: annotation 9 | timeout.reconciliation: 60s 10 | params: 11 | "server.insecure": true 12 | server: 13 | ingress: 14 | enabled: true 15 | ingressClassName: nginx 16 | extraArgs: 17 | - --insecure 18 | -------------------------------------------------------------------------------- /compositions/sql-v1/aws.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: aws-postgresql 6 | labels: 7 | provider: aws 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | resources: 14 | - name: vpc 15 | base: 16 | apiVersion: ec2.aws.upbound.io/v1beta1 17 | kind: VPC 18 | spec: 19 | forProvider: 20 | region: us-east-1 21 | cidrBlock: 11.0.0.0/16 22 | enableDnsSupport: true 23 | enableDnsHostnames: true 24 | - name: subnet-a 25 | base: 26 | apiVersion: ec2.aws.upbound.io/v1beta1 27 | kind: Subnet 28 | metadata: 29 | labels: 30 | zone: us-east-1a 31 | spec: 32 | forProvider: 33 | region: us-east-1 34 | availabilityZone: us-east-1a 35 | cidrBlock: 11.0.0.0/24 36 | vpcIdSelector: 37 | matchLabels: 38 | crossplane.io/composite: my-db 39 | - name: subnet-b 40 | base: 41 | apiVersion: ec2.aws.upbound.io/v1beta1 42 | kind: Subnet 43 | metadata: 44 | labels: 45 | zone: us-east-1b 46 | spec: 47 | forProvider: 48 | region: us-east-1 49 | availabilityZone: us-east-1b 50 | cidrBlock: 11.0.1.0/24 51 | vpcIdSelector: 52 | matchLabels: 53 | crossplane.io/composite: my-db 54 | - name: subnet-c 55 | base: 56 | apiVersion: ec2.aws.upbound.io/v1beta1 57 | kind: Subnet 58 | metadata: 59 | labels: 60 | zone: us-east-1c 61 | spec: 62 | forProvider: 63 | region: us-east-1 64 | availabilityZone: us-east-1c 65 | cidrBlock: 11.0.2.0/24 66 | vpcIdSelector: 67 | matchLabels: 68 | crossplane.io/composite: my-db 69 | - name: subnetgroup 70 | base: 71 | apiVersion: rds.aws.upbound.io/v1beta1 72 | kind: SubnetGroup 73 | spec: 74 | forProvider: 75 | region: us-east-1 76 | description: I'm too lazy to write a good description 77 | subnetIdSelector: 78 | matchLabels: 79 | crossplane.io/composite: my-db 80 | - name: gateway 81 | base: 82 | apiVersion: ec2.aws.upbound.io/v1beta1 83 | kind: InternetGateway 84 | spec: 85 | forProvider: 86 | region: us-east-1 87 | vpcIdSelector: 88 | matchLabels: 89 | crossplane.io/composite: my-db 90 | - name: routeTable 91 | base: 92 | apiVersion: ec2.aws.upbound.io/v1beta1 93 | kind: RouteTable 94 | spec: 95 | forProvider: 96 | region: us-east-1 97 | vpcIdSelector: 98 | matchLabels: 99 | crossplane.io/composite: my-db 100 | - name: route 101 | base: 102 | apiVersion: ec2.aws.upbound.io/v1beta1 103 | kind: Route 104 | spec: 105 | forProvider: 106 | region: us-east-1 107 | routeTableIdSelector: 108 | matchLabels: 109 | crossplane.io/composite: my-db 110 | destinationCidrBlock: 0.0.0.0/0 111 | gatewayIdSelector: 112 | matchLabels: 113 | crossplane.io/composite: my-db 114 | - name: mainRouteTableAssociation 115 | base: 116 | apiVersion: ec2.aws.upbound.io/v1beta1 117 | kind: MainRouteTableAssociation 118 | spec: 119 | forProvider: 120 | region: us-east-1 121 | routeTableIdSelector: 122 | matchLabels: 123 | crossplane.io/composite: my-db 124 | vpcIdSelector: 125 | matchLabels: 126 | crossplane.io/composite: my-db 127 | - name: routeTableAssociation1a 128 | base: 129 | apiVersion: ec2.aws.upbound.io/v1beta1 130 | kind: RouteTableAssociation 131 | spec: 132 | forProvider: 133 | region: us-east-1 134 | routeTableIdSelector: 135 | matchLabels: 136 | crossplane.io/composite: my-db 137 | subnetIdSelector: 138 | matchLabels: 139 | crossplane.io/composite: my-db 140 | - name: routeTableAssociation1b 141 | base: 142 | apiVersion: ec2.aws.upbound.io/v1beta1 143 | kind: RouteTableAssociation 144 | spec: 145 | forProvider: 146 | region: us-east-1 147 | routeTableIdSelector: 148 | matchLabels: 149 | crossplane.io/composite: my-db 150 | subnetIdSelector: 151 | matchLabels: 152 | crossplane.io/composite: my-db 153 | - name: routeTableAssociation1c 154 | base: 155 | apiVersion: ec2.aws.upbound.io/v1beta1 156 | kind: RouteTableAssociation 157 | spec: 158 | forProvider: 159 | region: us-east-1 160 | routeTableIdSelector: 161 | matchLabels: 162 | crossplane.io/composite: my-db 163 | subnetIdSelector: 164 | matchLabels: 165 | crossplane.io/composite: my-db 166 | - name: securityGroup 167 | base: 168 | apiVersion: ec2.aws.upbound.io/v1beta1 169 | kind: SecurityGroup 170 | spec: 171 | forProvider: 172 | description: I am too lazy to write descriptions 173 | region: us-east-1 174 | vpcIdSelector: 175 | matchLabels: 176 | crossplane.io/composite: my-db 177 | - name: securityGroupRule 178 | base: 179 | apiVersion: ec2.aws.upbound.io/v1beta1 180 | kind: SecurityGroupRule 181 | spec: 182 | forProvider: 183 | description: I am too lazy to write descriptions 184 | region: us-east-1 185 | type: ingress 186 | fromPort: 5432 187 | toPort: 5432 188 | protocol: tcp 189 | cidrBlocks: 190 | - 0.0.0.0/0 191 | securityGroupIdSelector: 192 | matchLabels: 193 | crossplane.io/composite: my-db 194 | - name: rdsinstance 195 | base: 196 | apiVersion: rds.aws.upbound.io/v1beta1 197 | kind: Instance 198 | spec: 199 | forProvider: 200 | region: us-east-1 201 | dbSubnetGroupNameSelector: 202 | matchLabels: 203 | crossplane.io/composite: my-db 204 | vpcSecurityGroupIdSelector: 205 | matchLabels: 206 | crossplane.io/composite: my-db 207 | instanceClass: db.m5.large 208 | username: masteruser 209 | engine: postgres 210 | engineVersion: "17.5" 211 | skipFinalSnapshot: true 212 | publiclyAccessible: true 213 | allocatedStorage: 200 214 | passwordSecretRef: 215 | namespace: crossplane-system 216 | key: password 217 | name: my-db-password 218 | -------------------------------------------------------------------------------- /compositions/sql-v1/azure.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: azure-postgresql 6 | labels: 7 | provider: azure 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | resources: 14 | - name: resourcegroup 15 | base: 16 | apiVersion: azure.upbound.io/v1beta1 17 | kind: ResourceGroup 18 | metadata: 19 | name: my-db 20 | spec: 21 | forProvider: 22 | location: eastus 23 | - name: server 24 | base: 25 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 26 | kind: Server 27 | spec: 28 | forProvider: 29 | location: eastus 30 | resourceGroupNameSelector: 31 | matchLabels: 32 | crossplane.io/composite: my-db 33 | storageMb: 5120 34 | autoGrowEnabled: true 35 | skuName: B_Gen5_1 36 | sslEnforcementEnabled: false 37 | sslMinimalTlsVersionEnforced: TLSEnforcementDisabled 38 | administratorLogin: postgres 39 | administratorLoginPasswordSecretRef: 40 | key: password 41 | name: my-db-password 42 | namespace: crossplane-system 43 | publicNetworkAccessEnabled: true 44 | version: "11" 45 | engineVersion: "11" 46 | - name: firewall-rule 47 | base: 48 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 49 | kind: FirewallRule 50 | spec: 51 | forProvider: 52 | startIpAddress: 0.0.0.0 53 | endIpAddress: 255.255.255.255 54 | resourceGroupNameSelector: 55 | matchLabels: 56 | crossplane.io/composite: my-db 57 | serverNameSelector: 58 | matchLabels: 59 | crossplane.io/composite: my-db 60 | -------------------------------------------------------------------------------- /compositions/sql-v1/definition.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: CompositeResourceDefinition 4 | metadata: 5 | name: sqls.devopstoolkitseries.com 6 | spec: 7 | group: devopstoolkitseries.com 8 | names: 9 | kind: SQL 10 | plural: sqls 11 | claimNames: 12 | kind: SQLClaim 13 | plural: sqlclaims 14 | versions: 15 | - name: v1alpha1 16 | served: true 17 | referenceable: true 18 | schema: 19 | openAPIV3Schema: {} 20 | -------------------------------------------------------------------------------- /compositions/sql-v1/google.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: google-postgresql 6 | labels: 7 | provider: google 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | resources: 14 | - name: sql 15 | base: 16 | apiVersion: sql.gcp.upbound.io/v1beta1 17 | kind: DatabaseInstance 18 | spec: 19 | forProvider: 20 | region: us-east1 21 | rootPasswordSecretRef: 22 | namespace: crossplane-system 23 | key: password 24 | name: my-db-password 25 | databaseVersion: "POSTGRES_13" 26 | settings: 27 | - availabilityType: REGIONAL 28 | tier: db-custom-1-3840 29 | backupConfiguration: 30 | - enabled: true 31 | binaryLogEnabled: false 32 | ipConfiguration: 33 | - ipv4Enabled: true 34 | authorizedNetworks: 35 | - name: all 36 | value: 0.0.0.0/0 37 | deletionProtection: false 38 | - name: user 39 | base: 40 | apiVersion: sql.gcp.upbound.io/v1beta1 41 | kind: User 42 | spec: 43 | forProvider: 44 | passwordSecretRef: 45 | key: password 46 | name: my-db-password 47 | namespace: crossplane-system 48 | instanceSelector: 49 | matchLabels: 50 | crossplane.io/composite: my-db 51 | -------------------------------------------------------------------------------- /compositions/sql-v10/.gitignore: -------------------------------------------------------------------------------- 1 | /dot-sql*.xpkg 2 | -------------------------------------------------------------------------------- /compositions/sql-v10/azure.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: azure-postgresql 6 | labels: 7 | provider: azure 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | mode: Pipeline 14 | pipeline: 15 | - functionRef: 16 | name: crossplane-contrib-function-patch-and-transform 17 | step: patch-and-transform 18 | input: 19 | apiVersion: pt.fn.crossplane.io/v1beta1 20 | kind: Resources 21 | patchSets: 22 | - name: metadata 23 | patches: 24 | - fromFieldPath: metadata.annotations 25 | toFieldPath: metadata.annotations 26 | - fromFieldPath: spec.id 27 | toFieldPath: metadata.name 28 | resources: 29 | - name: resourcegroup 30 | base: 31 | apiVersion: azure.upbound.io/v1beta1 32 | kind: ResourceGroup 33 | spec: 34 | forProvider: 35 | location: eastus 36 | patches: 37 | - type: PatchSet 38 | patchSetName: metadata 39 | - name: server 40 | base: 41 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 42 | kind: Server 43 | spec: 44 | forProvider: 45 | location: eastus 46 | resourceGroupNameSelector: 47 | matchControllerRef: true 48 | storageMb: 5120 49 | autoGrowEnabled: true 50 | sslEnforcementEnabled: false 51 | sslMinimalTlsVersionEnforced: TLSEnforcementDisabled 52 | administratorLogin: postgres 53 | administratorLoginPasswordSecretRef: 54 | key: password 55 | publicNetworkAccessEnabled: true 56 | patches: 57 | - type: PatchSet 58 | patchSetName: metadata 59 | - fromFieldPath: spec.id 60 | toFieldPath: spec.writeConnectionSecretToRef.name 61 | - fromFieldPath: spec.claimRef.namespace 62 | toFieldPath: spec.writeConnectionSecretToRef.namespace 63 | - fromFieldPath: spec.parameters.version 64 | toFieldPath: spec.forProvider.version 65 | - fromFieldPath: spec.parameters.size 66 | toFieldPath: spec.forProvider.skuName 67 | transforms: 68 | - type: map 69 | map: 70 | small: B_Gen5_1 71 | medium: GP_Gen5_2 72 | large: GP_Gen5_8 73 | - fromFieldPath: spec.id 74 | toFieldPath: spec.forProvider.administratorLoginPasswordSecretRef.name 75 | transforms: 76 | - type: string 77 | string: 78 | fmt: "%s-password" 79 | type: Format 80 | - fromFieldPath: spec.claimRef.namespace 81 | toFieldPath: spec.forProvider.administratorLoginPasswordSecretRef.namespace 82 | - name: firewall-rule 83 | base: 84 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 85 | kind: FirewallRule 86 | spec: 87 | forProvider: 88 | startIpAddress: 0.0.0.0 89 | endIpAddress: 255.255.255.255 90 | resourceGroupNameSelector: 91 | matchControllerRef: true 92 | serverNameSelector: 93 | matchControllerRef: true 94 | patches: 95 | - type: PatchSet 96 | patchSetName: metadata 97 | - name: sql-config 98 | base: 99 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 100 | kind: ProviderConfig 101 | metadata: 102 | name: default 103 | spec: 104 | credentials: 105 | source: PostgreSQLConnectionSecret 106 | sslMode: require 107 | patches: 108 | - type: PatchSet 109 | patchSetName: metadata 110 | - fromFieldPath: spec.id 111 | toFieldPath: spec.credentials.connectionSecretRef.name 112 | - fromFieldPath: spec.claimRef.namespace 113 | toFieldPath: spec.credentials.connectionSecretRef.namespace 114 | readinessChecks: 115 | - type: None 116 | - name: kubernetes 117 | base: 118 | apiVersion: kubernetes.crossplane.io/v1alpha1 119 | kind: ProviderConfig 120 | spec: 121 | credentials: 122 | source: InjectedIdentity 123 | patches: 124 | - fromFieldPath: metadata.annotations 125 | toFieldPath: metadata.annotations 126 | - fromFieldPath: spec.id 127 | toFieldPath: metadata.name 128 | transforms: 129 | - type: string 130 | string: 131 | fmt: "%s-sql" 132 | type: Format 133 | readinessChecks: 134 | - type: None 135 | - functionRef: 136 | name: upbound-function-go-templating 137 | step: sql-db 138 | input: 139 | apiVersion: gotemplating.fn.crossplane.io/v1beta1 140 | kind: GoTemplate 141 | source: Inline 142 | inline: 143 | template: | 144 | {{ range .observed.composite.resource.spec.parameters.databases }} 145 | --- 146 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 147 | kind: Database 148 | metadata: 149 | name: {{ $.observed.composite.resource.spec.id }}-{{ . }} 150 | annotations: 151 | crossplane.io/external-name: {{ . }} 152 | gotemplating.fn.crossplane.io/composition-resource-name: {{ $.observed.composite.resource.spec.id }}-{{ . }} 153 | spec: 154 | providerConfigRef: 155 | name: {{ $.observed.composite.resource.spec.id }} 156 | forProvider: {} 157 | {{ end }} 158 | - functionRef: 159 | name: upbound-function-go-templating 160 | step: schema 161 | input: 162 | apiVersion: gotemplating.fn.crossplane.io/v1beta1 163 | kind: GoTemplate 164 | source: Inline 165 | inline: 166 | template: | 167 | {{ range .observed.composite.resource.spec.parameters.schemas }} 168 | --- 169 | apiVersion: kubernetes.crossplane.io/v1alpha1 170 | kind: Object 171 | metadata: 172 | name: {{ $.observed.composite.resource.spec.id }}-schema-{{ .database }} 173 | annotations: 174 | gotemplating.fn.crossplane.io/composition-resource-name: {{ $.observed.composite.resource.spec.id }}-schema-{{ .database }} 175 | spec: 176 | providerConfigRef: 177 | name: {{ $.observed.composite.resource.spec.id }}-sql 178 | forProvider: 179 | manifest: 180 | apiVersion: db.atlasgo.io/v1alpha1 181 | kind: AtlasSchema 182 | metadata: 183 | name: {{ $.observed.composite.resource.spec.id }}-{{ .database }} 184 | namespace: {{ $.observed.composite.resource.spec.claimRef.namespace }} 185 | toFieldPath: spec.credentials.connectionSecretRef.namespace 186 | spec: 187 | credentials: 188 | scheme: postgres 189 | hostFrom: 190 | secretKeyRef: 191 | key: endpoint 192 | name: {{ $.observed.composite.resource.spec.id }} 193 | port: 5432 194 | userFrom: 195 | secretKeyRef: 196 | key: username 197 | name: {{ $.observed.composite.resource.spec.id }} 198 | passwordFrom: 199 | secretKeyRef: 200 | key: password 201 | name: {{ $.observed.composite.resource.spec.id }} 202 | database: {{ .database }} 203 | parameters: 204 | sslmode: disable 205 | schema: 206 | sql: "{{ .sql }}" 207 | {{ end }} 208 | -------------------------------------------------------------------------------- /compositions/sql-v10/crossplane.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: meta.pkg.crossplane.io/v1 2 | kind: Configuration 3 | metadata: 4 | name: dot-sql 5 | annotations: 6 | meta.crossplane.io/maintainer: Viktor Farcic (@vfarcic) 7 | meta.crossplane.io/source: github.com/vfarcic/crossplane-tutorial 8 | meta.crossplane.io/license: MIT 9 | meta.crossplane.io/description: Fully operational PostgreSQL databases in AWS, Google Cloud Platform, and Azure. 10 | meta.crossplane.io/readme: A Configuration package that defines a SQL and SQLClaim types that can be used to create and provision fully operational databases in AWS, Google Cloud Platform, and Azure. 11 | spec: 12 | crossplane: 13 | version: ">=v1.14.0" 14 | dependsOn: 15 | - provider: xpkg.upbound.io/upbound/provider-aws-ec2 16 | version: ">=v1.0.0" 17 | - provider: xpkg.upbound.io/upbound/provider-aws-rds 18 | version: ">=v1.0.0" 19 | - provider: xpkg.upbound.io/upbound/provider-azure-dbforpostgresql 20 | version: ">=v0.33.0" 21 | - provider: xpkg.upbound.io/upbound/provider-gcp-sql 22 | version: ">=v0.33.0" 23 | - provider: xpkg.upbound.io/crossplane-contrib/provider-sql 24 | version: ">=v0.9.0" 25 | # - provider: xpkg.upbound.io/crossplane-contrib/provider-kubernetes 26 | # version: ">=v0.10.0" 27 | -------------------------------------------------------------------------------- /compositions/sql-v10/definition.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: CompositeResourceDefinition 4 | metadata: 5 | name: sqls.devopstoolkitseries.com 6 | spec: 7 | group: devopstoolkitseries.com 8 | names: 9 | kind: SQL 10 | plural: sqls 11 | claimNames: 12 | kind: SQLClaim 13 | plural: sqlclaims 14 | versions: 15 | - name: v1alpha1 16 | served: true 17 | referenceable: true 18 | schema: 19 | openAPIV3Schema: 20 | type: object 21 | properties: 22 | spec: 23 | type: object 24 | properties: 25 | id: 26 | type: string 27 | description: Database ID 28 | parameters: 29 | type: object 30 | properties: 31 | version: 32 | description: The DB version depends on the DB type and versions available in the selected provider. 33 | type: string 34 | size: 35 | description: "Supported sizes: small, medium, large" 36 | type: string 37 | default: small 38 | databases: 39 | description: The list of databases to create inside the DB server. 40 | type: array 41 | items: 42 | type: string 43 | schemas: 44 | description: Database schema. Atlas operator (https://atlasgo.io/integrations/kubernetes/operator) needs to be installed in the cluster. Leave empty if schema should NOT be applied. 45 | type: array 46 | items: 47 | type: object 48 | properties: 49 | database: 50 | description: The name of the database where to apply the schema. 51 | type: string 52 | sql: 53 | description: The SQL to apply. 54 | type: string 55 | required: 56 | - version 57 | required: 58 | - parameters 59 | -------------------------------------------------------------------------------- /compositions/sql-v11/.gitignore: -------------------------------------------------------------------------------- 1 | /dot-sql*.xpkg 2 | -------------------------------------------------------------------------------- /compositions/sql-v11/azure.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: azure-postgresql 6 | labels: 7 | provider: azure 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | mode: Pipeline 14 | pipeline: 15 | - functionRef: 16 | name: crossplane-contrib-function-patch-and-transform 17 | step: patch-and-transform 18 | input: 19 | apiVersion: pt.fn.crossplane.io/v1beta1 20 | kind: Resources 21 | patchSets: 22 | - name: metadata 23 | patches: 24 | - fromFieldPath: metadata.annotations 25 | toFieldPath: metadata.annotations 26 | - fromFieldPath: spec.id 27 | toFieldPath: metadata.name 28 | resources: 29 | - name: resourcegroup 30 | base: 31 | apiVersion: azure.upbound.io/v1beta1 32 | kind: ResourceGroup 33 | spec: 34 | forProvider: 35 | location: eastus 36 | patches: 37 | - type: PatchSet 38 | patchSetName: metadata 39 | - name: server 40 | base: 41 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 42 | kind: Server 43 | spec: 44 | forProvider: 45 | location: eastus 46 | resourceGroupNameSelector: 47 | matchControllerRef: true 48 | storageMb: 5120 49 | autoGrowEnabled: true 50 | sslEnforcementEnabled: false 51 | sslMinimalTlsVersionEnforced: TLSEnforcementDisabled 52 | administratorLogin: postgres 53 | administratorLoginPasswordSecretRef: 54 | key: password 55 | publicNetworkAccessEnabled: true 56 | patches: 57 | - type: PatchSet 58 | patchSetName: metadata 59 | - fromFieldPath: spec.id 60 | toFieldPath: spec.writeConnectionSecretToRef.name 61 | - fromFieldPath: spec.claimRef.namespace 62 | toFieldPath: spec.writeConnectionSecretToRef.namespace 63 | - fromFieldPath: spec.parameters.version 64 | toFieldPath: spec.forProvider.version 65 | - fromFieldPath: spec.parameters.size 66 | toFieldPath: spec.forProvider.skuName 67 | transforms: 68 | - type: map 69 | map: 70 | small: B_Gen5_1 71 | medium: GP_Gen5_2 72 | large: GP_Gen5_8 73 | - fromFieldPath: spec.id 74 | toFieldPath: spec.forProvider.administratorLoginPasswordSecretRef.name 75 | transforms: 76 | - type: string 77 | string: 78 | fmt: "%s-password" 79 | type: Format 80 | - fromFieldPath: spec.claimRef.namespace 81 | toFieldPath: spec.forProvider.administratorLoginPasswordSecretRef.namespace 82 | - name: firewall-rule 83 | base: 84 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 85 | kind: FirewallRule 86 | spec: 87 | forProvider: 88 | startIpAddress: 0.0.0.0 89 | endIpAddress: 255.255.255.255 90 | resourceGroupNameSelector: 91 | matchControllerRef: true 92 | serverNameSelector: 93 | matchControllerRef: true 94 | patches: 95 | - type: PatchSet 96 | patchSetName: metadata 97 | - name: sql-config 98 | base: 99 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 100 | kind: ProviderConfig 101 | metadata: 102 | name: default 103 | spec: 104 | credentials: 105 | source: PostgreSQLConnectionSecret 106 | sslMode: require 107 | patches: 108 | - type: PatchSet 109 | patchSetName: metadata 110 | - fromFieldPath: spec.id 111 | toFieldPath: spec.credentials.connectionSecretRef.name 112 | - fromFieldPath: spec.claimRef.namespace 113 | toFieldPath: spec.credentials.connectionSecretRef.namespace 114 | readinessChecks: 115 | - type: None 116 | - name: kubernetes 117 | base: 118 | apiVersion: kubernetes.crossplane.io/v1alpha1 119 | kind: ProviderConfig 120 | spec: 121 | credentials: 122 | source: InjectedIdentity 123 | patches: 124 | - fromFieldPath: metadata.annotations 125 | toFieldPath: metadata.annotations 126 | - fromFieldPath: spec.id 127 | toFieldPath: metadata.name 128 | transforms: 129 | - type: string 130 | string: 131 | fmt: "%s-sql" 132 | type: Format 133 | readinessChecks: 134 | - type: None 135 | - functionRef: 136 | name: upbound-function-go-templating 137 | step: sql-db 138 | input: 139 | apiVersion: gotemplating.fn.crossplane.io/v1beta1 140 | kind: GoTemplate 141 | source: Inline 142 | inline: 143 | template: | 144 | {{ range .observed.composite.resource.spec.parameters.databases }} 145 | --- 146 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 147 | kind: Database 148 | metadata: 149 | name: {{ $.observed.composite.resource.spec.id }}-{{ . }} 150 | annotations: 151 | crossplane.io/external-name: {{ . }} 152 | gotemplating.fn.crossplane.io/composition-resource-name: {{ $.observed.composite.resource.spec.id }}-{{ . }} 153 | spec: 154 | providerConfigRef: 155 | name: {{ $.observed.composite.resource.spec.id }} 156 | forProvider: {} 157 | {{ end }} 158 | - functionRef: 159 | name: upbound-function-go-templating 160 | step: schema 161 | input: 162 | apiVersion: gotemplating.fn.crossplane.io/v1beta1 163 | kind: GoTemplate 164 | source: Inline 165 | inline: 166 | template: | 167 | {{ range .observed.composite.resource.spec.parameters.schemas }} 168 | --- 169 | apiVersion: kubernetes.crossplane.io/v1alpha1 170 | kind: Object 171 | metadata: 172 | name: {{ $.observed.composite.resource.spec.id }}-schema-{{ .database }} 173 | annotations: 174 | gotemplating.fn.crossplane.io/composition-resource-name: {{ $.observed.composite.resource.spec.id }}-schema-{{ .database }} 175 | spec: 176 | providerConfigRef: 177 | name: {{ $.observed.composite.resource.spec.id }}-sql 178 | forProvider: 179 | manifest: 180 | apiVersion: db.atlasgo.io/v1alpha1 181 | kind: AtlasSchema 182 | metadata: 183 | name: {{ $.observed.composite.resource.spec.id }}-{{ .database }} 184 | namespace: {{ $.observed.composite.resource.spec.claimRef.namespace }} 185 | toFieldPath: spec.credentials.connectionSecretRef.namespace 186 | spec: 187 | credentials: 188 | scheme: postgres 189 | hostFrom: 190 | secretKeyRef: 191 | key: endpoint 192 | name: {{ $.observed.composite.resource.spec.id }} 193 | port: 5432 194 | userFrom: 195 | secretKeyRef: 196 | key: username 197 | name: {{ $.observed.composite.resource.spec.id }} 198 | passwordFrom: 199 | secretKeyRef: 200 | key: password 201 | name: {{ $.observed.composite.resource.spec.id }} 202 | database: {{ .database }} 203 | parameters: 204 | sslmode: disable 205 | schema: 206 | sql: "{{ .sql }}" 207 | {{ end }} 208 | - functionRef: 209 | name: upbound-function-auto-ready 210 | step: automatically-detect-ready-composed-resources 211 | -------------------------------------------------------------------------------- /compositions/sql-v11/crossplane.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: meta.pkg.crossplane.io/v1 2 | kind: Configuration 3 | metadata: 4 | name: dot-sql 5 | annotations: 6 | meta.crossplane.io/maintainer: Viktor Farcic (@vfarcic) 7 | meta.crossplane.io/source: github.com/vfarcic/crossplane-tutorial 8 | meta.crossplane.io/license: MIT 9 | meta.crossplane.io/description: Fully operational PostgreSQL databases in AWS, Google Cloud Platform, and Azure. 10 | meta.crossplane.io/readme: A Configuration package that defines a SQL and SQLClaim types that can be used to create and provision fully operational databases in AWS, Google Cloud Platform, and Azure. 11 | spec: 12 | crossplane: 13 | version: ">=v1.14.0" 14 | dependsOn: 15 | - provider: xpkg.upbound.io/upbound/provider-aws-ec2 16 | version: ">=v1.0.0" 17 | - provider: xpkg.upbound.io/upbound/provider-aws-rds 18 | version: ">=v1.0.0" 19 | - provider: xpkg.upbound.io/upbound/provider-azure-dbforpostgresql 20 | version: ">=v0.33.0" 21 | - provider: xpkg.upbound.io/upbound/provider-gcp-sql 22 | version: ">=v0.33.0" 23 | - provider: xpkg.upbound.io/crossplane-contrib/provider-sql 24 | version: ">=v0.9.0" 25 | - function: xpkg.upbound.io/crossplane-contrib/function-patch-and-transform 26 | version: ">=v0.1.4" 27 | - function: xpkg.upbound.io/crossplane-contrib/function-go-templating 28 | version: ">=v0.4.0" 29 | - function: xpkg.upbound.io/crossplane-contrib/function-auto-ready 30 | version: ">=v0.2.1" 31 | # - provider: xpkg.upbound.io/crossplane-contrib/provider-kubernetes 32 | # version: ">=v0.10.0" 33 | -------------------------------------------------------------------------------- /compositions/sql-v11/definition.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: CompositeResourceDefinition 4 | metadata: 5 | name: sqls.devopstoolkitseries.com 6 | spec: 7 | group: devopstoolkitseries.com 8 | names: 9 | kind: SQL 10 | plural: sqls 11 | claimNames: 12 | kind: SQLClaim 13 | plural: sqlclaims 14 | versions: 15 | - name: v1alpha1 16 | served: true 17 | referenceable: true 18 | schema: 19 | openAPIV3Schema: 20 | type: object 21 | properties: 22 | spec: 23 | type: object 24 | properties: 25 | id: 26 | type: string 27 | description: Database ID 28 | parameters: 29 | type: object 30 | properties: 31 | version: 32 | description: The DB version depends on the DB type and versions available in the selected provider. 33 | type: string 34 | size: 35 | description: "Supported sizes: small, medium, large" 36 | type: string 37 | default: small 38 | databases: 39 | description: The list of databases to create inside the DB server. 40 | type: array 41 | items: 42 | type: string 43 | schemas: 44 | description: Database schema. Atlas operator (https://atlasgo.io/integrations/kubernetes/operator) needs to be installed in the cluster. Leave empty if schema should NOT be applied. 45 | type: array 46 | items: 47 | type: object 48 | properties: 49 | database: 50 | description: The name of the database where to apply the schema. 51 | type: string 52 | sql: 53 | description: The SQL to apply. 54 | type: string 55 | required: 56 | - version 57 | required: 58 | - parameters 59 | -------------------------------------------------------------------------------- /compositions/sql-v2/aws.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: aws-postgresql 6 | labels: 7 | provider: aws 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | resources: 14 | - name: vpc 15 | base: 16 | apiVersion: ec2.aws.upbound.io/v1beta1 17 | kind: VPC 18 | spec: 19 | forProvider: 20 | region: us-east-1 21 | cidrBlock: 11.0.0.0/16 22 | enableDnsSupport: true 23 | enableDnsHostnames: true 24 | - name: subnet-a 25 | base: 26 | apiVersion: ec2.aws.upbound.io/v1beta1 27 | kind: Subnet 28 | metadata: 29 | labels: 30 | zone: us-east-1a 31 | spec: 32 | forProvider: 33 | region: us-east-1 34 | availabilityZone: us-east-1a 35 | cidrBlock: 11.0.0.0/24 36 | vpcIdSelector: 37 | matchControllerRef: true 38 | - name: subnet-b 39 | base: 40 | apiVersion: ec2.aws.upbound.io/v1beta1 41 | kind: Subnet 42 | metadata: 43 | labels: 44 | zone: us-east-1b 45 | spec: 46 | forProvider: 47 | region: us-east-1 48 | availabilityZone: us-east-1b 49 | cidrBlock: 11.0.1.0/24 50 | vpcIdSelector: 51 | matchControllerRef: true 52 | - name: subnet-c 53 | base: 54 | apiVersion: ec2.aws.upbound.io/v1beta1 55 | kind: Subnet 56 | metadata: 57 | labels: 58 | zone: us-east-1c 59 | spec: 60 | forProvider: 61 | region: us-east-1 62 | availabilityZone: us-east-1c 63 | cidrBlock: 11.0.2.0/24 64 | vpcIdSelector: 65 | matchControllerRef: true 66 | - name: subnetgroup 67 | base: 68 | apiVersion: rds.aws.upbound.io/v1beta1 69 | kind: SubnetGroup 70 | spec: 71 | forProvider: 72 | region: us-east-1 73 | description: I'm too lazy to write a good description 74 | subnetIdSelector: 75 | matchControllerRef: true 76 | - name: gateway 77 | base: 78 | apiVersion: ec2.aws.upbound.io/v1beta1 79 | kind: InternetGateway 80 | spec: 81 | forProvider: 82 | region: us-east-1 83 | vpcIdSelector: 84 | matchControllerRef: true 85 | - name: routeTable 86 | base: 87 | apiVersion: ec2.aws.upbound.io/v1beta1 88 | kind: RouteTable 89 | spec: 90 | forProvider: 91 | region: us-east-1 92 | vpcIdSelector: 93 | matchControllerRef: true 94 | - name: route 95 | base: 96 | apiVersion: ec2.aws.upbound.io/v1beta1 97 | kind: Route 98 | spec: 99 | forProvider: 100 | region: us-east-1 101 | routeTableIdSelector: 102 | matchControllerRef: true 103 | destinationCidrBlock: 0.0.0.0/0 104 | gatewayIdSelector: 105 | matchControllerRef: true 106 | - name: mainRouteTableAssociation 107 | base: 108 | apiVersion: ec2.aws.upbound.io/v1beta1 109 | kind: MainRouteTableAssociation 110 | spec: 111 | forProvider: 112 | region: us-east-1 113 | routeTableIdSelector: 114 | matchControllerRef: true 115 | vpcIdSelector: 116 | matchControllerRef: true 117 | - name: routeTableAssociation1a 118 | base: 119 | apiVersion: ec2.aws.upbound.io/v1beta1 120 | kind: RouteTableAssociation 121 | spec: 122 | forProvider: 123 | region: us-east-1 124 | routeTableIdSelector: 125 | matchControllerRef: true 126 | subnetIdSelector: 127 | matchControllerRef: true 128 | - name: routeTableAssociation1b 129 | base: 130 | apiVersion: ec2.aws.upbound.io/v1beta1 131 | kind: RouteTableAssociation 132 | spec: 133 | forProvider: 134 | region: us-east-1 135 | routeTableIdSelector: 136 | matchControllerRef: true 137 | subnetIdSelector: 138 | matchControllerRef: true 139 | - name: routeTableAssociation1c 140 | base: 141 | apiVersion: ec2.aws.upbound.io/v1beta1 142 | kind: RouteTableAssociation 143 | spec: 144 | forProvider: 145 | region: us-east-1 146 | routeTableIdSelector: 147 | matchControllerRef: true 148 | subnetIdSelector: 149 | matchControllerRef: true 150 | - name: securityGroup 151 | base: 152 | apiVersion: ec2.aws.upbound.io/v1beta1 153 | kind: SecurityGroup 154 | spec: 155 | forProvider: 156 | description: I am too lazy to write descriptions 157 | region: us-east-1 158 | vpcIdSelector: 159 | matchControllerRef: true 160 | - name: securityGroupRule 161 | base: 162 | apiVersion: ec2.aws.upbound.io/v1beta1 163 | kind: SecurityGroupRule 164 | spec: 165 | forProvider: 166 | description: I am too lazy to write descriptions 167 | region: us-east-1 168 | type: ingress 169 | fromPort: 5432 170 | toPort: 5432 171 | protocol: tcp 172 | cidrBlocks: 173 | - 0.0.0.0/0 174 | securityGroupIdSelector: 175 | matchControllerRef: true 176 | - name: rdsinstance 177 | base: 178 | apiVersion: rds.aws.upbound.io/v1beta1 179 | kind: Instance 180 | spec: 181 | forProvider: 182 | region: us-east-1 183 | dbSubnetGroupNameSelector: 184 | matchControllerRef: true 185 | vpcSecurityGroupIdSelector: 186 | matchControllerRef: true 187 | instanceClass: db.m5.large 188 | username: masteruser 189 | engine: postgres 190 | engineVersion: "17.5" 191 | skipFinalSnapshot: true 192 | publiclyAccessible: true 193 | allocatedStorage: 200 194 | passwordSecretRef: 195 | namespace: crossplane-system 196 | key: password 197 | name: my-db-password 198 | -------------------------------------------------------------------------------- /compositions/sql-v2/azure.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: azure-postgresql 6 | labels: 7 | provider: azure 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | resources: 14 | - name: resourcegroup 15 | base: 16 | apiVersion: azure.upbound.io/v1beta1 17 | kind: ResourceGroup 18 | metadata: 19 | name: my-db 20 | spec: 21 | forProvider: 22 | location: eastus 23 | - name: server 24 | base: 25 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 26 | kind: Server 27 | spec: 28 | forProvider: 29 | location: eastus 30 | resourceGroupNameSelector: 31 | matchControllerRef: true 32 | storageMb: 5120 33 | autoGrowEnabled: true 34 | skuName: B_Gen5_1 35 | sslEnforcementEnabled: false 36 | sslMinimalTlsVersionEnforced: TLSEnforcementDisabled 37 | administratorLogin: postgres 38 | administratorLoginPasswordSecretRef: 39 | key: password 40 | name: my-db-password 41 | namespace: crossplane-system 42 | publicNetworkAccessEnabled: true 43 | version: "11" 44 | engineVersion: "11" 45 | - name: firewall-rule 46 | base: 47 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 48 | kind: FirewallRule 49 | spec: 50 | forProvider: 51 | startIpAddress: 0.0.0.0 52 | endIpAddress: 255.255.255.255 53 | resourceGroupNameSelector: 54 | matchControllerRef: true 55 | serverNameSelector: 56 | matchControllerRef: true 57 | -------------------------------------------------------------------------------- /compositions/sql-v2/definition.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: CompositeResourceDefinition 4 | metadata: 5 | name: sqls.devopstoolkitseries.com 6 | spec: 7 | group: devopstoolkitseries.com 8 | names: 9 | kind: SQL 10 | plural: sqls 11 | claimNames: 12 | kind: SQLClaim 13 | plural: sqlclaims 14 | versions: 15 | - name: v1alpha1 16 | served: true 17 | referenceable: true 18 | schema: 19 | openAPIV3Schema: {} 20 | -------------------------------------------------------------------------------- /compositions/sql-v2/google.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: google-postgresql 6 | labels: 7 | provider: google 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | resources: 14 | - name: sql 15 | base: 16 | apiVersion: sql.gcp.upbound.io/v1beta1 17 | kind: DatabaseInstance 18 | spec: 19 | forProvider: 20 | region: us-east1 21 | rootPasswordSecretRef: 22 | namespace: crossplane-system 23 | key: password 24 | name: my-db-password 25 | databaseVersion: "POSTGRES_13" 26 | settings: 27 | - availabilityType: REGIONAL 28 | tier: db-custom-1-3840 29 | backupConfiguration: 30 | - enabled: true 31 | binaryLogEnabled: false 32 | ipConfiguration: 33 | - ipv4Enabled: true 34 | authorizedNetworks: 35 | - name: all 36 | value: 0.0.0.0/0 37 | deletionProtection: false 38 | - name: user 39 | base: 40 | apiVersion: sql.gcp.upbound.io/v1beta1 41 | kind: User 42 | spec: 43 | forProvider: 44 | passwordSecretRef: 45 | key: password 46 | name: my-db-password 47 | namespace: crossplane-system 48 | instanceSelector: 49 | matchControllerRef: true 50 | -------------------------------------------------------------------------------- /compositions/sql-v3/aws.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: aws-postgresql 6 | labels: 7 | provider: aws 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | patchSets: 14 | - name: metadata 15 | patches: 16 | - fromFieldPath: metadata.annotations 17 | toFieldPath: metadata.annotations 18 | - fromFieldPath: spec.id 19 | toFieldPath: metadata.name 20 | resources: 21 | - name: vpc 22 | base: 23 | apiVersion: ec2.aws.upbound.io/v1beta1 24 | kind: VPC 25 | spec: 26 | forProvider: 27 | region: us-east-1 28 | cidrBlock: 11.0.0.0/16 29 | enableDnsSupport: true 30 | enableDnsHostnames: true 31 | patches: 32 | - type: PatchSet 33 | patchSetName: metadata 34 | - name: subnet-a 35 | base: 36 | apiVersion: ec2.aws.upbound.io/v1beta1 37 | kind: Subnet 38 | metadata: 39 | labels: 40 | zone: us-east-1a 41 | spec: 42 | forProvider: 43 | region: us-east-1 44 | availabilityZone: us-east-1a 45 | cidrBlock: 11.0.0.0/24 46 | vpcIdSelector: 47 | matchControllerRef: true 48 | patches: 49 | - fromFieldPath: metadata.annotations 50 | toFieldPath: metadata.annotations 51 | - fromFieldPath: spec.id 52 | toFieldPath: metadata.name 53 | transforms: 54 | - type: string 55 | string: 56 | fmt: "%s-a" 57 | - name: subnet-b 58 | base: 59 | apiVersion: ec2.aws.upbound.io/v1beta1 60 | kind: Subnet 61 | metadata: 62 | labels: 63 | zone: us-east-1b 64 | spec: 65 | forProvider: 66 | region: us-east-1 67 | availabilityZone: us-east-1b 68 | cidrBlock: 11.0.1.0/24 69 | vpcIdSelector: 70 | matchControllerRef: true 71 | patches: 72 | - fromFieldPath: metadata.annotations 73 | toFieldPath: metadata.annotations 74 | - fromFieldPath: spec.id 75 | toFieldPath: metadata.name 76 | transforms: 77 | - type: string 78 | string: 79 | fmt: "%s-b" 80 | - name: subnet-c 81 | base: 82 | apiVersion: ec2.aws.upbound.io/v1beta1 83 | kind: Subnet 84 | metadata: 85 | labels: 86 | zone: us-east-1c 87 | spec: 88 | forProvider: 89 | region: us-east-1 90 | availabilityZone: us-east-1c 91 | cidrBlock: 11.0.2.0/24 92 | vpcIdSelector: 93 | matchControllerRef: true 94 | patches: 95 | - fromFieldPath: metadata.annotations 96 | toFieldPath: metadata.annotations 97 | - fromFieldPath: spec.id 98 | toFieldPath: metadata.name 99 | transforms: 100 | - type: string 101 | string: 102 | fmt: "%s-c" 103 | - name: subnetgroup 104 | base: 105 | apiVersion: rds.aws.upbound.io/v1beta1 106 | kind: SubnetGroup 107 | spec: 108 | forProvider: 109 | region: us-east-1 110 | description: I'm too lazy to write a good description 111 | subnetIdSelector: 112 | matchControllerRef: true 113 | patches: 114 | - type: PatchSet 115 | patchSetName: metadata 116 | - name: gateway 117 | base: 118 | apiVersion: ec2.aws.upbound.io/v1beta1 119 | kind: InternetGateway 120 | spec: 121 | forProvider: 122 | region: us-east-1 123 | vpcIdSelector: 124 | matchControllerRef: true 125 | patches: 126 | - type: PatchSet 127 | patchSetName: metadata 128 | - name: routeTable 129 | base: 130 | apiVersion: ec2.aws.upbound.io/v1beta1 131 | kind: RouteTable 132 | spec: 133 | forProvider: 134 | region: us-east-1 135 | vpcIdSelector: 136 | matchControllerRef: true 137 | patches: 138 | - type: PatchSet 139 | patchSetName: metadata 140 | - name: route 141 | base: 142 | apiVersion: ec2.aws.upbound.io/v1beta1 143 | kind: Route 144 | spec: 145 | forProvider: 146 | region: us-east-1 147 | routeTableIdSelector: 148 | matchControllerRef: true 149 | destinationCidrBlock: 0.0.0.0/0 150 | gatewayIdSelector: 151 | matchControllerRef: true 152 | patches: 153 | - type: PatchSet 154 | patchSetName: metadata 155 | - name: mainRouteTableAssociation 156 | base: 157 | apiVersion: ec2.aws.upbound.io/v1beta1 158 | kind: MainRouteTableAssociation 159 | spec: 160 | forProvider: 161 | region: us-east-1 162 | routeTableIdSelector: 163 | matchControllerRef: true 164 | vpcIdSelector: 165 | matchControllerRef: true 166 | patches: 167 | - type: PatchSet 168 | patchSetName: metadata 169 | - name: routeTableAssociation1a 170 | base: 171 | apiVersion: ec2.aws.upbound.io/v1beta1 172 | kind: RouteTableAssociation 173 | spec: 174 | forProvider: 175 | region: us-east-1 176 | routeTableIdSelector: 177 | matchControllerRef: true 178 | subnetIdSelector: 179 | matchControllerRef: true 180 | matchLabels: 181 | zone: us-east-1a 182 | patches: 183 | - fromFieldPath: metadata.annotations 184 | toFieldPath: metadata.annotations 185 | - fromFieldPath: spec.id 186 | toFieldPath: metadata.name 187 | transforms: 188 | - type: string 189 | string: 190 | fmt: '%s-1a' 191 | - name: routeTableAssociation1b 192 | base: 193 | apiVersion: ec2.aws.upbound.io/v1beta1 194 | kind: RouteTableAssociation 195 | spec: 196 | forProvider: 197 | region: us-east-1 198 | routeTableIdSelector: 199 | matchControllerRef: true 200 | subnetIdSelector: 201 | matchControllerRef: true 202 | matchLabels: 203 | zone: us-east-1b 204 | patches: 205 | - fromFieldPath: metadata.annotations 206 | toFieldPath: metadata.annotations 207 | - fromFieldPath: spec.id 208 | toFieldPath: metadata.name 209 | transforms: 210 | - type: string 211 | string: 212 | fmt: '%s-1b' 213 | - name: routeTableAssociation1c 214 | base: 215 | apiVersion: ec2.aws.upbound.io/v1beta1 216 | kind: RouteTableAssociation 217 | spec: 218 | forProvider: 219 | region: us-east-1 220 | routeTableIdSelector: 221 | matchControllerRef: true 222 | subnetIdSelector: 223 | matchControllerRef: true 224 | matchLabels: 225 | zone: us-east-1c 226 | patches: 227 | - fromFieldPath: metadata.annotations 228 | toFieldPath: metadata.annotations 229 | - fromFieldPath: spec.id 230 | toFieldPath: metadata.name 231 | transforms: 232 | - type: string 233 | string: 234 | fmt: '%s-1c' 235 | - name: securityGroup 236 | base: 237 | apiVersion: ec2.aws.upbound.io/v1beta1 238 | kind: SecurityGroup 239 | spec: 240 | forProvider: 241 | description: I am too lazy to write descriptions 242 | region: us-east-1 243 | vpcIdSelector: 244 | matchControllerRef: true 245 | patches: 246 | - type: PatchSet 247 | patchSetName: metadata 248 | - name: securityGroupRule 249 | base: 250 | apiVersion: ec2.aws.upbound.io/v1beta1 251 | kind: SecurityGroupRule 252 | spec: 253 | forProvider: 254 | description: I am too lazy to write descriptions 255 | region: us-east-1 256 | type: ingress 257 | fromPort: 5432 258 | toPort: 5432 259 | protocol: tcp 260 | cidrBlocks: 261 | - 0.0.0.0/0 262 | securityGroupIdSelector: 263 | matchControllerRef: true 264 | patches: 265 | - type: PatchSet 266 | patchSetName: metadata 267 | - name: rdsinstance 268 | base: 269 | apiVersion: rds.aws.upbound.io/v1beta1 270 | kind: Instance 271 | spec: 272 | forProvider: 273 | region: us-east-1 274 | dbSubnetGroupNameSelector: 275 | matchControllerRef: true 276 | vpcSecurityGroupIdSelector: 277 | matchControllerRef: true 278 | username: masteruser 279 | engine: postgres 280 | skipFinalSnapshot: true 281 | publiclyAccessible: true 282 | allocatedStorage: 200 283 | passwordSecretRef: 284 | namespace: crossplane-system 285 | key: password 286 | patches: 287 | - type: PatchSet 288 | patchSetName: metadata 289 | - fromFieldPath: spec.parameters.size 290 | toFieldPath: spec.forProvider.instanceClass 291 | transforms: 292 | - type: map 293 | map: 294 | small: db.m5.large 295 | medium: db.m5.2xlarge 296 | large: db.m5.8xlarge 297 | - fromFieldPath: spec.parameters.version 298 | toFieldPath: spec.forProvider.engineVersion 299 | - fromFieldPath: spec.id 300 | toFieldPath: spec.forProvider.passwordSecretRef.name 301 | transforms: 302 | - type: string 303 | string: 304 | fmt: "%s-password" 305 | -------------------------------------------------------------------------------- /compositions/sql-v3/azure.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: azure-postgresql 6 | labels: 7 | provider: azure 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | patchSets: 14 | - name: metadata 15 | patches: 16 | - fromFieldPath: metadata.annotations 17 | toFieldPath: metadata.annotations 18 | - fromFieldPath: spec.id 19 | toFieldPath: metadata.name 20 | resources: 21 | - name: resourcegroup 22 | base: 23 | apiVersion: azure.upbound.io/v1beta1 24 | kind: ResourceGroup 25 | spec: 26 | forProvider: 27 | location: eastus 28 | patches: 29 | - type: PatchSet 30 | patchSetName: metadata 31 | - name: server 32 | base: 33 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 34 | kind: Server 35 | spec: 36 | forProvider: 37 | location: eastus 38 | resourceGroupNameSelector: 39 | matchControllerRef: true 40 | storageMb: 5120 41 | autoGrowEnabled: true 42 | sslEnforcementEnabled: false 43 | sslMinimalTlsVersionEnforced: TLSEnforcementDisabled 44 | administratorLogin: postgres 45 | administratorLoginPasswordSecretRef: 46 | key: password 47 | namespace: crossplane-system 48 | publicNetworkAccessEnabled: true 49 | patches: 50 | - type: PatchSet 51 | patchSetName: metadata 52 | - fromFieldPath: spec.parameters.version 53 | toFieldPath: spec.forProvider.version 54 | - fromFieldPath: spec.parameters.size 55 | toFieldPath: spec.forProvider.skuName 56 | transforms: 57 | - type: map 58 | map: 59 | small: B_Gen5_1 60 | medium: GP_Gen5_2 61 | large: GP_Gen5_8 62 | - fromFieldPath: spec.id 63 | toFieldPath: spec.forProvider.administratorLoginPasswordSecretRef.name 64 | transforms: 65 | - type: string 66 | string: 67 | fmt: "%s-password" 68 | - name: firewall-rule 69 | base: 70 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 71 | kind: FirewallRule 72 | spec: 73 | forProvider: 74 | startIpAddress: 0.0.0.0 75 | endIpAddress: 255.255.255.255 76 | resourceGroupNameSelector: 77 | matchControllerRef: true 78 | serverNameSelector: 79 | matchControllerRef: true 80 | patches: 81 | - type: PatchSet 82 | patchSetName: metadata 83 | -------------------------------------------------------------------------------- /compositions/sql-v3/definition.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: CompositeResourceDefinition 4 | metadata: 5 | name: sqls.devopstoolkitseries.com 6 | spec: 7 | group: devopstoolkitseries.com 8 | names: 9 | kind: SQL 10 | plural: sqls 11 | claimNames: 12 | kind: SQLClaim 13 | plural: sqlclaims 14 | versions: 15 | - name: v1alpha1 16 | served: true 17 | referenceable: true 18 | schema: 19 | openAPIV3Schema: 20 | type: object 21 | properties: 22 | spec: 23 | type: object 24 | properties: 25 | id: 26 | type: string 27 | description: Database ID 28 | parameters: 29 | type: object 30 | properties: 31 | version: 32 | description: The DB version depends on the DB type and versions available in the selected provider. 33 | type: string 34 | size: 35 | description: "Supported sizes: small, medium, large" 36 | type: string 37 | default: small 38 | required: 39 | - version 40 | required: 41 | - parameters 42 | -------------------------------------------------------------------------------- /compositions/sql-v3/google.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: google-postgresql 6 | labels: 7 | provider: google 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | patchSets: 14 | - name: metadata 15 | patches: 16 | - fromFieldPath: metadata.annotations 17 | toFieldPath: metadata.annotations 18 | - fromFieldPath: spec.id 19 | toFieldPath: metadata.name 20 | resources: 21 | - name: sql 22 | base: 23 | apiVersion: sql.gcp.upbound.io/v1beta1 24 | kind: DatabaseInstance 25 | spec: 26 | forProvider: 27 | region: us-east1 28 | rootPasswordSecretRef: 29 | namespace: crossplane-system 30 | key: password 31 | settings: 32 | - availabilityType: REGIONAL 33 | backupConfiguration: 34 | - enabled: true 35 | binaryLogEnabled: false 36 | ipConfiguration: 37 | - ipv4Enabled: true 38 | authorizedNetworks: 39 | - name: all 40 | value: 0.0.0.0/0 41 | deletionProtection: false 42 | patches: 43 | - type: PatchSet 44 | patchSetName: metadata 45 | - fromFieldPath: spec.parameters.version 46 | toFieldPath: spec.forProvider.databaseVersion 47 | transforms: 48 | - type: string 49 | string: 50 | fmt: POSTGRES_%s 51 | - fromFieldPath: spec.parameters.size 52 | toFieldPath: spec.forProvider.settings[0].tier 53 | transforms: 54 | - type: map 55 | map: 56 | small: db-custom-1-3840 57 | medium: db-custom-16-61440 58 | large: db-custom-64-245760 59 | - fromFieldPath: spec.id 60 | toFieldPath: spec.forProvider.rootPasswordSecretRef.name 61 | transforms: 62 | - type: string 63 | string: 64 | fmt: "%s-password" 65 | - name: user 66 | base: 67 | apiVersion: sql.gcp.upbound.io/v1beta1 68 | kind: User 69 | spec: 70 | forProvider: 71 | passwordSecretRef: 72 | key: password 73 | namespace: crossplane-system 74 | instanceSelector: 75 | matchControllerRef: true 76 | patches: 77 | - type: PatchSet 78 | patchSetName: metadata 79 | - fromFieldPath: spec.id 80 | toFieldPath: spec.forProvider.passwordSecretRef.name 81 | transforms: 82 | - type: string 83 | string: 84 | fmt: "%s-password" 85 | -------------------------------------------------------------------------------- /compositions/sql-v4/azure.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: azure-postgresql 6 | labels: 7 | provider: azure 8 | db: postgresql 9 | spec: 10 | writeConnectionSecretsToNamespace: crossplane-system 11 | compositeTypeRef: 12 | apiVersion: devopstoolkitseries.com/v1alpha1 13 | kind: SQL 14 | patchSets: 15 | - name: metadata 16 | patches: 17 | - fromFieldPath: metadata.annotations 18 | toFieldPath: metadata.annotations 19 | - fromFieldPath: spec.id 20 | toFieldPath: metadata.name 21 | resources: 22 | - name: resourcegroup 23 | base: 24 | apiVersion: azure.upbound.io/v1beta1 25 | kind: ResourceGroup 26 | spec: 27 | forProvider: 28 | location: eastus 29 | patches: 30 | - type: PatchSet 31 | patchSetName: metadata 32 | - name: server 33 | base: 34 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 35 | kind: Server 36 | spec: 37 | forProvider: 38 | location: eastus 39 | resourceGroupNameSelector: 40 | matchControllerRef: true 41 | storageMb: 5120 42 | autoGrowEnabled: true 43 | sslEnforcementEnabled: false 44 | sslMinimalTlsVersionEnforced: TLSEnforcementDisabled 45 | administratorLogin: postgres 46 | administratorLoginPasswordSecretRef: 47 | key: password 48 | namespace: crossplane-system 49 | publicNetworkAccessEnabled: true 50 | writeConnectionSecretToRef: 51 | namespace: crossplane-system 52 | patches: 53 | - type: PatchSet 54 | patchSetName: metadata 55 | - fromFieldPath: spec.id 56 | toFieldPath: spec.writeConnectionSecretToRef.name 57 | - fromFieldPath: spec.parameters.version 58 | toFieldPath: spec.forProvider.version 59 | - fromFieldPath: spec.parameters.size 60 | toFieldPath: spec.forProvider.skuName 61 | transforms: 62 | - type: map 63 | map: 64 | small: B_Gen5_1 65 | medium: GP_Gen5_2 66 | large: GP_Gen5_8 67 | - fromFieldPath: spec.id 68 | toFieldPath: spec.forProvider.administratorLoginPasswordSecretRef.name 69 | transforms: 70 | - type: string 71 | string: 72 | fmt: "%s-password" 73 | - name: firewall-rule 74 | base: 75 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 76 | kind: FirewallRule 77 | spec: 78 | forProvider: 79 | startIpAddress: 0.0.0.0 80 | endIpAddress: 255.255.255.255 81 | resourceGroupNameSelector: 82 | matchControllerRef: true 83 | serverNameSelector: 84 | matchControllerRef: true 85 | patches: 86 | - type: PatchSet 87 | patchSetName: metadata 88 | -------------------------------------------------------------------------------- /compositions/sql-v4/definition.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: CompositeResourceDefinition 4 | metadata: 5 | name: sqls.devopstoolkitseries.com 6 | spec: 7 | group: devopstoolkitseries.com 8 | names: 9 | kind: SQL 10 | plural: sqls 11 | claimNames: 12 | kind: SQLClaim 13 | plural: sqlclaims 14 | versions: 15 | - name: v1alpha1 16 | served: true 17 | referenceable: true 18 | schema: 19 | openAPIV3Schema: 20 | type: object 21 | properties: 22 | spec: 23 | type: object 24 | properties: 25 | id: 26 | type: string 27 | description: Database ID 28 | parameters: 29 | type: object 30 | properties: 31 | version: 32 | description: The DB version depends on the DB type and versions available in the selected provider. 33 | type: string 34 | size: 35 | description: "Supported sizes: small, medium, large" 36 | type: string 37 | default: small 38 | required: 39 | - version 40 | required: 41 | - parameters 42 | -------------------------------------------------------------------------------- /compositions/sql-v4/google.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: google-postgresql 6 | labels: 7 | provider: google 8 | db: postgresql 9 | spec: 10 | writeConnectionSecretsToNamespace: crossplane-system 11 | compositeTypeRef: 12 | apiVersion: devopstoolkitseries.com/v1alpha1 13 | kind: SQL 14 | patchSets: 15 | - name: metadata 16 | patches: 17 | - fromFieldPath: metadata.annotations 18 | toFieldPath: metadata.annotations 19 | - fromFieldPath: spec.id 20 | toFieldPath: metadata.name 21 | resources: 22 | - name: sql 23 | base: 24 | apiVersion: sql.gcp.upbound.io/v1beta1 25 | kind: DatabaseInstance 26 | spec: 27 | forProvider: 28 | region: us-east1 29 | rootPasswordSecretRef: 30 | namespace: crossplane-system 31 | key: password 32 | settings: 33 | - availabilityType: REGIONAL 34 | backupConfiguration: 35 | - enabled: true 36 | binaryLogEnabled: false 37 | ipConfiguration: 38 | - ipv4Enabled: true 39 | authorizedNetworks: 40 | - name: all 41 | value: 0.0.0.0/0 42 | deletionProtection: false 43 | writeConnectionSecretToRef: 44 | namespace: crossplane-system 45 | patches: 46 | - type: PatchSet 47 | patchSetName: metadata 48 | - fromFieldPath: spec.parameters.version 49 | toFieldPath: spec.forProvider.databaseVersion 50 | transforms: 51 | - type: string 52 | string: 53 | fmt: POSTGRES_%s 54 | - fromFieldPath: spec.parameters.size 55 | toFieldPath: spec.forProvider.settings[0].tier 56 | transforms: 57 | - type: map 58 | map: 59 | small: db-custom-1-3840 60 | medium: db-custom-16-61440 61 | large: db-custom-64-245760 62 | - fromFieldPath: spec.id 63 | toFieldPath: spec.writeConnectionSecretToRef.name 64 | - fromFieldPath: spec.id 65 | toFieldPath: spec.forProvider.rootPasswordSecretRef.name 66 | transforms: 67 | - type: string 68 | string: 69 | fmt: "%s-password" 70 | - name: user 71 | base: 72 | apiVersion: sql.gcp.upbound.io/v1beta1 73 | kind: User 74 | spec: 75 | forProvider: 76 | passwordSecretRef: 77 | key: password 78 | namespace: crossplane-system 79 | instanceSelector: 80 | matchControllerRef: true 81 | patches: 82 | - type: PatchSet 83 | patchSetName: metadata 84 | - fromFieldPath: spec.id 85 | toFieldPath: spec.forProvider.passwordSecretRef.name 86 | transforms: 87 | - type: string 88 | string: 89 | fmt: "%s-password" 90 | -------------------------------------------------------------------------------- /compositions/sql-v5/azure.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: azure-postgresql 6 | labels: 7 | provider: azure 8 | db: postgresql 9 | spec: 10 | writeConnectionSecretsToNamespace: crossplane-system 11 | compositeTypeRef: 12 | apiVersion: devopstoolkitseries.com/v1alpha1 13 | kind: SQL 14 | patchSets: 15 | - name: metadata 16 | patches: 17 | - fromFieldPath: metadata.annotations 18 | toFieldPath: metadata.annotations 19 | - fromFieldPath: spec.id 20 | toFieldPath: metadata.name 21 | resources: 22 | - name: resourcegroup 23 | base: 24 | apiVersion: azure.upbound.io/v1beta1 25 | kind: ResourceGroup 26 | spec: 27 | forProvider: 28 | location: eastus 29 | patches: 30 | - type: PatchSet 31 | patchSetName: metadata 32 | - name: server 33 | base: 34 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 35 | kind: Server 36 | spec: 37 | forProvider: 38 | location: eastus 39 | resourceGroupNameSelector: 40 | matchControllerRef: true 41 | storageMb: 5120 42 | autoGrowEnabled: true 43 | sslEnforcementEnabled: false 44 | sslMinimalTlsVersionEnforced: TLSEnforcementDisabled 45 | administratorLogin: postgres 46 | administratorLoginPasswordSecretRef: 47 | key: password 48 | namespace: crossplane-system 49 | publicNetworkAccessEnabled: true 50 | writeConnectionSecretToRef: 51 | namespace: crossplane-system 52 | patches: 53 | - type: PatchSet 54 | patchSetName: metadata 55 | - fromFieldPath: spec.id 56 | toFieldPath: spec.writeConnectionSecretToRef.name 57 | - fromFieldPath: spec.parameters.version 58 | toFieldPath: spec.forProvider.version 59 | - fromFieldPath: spec.parameters.size 60 | toFieldPath: spec.forProvider.skuName 61 | transforms: 62 | - type: map 63 | map: 64 | small: B_Gen5_1 65 | medium: GP_Gen5_2 66 | large: GP_Gen5_8 67 | - fromFieldPath: spec.id 68 | toFieldPath: spec.forProvider.administratorLoginPasswordSecretRef.name 69 | transforms: 70 | - type: string 71 | string: 72 | fmt: "%s-password" 73 | - name: firewall-rule 74 | base: 75 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 76 | kind: FirewallRule 77 | spec: 78 | forProvider: 79 | startIpAddress: 0.0.0.0 80 | endIpAddress: 255.255.255.255 81 | resourceGroupNameSelector: 82 | matchControllerRef: true 83 | serverNameSelector: 84 | matchControllerRef: true 85 | patches: 86 | - type: PatchSet 87 | patchSetName: metadata 88 | - name: sql-config 89 | base: 90 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 91 | kind: ProviderConfig 92 | metadata: 93 | name: default 94 | spec: 95 | credentials: 96 | source: PostgreSQLConnectionSecret 97 | connectionSecretRef: 98 | namespace: crossplane-system 99 | sslMode: require 100 | patches: 101 | - type: PatchSet 102 | patchSetName: metadata 103 | - fromFieldPath: spec.id 104 | toFieldPath: spec.credentials.connectionSecretRef.name 105 | readinessChecks: 106 | - type: None 107 | - name: sql-db 108 | base: 109 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 110 | kind: Database 111 | spec: 112 | forProvider: {} 113 | patches: 114 | - type: PatchSet 115 | patchSetName: metadata 116 | - fromFieldPath: spec.id 117 | toFieldPath: spec.providerConfigRef.name 118 | -------------------------------------------------------------------------------- /compositions/sql-v5/definition.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: CompositeResourceDefinition 4 | metadata: 5 | name: sqls.devopstoolkitseries.com 6 | spec: 7 | group: devopstoolkitseries.com 8 | names: 9 | kind: SQL 10 | plural: sqls 11 | claimNames: 12 | kind: SQLClaim 13 | plural: sqlclaims 14 | versions: 15 | - name: v1alpha1 16 | served: true 17 | referenceable: true 18 | schema: 19 | openAPIV3Schema: 20 | type: object 21 | properties: 22 | spec: 23 | type: object 24 | properties: 25 | id: 26 | type: string 27 | description: Database ID 28 | parameters: 29 | type: object 30 | properties: 31 | version: 32 | description: The DB version depends on the DB type and versions available in the selected provider. 33 | type: string 34 | size: 35 | description: "Supported sizes: small, medium, large" 36 | type: string 37 | default: small 38 | required: 39 | - version 40 | required: 41 | - parameters 42 | -------------------------------------------------------------------------------- /compositions/sql-v5/google.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: google-postgresql 6 | labels: 7 | provider: google 8 | db: postgresql 9 | spec: 10 | writeConnectionSecretsToNamespace: crossplane-system 11 | compositeTypeRef: 12 | apiVersion: devopstoolkitseries.com/v1alpha1 13 | kind: SQL 14 | patchSets: 15 | - name: metadata 16 | patches: 17 | - fromFieldPath: metadata.annotations 18 | toFieldPath: metadata.annotations 19 | - fromFieldPath: spec.id 20 | toFieldPath: metadata.name 21 | resources: 22 | - name: sql 23 | base: 24 | apiVersion: sql.gcp.upbound.io/v1beta1 25 | kind: DatabaseInstance 26 | spec: 27 | forProvider: 28 | region: us-east1 29 | rootPasswordSecretRef: 30 | namespace: crossplane-system 31 | key: password 32 | settings: 33 | - availabilityType: REGIONAL 34 | backupConfiguration: 35 | - enabled: true 36 | binaryLogEnabled: false 37 | ipConfiguration: 38 | - ipv4Enabled: true 39 | authorizedNetworks: 40 | - name: all 41 | value: 0.0.0.0/0 42 | deletionProtection: false 43 | patches: 44 | - type: PatchSet 45 | patchSetName: metadata 46 | - fromFieldPath: spec.parameters.version 47 | toFieldPath: spec.forProvider.databaseVersion 48 | transforms: 49 | - type: string 50 | string: 51 | fmt: POSTGRES_%s 52 | - fromFieldPath: spec.parameters.size 53 | toFieldPath: spec.forProvider.settings[0].tier 54 | transforms: 55 | - type: map 56 | map: 57 | small: db-custom-1-3840 58 | medium: db-custom-16-61440 59 | large: db-custom-64-245760 60 | - fromFieldPath: spec.id 61 | toFieldPath: spec.forProvider.rootPasswordSecretRef.name 62 | transforms: 63 | - type: string 64 | string: 65 | fmt: "%s-password" 66 | - name: user 67 | base: 68 | apiVersion: sql.gcp.upbound.io/v1beta1 69 | kind: User 70 | spec: 71 | forProvider: 72 | passwordSecretRef: 73 | key: password 74 | namespace: crossplane-system 75 | instanceSelector: 76 | matchControllerRef: true 77 | patches: 78 | - type: PatchSet 79 | patchSetName: metadata 80 | - fromFieldPath: spec.id 81 | toFieldPath: spec.forProvider.passwordSecretRef.name 82 | transforms: 83 | - type: string 84 | string: 85 | fmt: "%s-password" 86 | - name: sql-config 87 | base: 88 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 89 | kind: ProviderConfig 90 | metadata: 91 | name: default 92 | spec: 93 | credentials: 94 | source: PostgreSQLConnectionSecret 95 | connectionSecretRef: 96 | namespace: crossplane-system 97 | sslMode: require 98 | patches: 99 | - type: PatchSet 100 | patchSetName: metadata 101 | - fromFieldPath: spec.id 102 | toFieldPath: spec.credentials.connectionSecretRef.name 103 | readinessChecks: 104 | - type: None 105 | - name: sql-db 106 | base: 107 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 108 | kind: Database 109 | spec: 110 | forProvider: {} 111 | patches: 112 | - type: PatchSet 113 | patchSetName: metadata 114 | - fromFieldPath: spec.id 115 | toFieldPath: spec.providerConfigRef.name 116 | - name: kubernetes 117 | base: 118 | apiVersion: kubernetes.crossplane.io/v1alpha1 119 | kind: ProviderConfig 120 | spec: 121 | credentials: 122 | source: InjectedIdentity 123 | patches: 124 | - fromFieldPath: metadata.annotations 125 | toFieldPath: metadata.annotations 126 | - fromFieldPath: spec.id 127 | toFieldPath: metadata.name 128 | transforms: 129 | - type: string 130 | string: 131 | fmt: "%s-sql" 132 | readinessChecks: 133 | - type: None 134 | - name: sql-secret 135 | base: 136 | apiVersion: kubernetes.crossplane.io/v1alpha1 137 | kind: Object 138 | metadata: 139 | name: sql-secret 140 | spec: 141 | forProvider: 142 | manifest: 143 | apiVersion: v1 144 | kind: Secret 145 | metadata: 146 | namespace: crossplane-system 147 | data: 148 | port: NTQzMg== 149 | references: 150 | - patchesFrom: 151 | apiVersion: sql.gcp.upbound.io/v1beta1 152 | kind: User 153 | namespace: crossplane-system 154 | fieldPath: metadata.name 155 | toFieldPath: stringData.username 156 | - patchesFrom: 157 | apiVersion: v1 158 | kind: Secret 159 | namespace: crossplane-system 160 | fieldPath: data.password 161 | toFieldPath: data.password 162 | - patchesFrom: 163 | apiVersion: sql.gcp.upbound.io/v1beta1 164 | kind: DatabaseInstance 165 | namespace: crossplane-system 166 | fieldPath: status.atProvider.publicIpAddress 167 | toFieldPath: stringData.endpoint 168 | patches: 169 | - type: PatchSet 170 | patchSetName: metadata 171 | - fromFieldPath: spec.id 172 | toFieldPath: spec.references[0].patchesFrom.name 173 | - fromFieldPath: spec.id 174 | toFieldPath: spec.references[1].patchesFrom.name 175 | transforms: 176 | - type: string 177 | string: 178 | fmt: "%s-password" 179 | - fromFieldPath: spec.id 180 | toFieldPath: spec.references[2].patchesFrom.name 181 | - fromFieldPath: spec.id 182 | toFieldPath: spec.forProvider.manifest.metadata.name 183 | - fromFieldPath: spec.id 184 | toFieldPath: spec.providerConfigRef.name 185 | transforms: 186 | - type: string 187 | string: 188 | fmt: "%s-sql" 189 | -------------------------------------------------------------------------------- /compositions/sql-v6/azure.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: azure-postgresql 6 | labels: 7 | provider: azure 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | patchSets: 14 | - name: metadata 15 | patches: 16 | - fromFieldPath: metadata.annotations 17 | toFieldPath: metadata.annotations 18 | - fromFieldPath: spec.id 19 | toFieldPath: metadata.name 20 | resources: 21 | - name: resourcegroup 22 | base: 23 | apiVersion: azure.upbound.io/v1beta1 24 | kind: ResourceGroup 25 | spec: 26 | forProvider: 27 | location: eastus 28 | patches: 29 | - type: PatchSet 30 | patchSetName: metadata 31 | - name: server 32 | base: 33 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 34 | kind: Server 35 | spec: 36 | forProvider: 37 | location: eastus 38 | resourceGroupNameSelector: 39 | matchControllerRef: true 40 | storageMb: 5120 41 | autoGrowEnabled: true 42 | sslEnforcementEnabled: false 43 | sslMinimalTlsVersionEnforced: TLSEnforcementDisabled 44 | administratorLogin: postgres 45 | administratorLoginPasswordSecretRef: 46 | key: password 47 | publicNetworkAccessEnabled: true 48 | patches: 49 | - type: PatchSet 50 | patchSetName: metadata 51 | - fromFieldPath: spec.id 52 | toFieldPath: spec.writeConnectionSecretToRef.name 53 | - fromFieldPath: spec.claimRef.namespace 54 | toFieldPath: spec.writeConnectionSecretToRef.namespace 55 | - fromFieldPath: spec.parameters.version 56 | toFieldPath: spec.forProvider.version 57 | - fromFieldPath: spec.parameters.size 58 | toFieldPath: spec.forProvider.skuName 59 | transforms: 60 | - type: map 61 | map: 62 | small: B_Gen5_1 63 | medium: GP_Gen5_2 64 | large: GP_Gen5_8 65 | - fromFieldPath: spec.id 66 | toFieldPath: spec.forProvider.administratorLoginPasswordSecretRef.name 67 | transforms: 68 | - type: string 69 | string: 70 | fmt: "%s-password" 71 | - fromFieldPath: spec.claimRef.namespace 72 | toFieldPath: spec.forProvider.administratorLoginPasswordSecretRef.namespace 73 | - name: firewall-rule 74 | base: 75 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 76 | kind: FirewallRule 77 | spec: 78 | forProvider: 79 | startIpAddress: 0.0.0.0 80 | endIpAddress: 255.255.255.255 81 | resourceGroupNameSelector: 82 | matchControllerRef: true 83 | serverNameSelector: 84 | matchControllerRef: true 85 | patches: 86 | - type: PatchSet 87 | patchSetName: metadata 88 | - name: sql-config 89 | base: 90 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 91 | kind: ProviderConfig 92 | metadata: 93 | name: default 94 | spec: 95 | credentials: 96 | source: PostgreSQLConnectionSecret 97 | sslMode: require 98 | patches: 99 | - type: PatchSet 100 | patchSetName: metadata 101 | - fromFieldPath: spec.id 102 | toFieldPath: spec.credentials.connectionSecretRef.name 103 | - fromFieldPath: spec.claimRef.namespace 104 | toFieldPath: spec.credentials.connectionSecretRef.namespace 105 | readinessChecks: 106 | - type: None 107 | - name: sql-db 108 | base: 109 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 110 | kind: Database 111 | spec: 112 | forProvider: {} 113 | patches: 114 | - type: PatchSet 115 | patchSetName: metadata 116 | - fromFieldPath: spec.id 117 | toFieldPath: spec.providerConfigRef.name 118 | -------------------------------------------------------------------------------- /compositions/sql-v6/definition.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: CompositeResourceDefinition 4 | metadata: 5 | name: sqls.devopstoolkitseries.com 6 | spec: 7 | group: devopstoolkitseries.com 8 | names: 9 | kind: SQL 10 | plural: sqls 11 | claimNames: 12 | kind: SQLClaim 13 | plural: sqlclaims 14 | versions: 15 | - name: v1alpha1 16 | served: true 17 | referenceable: true 18 | schema: 19 | openAPIV3Schema: 20 | type: object 21 | properties: 22 | spec: 23 | type: object 24 | properties: 25 | id: 26 | type: string 27 | description: Database ID 28 | parameters: 29 | type: object 30 | properties: 31 | version: 32 | description: The DB version depends on the DB type and versions available in the selected provider. 33 | type: string 34 | size: 35 | description: "Supported sizes: small, medium, large" 36 | type: string 37 | default: small 38 | required: 39 | - version 40 | required: 41 | - parameters 42 | -------------------------------------------------------------------------------- /compositions/sql-v6/google.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: google-postgresql 6 | labels: 7 | provider: google 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | patchSets: 14 | - name: metadata 15 | patches: 16 | - fromFieldPath: metadata.annotations 17 | toFieldPath: metadata.annotations 18 | - fromFieldPath: spec.id 19 | toFieldPath: metadata.name 20 | resources: 21 | - name: sql 22 | base: 23 | apiVersion: sql.gcp.upbound.io/v1beta1 24 | kind: DatabaseInstance 25 | spec: 26 | forProvider: 27 | region: us-east1 28 | rootPasswordSecretRef: 29 | key: password 30 | settings: 31 | - availabilityType: REGIONAL 32 | backupConfiguration: 33 | - enabled: true 34 | binaryLogEnabled: false 35 | ipConfiguration: 36 | - ipv4Enabled: true 37 | authorizedNetworks: 38 | - name: all 39 | value: 0.0.0.0/0 40 | deletionProtection: false 41 | patches: 42 | - type: PatchSet 43 | patchSetName: metadata 44 | - fromFieldPath: spec.parameters.version 45 | toFieldPath: spec.forProvider.databaseVersion 46 | transforms: 47 | - type: string 48 | string: 49 | fmt: POSTGRES_%s 50 | - fromFieldPath: spec.parameters.size 51 | toFieldPath: spec.forProvider.settings[0].tier 52 | transforms: 53 | - type: map 54 | map: 55 | small: db-custom-1-3840 56 | medium: db-custom-16-61440 57 | large: db-custom-64-245760 58 | - fromFieldPath: spec.id 59 | toFieldPath: spec.forProvider.rootPasswordSecretRef.name 60 | transforms: 61 | - type: string 62 | string: 63 | fmt: "%s-password" 64 | - fromFieldPath: spec.claimRef.namespace 65 | toFieldPath: spec.forProvider.rootPasswordSecretRef.namespace 66 | - name: user 67 | base: 68 | apiVersion: sql.gcp.upbound.io/v1beta1 69 | kind: User 70 | spec: 71 | forProvider: 72 | passwordSecretRef: 73 | key: password 74 | instanceSelector: 75 | matchControllerRef: true 76 | patches: 77 | - type: PatchSet 78 | patchSetName: metadata 79 | - fromFieldPath: spec.id 80 | toFieldPath: spec.forProvider.passwordSecretRef.name 81 | transforms: 82 | - type: string 83 | string: 84 | fmt: "%s-password" 85 | - fromFieldPath: spec.claimRef.namespace 86 | toFieldPath: spec.forProvider.passwordSecretRef.namespace 87 | - name: sql-config 88 | base: 89 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 90 | kind: ProviderConfig 91 | metadata: 92 | name: default 93 | spec: 94 | credentials: 95 | source: PostgreSQLConnectionSecret 96 | connectionSecretRef: 97 | namespace: crossplane-system 98 | sslMode: require 99 | patches: 100 | - type: PatchSet 101 | patchSetName: metadata 102 | - fromFieldPath: spec.id 103 | toFieldPath: spec.credentials.connectionSecretRef.name 104 | - fromFieldPath: spec.claimRef.namespace 105 | toFieldPath: spec.credentials.connectionSecretRef.namespace 106 | readinessChecks: 107 | - type: None 108 | - name: sql-db 109 | base: 110 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 111 | kind: Database 112 | spec: 113 | forProvider: {} 114 | patches: 115 | - type: PatchSet 116 | patchSetName: metadata 117 | - fromFieldPath: spec.id 118 | toFieldPath: spec.providerConfigRef.name 119 | - name: kubernetes 120 | base: 121 | apiVersion: kubernetes.crossplane.io/v1alpha1 122 | kind: ProviderConfig 123 | spec: 124 | credentials: 125 | source: InjectedIdentity 126 | patches: 127 | - fromFieldPath: metadata.annotations 128 | toFieldPath: metadata.annotations 129 | - fromFieldPath: spec.id 130 | toFieldPath: metadata.name 131 | transforms: 132 | - type: string 133 | string: 134 | fmt: "%s-sql" 135 | readinessChecks: 136 | - type: None 137 | - name: sql-secret 138 | base: 139 | apiVersion: kubernetes.crossplane.io/v1alpha1 140 | kind: Object 141 | metadata: 142 | name: sql-secret 143 | spec: 144 | forProvider: 145 | manifest: 146 | apiVersion: v1 147 | kind: Secret 148 | metadata: 149 | namespace: crossplane-system 150 | data: 151 | port: NTQzMg== 152 | references: 153 | - patchesFrom: 154 | apiVersion: sql.gcp.upbound.io/v1beta1 155 | kind: User 156 | namespace: crossplane-system 157 | fieldPath: metadata.name 158 | toFieldPath: stringData.username 159 | - patchesFrom: 160 | apiVersion: v1 161 | kind: Secret 162 | fieldPath: data.password 163 | toFieldPath: data.password 164 | - patchesFrom: 165 | apiVersion: sql.gcp.upbound.io/v1beta1 166 | kind: DatabaseInstance 167 | namespace: crossplane-system 168 | fieldPath: status.atProvider.publicIpAddress 169 | toFieldPath: stringData.endpoint 170 | patches: 171 | - type: PatchSet 172 | patchSetName: metadata 173 | - fromFieldPath: spec.id 174 | toFieldPath: spec.references[0].patchesFrom.name 175 | - fromFieldPath: spec.id 176 | toFieldPath: spec.references[1].patchesFrom.name 177 | transforms: 178 | - type: string 179 | string: 180 | fmt: "%s-password" 181 | - fromFieldPath: spec.claimRef.namespace 182 | toFieldPath: spec.references[1].patchesFrom.namespace 183 | - fromFieldPath: spec.id 184 | toFieldPath: spec.references[2].patchesFrom.name 185 | - fromFieldPath: spec.id 186 | toFieldPath: spec.forProvider.manifest.metadata.name 187 | - fromFieldPath: spec.id 188 | toFieldPath: spec.providerConfigRef.name 189 | transforms: 190 | - type: string 191 | string: 192 | fmt: "%s-sql" 193 | - fromFieldPath: spec.claimRef.namespace 194 | toFieldPath: spec.forProvider.manifest.metadata.namespace 195 | -------------------------------------------------------------------------------- /compositions/sql-v7/.gitignore: -------------------------------------------------------------------------------- 1 | /dot-sql*.xpkg 2 | -------------------------------------------------------------------------------- /compositions/sql-v7/azure.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: azure-postgresql 6 | labels: 7 | provider: azure 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | patchSets: 14 | - name: metadata 15 | patches: 16 | - fromFieldPath: metadata.annotations 17 | toFieldPath: metadata.annotations 18 | - fromFieldPath: spec.id 19 | toFieldPath: metadata.name 20 | resources: 21 | - name: resourcegroup 22 | base: 23 | apiVersion: azure.upbound.io/v1beta1 24 | kind: ResourceGroup 25 | spec: 26 | forProvider: 27 | location: eastus 28 | patches: 29 | - type: PatchSet 30 | patchSetName: metadata 31 | - name: server 32 | base: 33 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 34 | kind: Server 35 | spec: 36 | forProvider: 37 | location: eastus 38 | resourceGroupNameSelector: 39 | matchControllerRef: true 40 | storageMb: 5120 41 | autoGrowEnabled: true 42 | sslEnforcementEnabled: false 43 | sslMinimalTlsVersionEnforced: TLSEnforcementDisabled 44 | administratorLogin: postgres 45 | administratorLoginPasswordSecretRef: 46 | key: password 47 | publicNetworkAccessEnabled: true 48 | patches: 49 | - type: PatchSet 50 | patchSetName: metadata 51 | - fromFieldPath: spec.id 52 | toFieldPath: spec.writeConnectionSecretToRef.name 53 | - fromFieldPath: spec.claimRef.namespace 54 | toFieldPath: spec.writeConnectionSecretToRef.namespace 55 | - fromFieldPath: spec.parameters.version 56 | toFieldPath: spec.forProvider.version 57 | - fromFieldPath: spec.parameters.size 58 | toFieldPath: spec.forProvider.skuName 59 | transforms: 60 | - type: map 61 | map: 62 | small: B_Gen5_1 63 | medium: GP_Gen5_2 64 | large: GP_Gen5_8 65 | - fromFieldPath: spec.id 66 | toFieldPath: spec.forProvider.administratorLoginPasswordSecretRef.name 67 | transforms: 68 | - type: string 69 | string: 70 | fmt: "%s-password" 71 | - fromFieldPath: spec.claimRef.namespace 72 | toFieldPath: spec.forProvider.administratorLoginPasswordSecretRef.namespace 73 | - name: firewall-rule 74 | base: 75 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 76 | kind: FirewallRule 77 | spec: 78 | forProvider: 79 | startIpAddress: 0.0.0.0 80 | endIpAddress: 255.255.255.255 81 | resourceGroupNameSelector: 82 | matchControllerRef: true 83 | serverNameSelector: 84 | matchControllerRef: true 85 | patches: 86 | - type: PatchSet 87 | patchSetName: metadata 88 | - name: sql-config 89 | base: 90 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 91 | kind: ProviderConfig 92 | metadata: 93 | name: default 94 | spec: 95 | credentials: 96 | source: PostgreSQLConnectionSecret 97 | sslMode: require 98 | patches: 99 | - type: PatchSet 100 | patchSetName: metadata 101 | - fromFieldPath: spec.id 102 | toFieldPath: spec.credentials.connectionSecretRef.name 103 | - fromFieldPath: spec.claimRef.namespace 104 | toFieldPath: spec.credentials.connectionSecretRef.namespace 105 | readinessChecks: 106 | - type: None 107 | - name: sql-db 108 | base: 109 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 110 | kind: Database 111 | spec: 112 | forProvider: {} 113 | patches: 114 | - type: PatchSet 115 | patchSetName: metadata 116 | - fromFieldPath: spec.id 117 | toFieldPath: spec.providerConfigRef.name 118 | -------------------------------------------------------------------------------- /compositions/sql-v7/crossplane.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: meta.pkg.crossplane.io/v1 2 | kind: Configuration 3 | metadata: 4 | name: dot-sql 5 | annotations: 6 | meta.crossplane.io/maintainer: Viktor Farcic (@vfarcic) 7 | meta.crossplane.io/source: github.com/vfarcic/crossplane-tutorial 8 | meta.crossplane.io/license: MIT 9 | meta.crossplane.io/description: Fully operational PostgreSQL databases in AWS, Google Cloud Platform, and Azure. 10 | meta.crossplane.io/readme: A Configuration package that defines a SQL and SQLClaim types that can be used to create and provision fully operational databases in AWS, Google Cloud Platform, and Azure. 11 | spec: 12 | crossplane: 13 | version: ">=v1.14.0" 14 | dependsOn: 15 | - provider: xpkg.upbound.io/upbound/provider-aws-ec2 16 | version: ">=v1.0.0" 17 | - provider: xpkg.upbound.io/upbound/provider-aws-rds 18 | version: ">=v1.0.0" 19 | - provider: xpkg.upbound.io/upbound/provider-azure-dbforpostgresql 20 | version: ">=v0.33.0" 21 | - provider: xpkg.upbound.io/upbound/provider-gcp-sql 22 | version: ">=v0.33.0" 23 | - provider: xpkg.upbound.io/crossplane-contrib/provider-sql 24 | version: ">=v0.9.0" 25 | # - provider: xpkg.upbound.io/crossplane-contrib/provider-kubernetes 26 | # version: ">=v0.10.0" 27 | -------------------------------------------------------------------------------- /compositions/sql-v7/definition.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: CompositeResourceDefinition 4 | metadata: 5 | name: sqls.devopstoolkitseries.com 6 | spec: 7 | group: devopstoolkitseries.com 8 | names: 9 | kind: SQL 10 | plural: sqls 11 | claimNames: 12 | kind: SQLClaim 13 | plural: sqlclaims 14 | versions: 15 | - name: v1alpha1 16 | served: true 17 | referenceable: true 18 | schema: 19 | openAPIV3Schema: 20 | type: object 21 | properties: 22 | spec: 23 | type: object 24 | properties: 25 | id: 26 | type: string 27 | description: Database ID 28 | parameters: 29 | type: object 30 | properties: 31 | version: 32 | description: The DB version depends on the DB type and versions available in the selected provider. 33 | type: string 34 | size: 35 | description: "Supported sizes: small, medium, large" 36 | type: string 37 | default: small 38 | required: 39 | - version 40 | required: 41 | - parameters 42 | -------------------------------------------------------------------------------- /compositions/sql-v7/google.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: google-postgresql 6 | labels: 7 | provider: google 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | patchSets: 14 | - name: metadata 15 | patches: 16 | - fromFieldPath: metadata.annotations 17 | toFieldPath: metadata.annotations 18 | - fromFieldPath: spec.id 19 | toFieldPath: metadata.name 20 | resources: 21 | - name: sql 22 | base: 23 | apiVersion: sql.gcp.upbound.io/v1beta1 24 | kind: DatabaseInstance 25 | spec: 26 | forProvider: 27 | region: us-east1 28 | rootPasswordSecretRef: 29 | key: password 30 | settings: 31 | - availabilityType: REGIONAL 32 | backupConfiguration: 33 | - enabled: true 34 | binaryLogEnabled: false 35 | ipConfiguration: 36 | - ipv4Enabled: true 37 | authorizedNetworks: 38 | - name: all 39 | value: 0.0.0.0/0 40 | deletionProtection: false 41 | patches: 42 | - type: PatchSet 43 | patchSetName: metadata 44 | - fromFieldPath: spec.parameters.version 45 | toFieldPath: spec.forProvider.databaseVersion 46 | transforms: 47 | - type: string 48 | string: 49 | fmt: POSTGRES_%s 50 | - fromFieldPath: spec.parameters.size 51 | toFieldPath: spec.forProvider.settings[0].tier 52 | transforms: 53 | - type: map 54 | map: 55 | small: db-custom-1-3840 56 | medium: db-custom-16-61440 57 | large: db-custom-64-245760 58 | - fromFieldPath: spec.id 59 | toFieldPath: spec.forProvider.rootPasswordSecretRef.name 60 | transforms: 61 | - type: string 62 | string: 63 | fmt: "%s-password" 64 | - fromFieldPath: spec.claimRef.namespace 65 | toFieldPath: spec.forProvider.rootPasswordSecretRef.namespace 66 | - name: user 67 | base: 68 | apiVersion: sql.gcp.upbound.io/v1beta1 69 | kind: User 70 | spec: 71 | forProvider: 72 | passwordSecretRef: 73 | key: password 74 | instanceSelector: 75 | matchControllerRef: true 76 | patches: 77 | - type: PatchSet 78 | patchSetName: metadata 79 | - fromFieldPath: spec.id 80 | toFieldPath: spec.forProvider.passwordSecretRef.name 81 | transforms: 82 | - type: string 83 | string: 84 | fmt: "%s-password" 85 | - fromFieldPath: spec.claimRef.namespace 86 | toFieldPath: spec.forProvider.passwordSecretRef.namespace 87 | - name: sql-config 88 | base: 89 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 90 | kind: ProviderConfig 91 | metadata: 92 | name: default 93 | spec: 94 | credentials: 95 | source: PostgreSQLConnectionSecret 96 | connectionSecretRef: 97 | namespace: crossplane-system 98 | sslMode: require 99 | patches: 100 | - type: PatchSet 101 | patchSetName: metadata 102 | - fromFieldPath: spec.id 103 | toFieldPath: spec.credentials.connectionSecretRef.name 104 | - fromFieldPath: spec.claimRef.namespace 105 | toFieldPath: spec.credentials.connectionSecretRef.namespace 106 | readinessChecks: 107 | - type: None 108 | - name: sql-db 109 | base: 110 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 111 | kind: Database 112 | spec: 113 | forProvider: {} 114 | patches: 115 | - type: PatchSet 116 | patchSetName: metadata 117 | - fromFieldPath: spec.id 118 | toFieldPath: spec.providerConfigRef.name 119 | - name: kubernetes 120 | base: 121 | apiVersion: kubernetes.crossplane.io/v1alpha1 122 | kind: ProviderConfig 123 | spec: 124 | credentials: 125 | source: InjectedIdentity 126 | patches: 127 | - fromFieldPath: metadata.annotations 128 | toFieldPath: metadata.annotations 129 | - fromFieldPath: spec.id 130 | toFieldPath: metadata.name 131 | transforms: 132 | - type: string 133 | string: 134 | fmt: "%s-sql" 135 | readinessChecks: 136 | - type: None 137 | - name: sql-secret 138 | base: 139 | apiVersion: kubernetes.crossplane.io/v1alpha1 140 | kind: Object 141 | metadata: 142 | name: sql-secret 143 | spec: 144 | forProvider: 145 | manifest: 146 | apiVersion: v1 147 | kind: Secret 148 | metadata: 149 | namespace: crossplane-system 150 | data: 151 | port: NTQzMg== 152 | references: 153 | - patchesFrom: 154 | apiVersion: sql.gcp.upbound.io/v1beta1 155 | kind: User 156 | namespace: crossplane-system 157 | fieldPath: metadata.name 158 | toFieldPath: stringData.username 159 | - patchesFrom: 160 | apiVersion: v1 161 | kind: Secret 162 | fieldPath: data.password 163 | toFieldPath: data.password 164 | - patchesFrom: 165 | apiVersion: sql.gcp.upbound.io/v1beta1 166 | kind: DatabaseInstance 167 | namespace: crossplane-system 168 | fieldPath: status.atProvider.publicIpAddress 169 | toFieldPath: stringData.endpoint 170 | patches: 171 | - type: PatchSet 172 | patchSetName: metadata 173 | - fromFieldPath: spec.id 174 | toFieldPath: spec.references[0].patchesFrom.name 175 | - fromFieldPath: spec.id 176 | toFieldPath: spec.references[1].patchesFrom.name 177 | transforms: 178 | - type: string 179 | string: 180 | fmt: "%s-password" 181 | - fromFieldPath: spec.claimRef.namespace 182 | toFieldPath: spec.references[1].patchesFrom.namespace 183 | - fromFieldPath: spec.id 184 | toFieldPath: spec.references[2].patchesFrom.name 185 | - fromFieldPath: spec.id 186 | toFieldPath: spec.forProvider.manifest.metadata.name 187 | - fromFieldPath: spec.id 188 | toFieldPath: spec.providerConfigRef.name 189 | transforms: 190 | - type: string 191 | string: 192 | fmt: "%s-sql" 193 | - fromFieldPath: spec.claimRef.namespace 194 | toFieldPath: spec.forProvider.manifest.metadata.namespace 195 | -------------------------------------------------------------------------------- /compositions/sql-v8/.gitignore: -------------------------------------------------------------------------------- 1 | /dot-sql*.xpkg 2 | -------------------------------------------------------------------------------- /compositions/sql-v8/azure.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: azure-postgresql 6 | labels: 7 | provider: azure 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | mode: Pipeline 14 | pipeline: 15 | - functionRef: 16 | name: crossplane-contrib-function-patch-and-transform 17 | step: patch-and-transform 18 | input: 19 | apiVersion: pt.fn.crossplane.io/v1beta1 20 | kind: Resources 21 | patchSets: 22 | - name: metadata 23 | patches: 24 | - fromFieldPath: metadata.annotations 25 | toFieldPath: metadata.annotations 26 | - fromFieldPath: spec.id 27 | toFieldPath: metadata.name 28 | resources: 29 | - name: resourcegroup 30 | base: 31 | apiVersion: azure.upbound.io/v1beta1 32 | kind: ResourceGroup 33 | spec: 34 | forProvider: 35 | location: eastus 36 | patches: 37 | - type: PatchSet 38 | patchSetName: metadata 39 | - name: server 40 | base: 41 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 42 | kind: Server 43 | spec: 44 | forProvider: 45 | location: eastus 46 | resourceGroupNameSelector: 47 | matchControllerRef: true 48 | storageMb: 5120 49 | autoGrowEnabled: true 50 | sslEnforcementEnabled: false 51 | sslMinimalTlsVersionEnforced: TLSEnforcementDisabled 52 | administratorLogin: postgres 53 | administratorLoginPasswordSecretRef: 54 | key: password 55 | publicNetworkAccessEnabled: true 56 | patches: 57 | - type: PatchSet 58 | patchSetName: metadata 59 | - fromFieldPath: spec.id 60 | toFieldPath: spec.writeConnectionSecretToRef.name 61 | - fromFieldPath: spec.claimRef.namespace 62 | toFieldPath: spec.writeConnectionSecretToRef.namespace 63 | - fromFieldPath: spec.parameters.version 64 | toFieldPath: spec.forProvider.version 65 | - fromFieldPath: spec.parameters.size 66 | toFieldPath: spec.forProvider.skuName 67 | transforms: 68 | - type: map 69 | map: 70 | small: B_Gen5_1 71 | medium: GP_Gen5_2 72 | large: GP_Gen5_8 73 | - fromFieldPath: spec.id 74 | toFieldPath: spec.forProvider.administratorLoginPasswordSecretRef.name 75 | transforms: 76 | - type: string 77 | string: 78 | fmt: "%s-password" 79 | type: Format 80 | - fromFieldPath: spec.claimRef.namespace 81 | toFieldPath: spec.forProvider.administratorLoginPasswordSecretRef.namespace 82 | - name: firewall-rule 83 | base: 84 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 85 | kind: FirewallRule 86 | spec: 87 | forProvider: 88 | startIpAddress: 0.0.0.0 89 | endIpAddress: 255.255.255.255 90 | resourceGroupNameSelector: 91 | matchControllerRef: true 92 | serverNameSelector: 93 | matchControllerRef: true 94 | patches: 95 | - type: PatchSet 96 | patchSetName: metadata 97 | - name: sql-config 98 | base: 99 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 100 | kind: ProviderConfig 101 | metadata: 102 | name: default 103 | spec: 104 | credentials: 105 | source: PostgreSQLConnectionSecret 106 | sslMode: require 107 | patches: 108 | - type: PatchSet 109 | patchSetName: metadata 110 | - fromFieldPath: spec.id 111 | toFieldPath: spec.credentials.connectionSecretRef.name 112 | - fromFieldPath: spec.claimRef.namespace 113 | toFieldPath: spec.credentials.connectionSecretRef.namespace 114 | readinessChecks: 115 | - type: None 116 | - name: sql-db 117 | base: 118 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 119 | kind: Database 120 | spec: 121 | forProvider: {} 122 | patches: 123 | - type: PatchSet 124 | patchSetName: metadata 125 | - fromFieldPath: spec.id 126 | toFieldPath: spec.providerConfigRef.name 127 | -------------------------------------------------------------------------------- /compositions/sql-v8/crossplane.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: meta.pkg.crossplane.io/v1 2 | kind: Configuration 3 | metadata: 4 | name: dot-sql 5 | annotations: 6 | meta.crossplane.io/maintainer: Viktor Farcic (@vfarcic) 7 | meta.crossplane.io/source: github.com/vfarcic/crossplane-tutorial 8 | meta.crossplane.io/license: MIT 9 | meta.crossplane.io/description: Fully operational PostgreSQL databases in AWS, Google Cloud Platform, and Azure. 10 | meta.crossplane.io/readme: A Configuration package that defines a SQL and SQLClaim types that can be used to create and provision fully operational databases in AWS, Google Cloud Platform, and Azure. 11 | spec: 12 | crossplane: 13 | version: ">=v1.14.0" 14 | dependsOn: 15 | - provider: xpkg.upbound.io/upbound/provider-aws-ec2 16 | version: ">=v1.0.0" 17 | - provider: xpkg.upbound.io/upbound/provider-aws-rds 18 | version: ">=v1.0.0" 19 | - provider: xpkg.upbound.io/upbound/provider-azure-dbforpostgresql 20 | version: ">=v0.33.0" 21 | - provider: xpkg.upbound.io/upbound/provider-gcp-sql 22 | version: ">=v0.33.0" 23 | - provider: xpkg.upbound.io/crossplane-contrib/provider-sql 24 | version: ">=v0.9.0" 25 | # - provider: xpkg.upbound.io/crossplane-contrib/provider-kubernetes 26 | # version: ">=v0.10.0" 27 | -------------------------------------------------------------------------------- /compositions/sql-v8/definition.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: CompositeResourceDefinition 4 | metadata: 5 | name: sqls.devopstoolkitseries.com 6 | spec: 7 | group: devopstoolkitseries.com 8 | names: 9 | kind: SQL 10 | plural: sqls 11 | claimNames: 12 | kind: SQLClaim 13 | plural: sqlclaims 14 | versions: 15 | - name: v1alpha1 16 | served: true 17 | referenceable: true 18 | schema: 19 | openAPIV3Schema: 20 | type: object 21 | properties: 22 | spec: 23 | type: object 24 | properties: 25 | id: 26 | type: string 27 | description: Database ID 28 | parameters: 29 | type: object 30 | properties: 31 | version: 32 | description: The DB version depends on the DB type and versions available in the selected provider. 33 | type: string 34 | size: 35 | description: "Supported sizes: small, medium, large" 36 | type: string 37 | default: small 38 | databases: 39 | description: The list of databases to create inside the DB server. 40 | type: array 41 | items: 42 | type: string 43 | required: 44 | - version 45 | required: 46 | - parameters 47 | -------------------------------------------------------------------------------- /compositions/sql-v8/google.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: google-postgresql 6 | labels: 7 | provider: google 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | mode: Pipeline 14 | pipeline: 15 | - functionRef: 16 | name: crossplane-contrib-function-patch-and-transform 17 | step: patch-and-transform 18 | input: 19 | apiVersion: pt.fn.crossplane.io/v1beta1 20 | kind: Resources 21 | patchSets: 22 | - name: metadata 23 | patches: 24 | - fromFieldPath: metadata.annotations 25 | toFieldPath: metadata.annotations 26 | - fromFieldPath: spec.id 27 | toFieldPath: metadata.name 28 | resources: 29 | - name: sql 30 | base: 31 | apiVersion: sql.gcp.upbound.io/v1beta1 32 | kind: DatabaseInstance 33 | spec: 34 | forProvider: 35 | region: us-east1 36 | rootPasswordSecretRef: 37 | key: password 38 | settings: 39 | - availabilityType: REGIONAL 40 | backupConfiguration: 41 | - enabled: true 42 | binaryLogEnabled: false 43 | ipConfiguration: 44 | - ipv4Enabled: true 45 | authorizedNetworks: 46 | - name: all 47 | value: 0.0.0.0/0 48 | deletionProtection: false 49 | patches: 50 | - type: PatchSet 51 | patchSetName: metadata 52 | - fromFieldPath: spec.parameters.version 53 | toFieldPath: spec.forProvider.databaseVersion 54 | transforms: 55 | - type: string 56 | string: 57 | fmt: POSTGRES_%s 58 | type: Format 59 | - fromFieldPath: spec.parameters.size 60 | toFieldPath: spec.forProvider.settings[0].tier 61 | transforms: 62 | - type: map 63 | map: 64 | small: db-custom-1-3840 65 | medium: db-custom-16-61440 66 | large: db-custom-64-245760 67 | - fromFieldPath: spec.id 68 | toFieldPath: spec.forProvider.rootPasswordSecretRef.name 69 | transforms: 70 | - type: string 71 | string: 72 | fmt: "%s-password" 73 | type: Format 74 | - fromFieldPath: spec.claimRef.namespace 75 | toFieldPath: spec.forProvider.rootPasswordSecretRef.namespace 76 | - name: user 77 | base: 78 | apiVersion: sql.gcp.upbound.io/v1beta1 79 | kind: User 80 | spec: 81 | forProvider: 82 | passwordSecretRef: 83 | key: password 84 | instanceSelector: 85 | matchControllerRef: true 86 | patches: 87 | - type: PatchSet 88 | patchSetName: metadata 89 | - fromFieldPath: spec.id 90 | toFieldPath: spec.forProvider.passwordSecretRef.name 91 | transforms: 92 | - type: string 93 | string: 94 | fmt: "%s-password" 95 | type: Format 96 | - fromFieldPath: spec.claimRef.namespace 97 | toFieldPath: spec.forProvider.passwordSecretRef.namespace 98 | - name: sql-config 99 | base: 100 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 101 | kind: ProviderConfig 102 | metadata: 103 | name: default 104 | spec: 105 | credentials: 106 | source: PostgreSQLConnectionSecret 107 | connectionSecretRef: 108 | namespace: crossplane-system 109 | sslMode: require 110 | patches: 111 | - type: PatchSet 112 | patchSetName: metadata 113 | - fromFieldPath: spec.id 114 | toFieldPath: spec.credentials.connectionSecretRef.name 115 | - fromFieldPath: spec.claimRef.namespace 116 | toFieldPath: spec.credentials.connectionSecretRef.namespace 117 | readinessChecks: 118 | - type: None 119 | - name: sql-db 120 | base: 121 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 122 | kind: Database 123 | spec: 124 | forProvider: {} 125 | patches: 126 | - type: PatchSet 127 | patchSetName: metadata 128 | - fromFieldPath: spec.id 129 | toFieldPath: spec.providerConfigRef.name 130 | - name: kubernetes 131 | base: 132 | apiVersion: kubernetes.crossplane.io/v1alpha1 133 | kind: ProviderConfig 134 | spec: 135 | credentials: 136 | source: InjectedIdentity 137 | patches: 138 | - fromFieldPath: metadata.annotations 139 | toFieldPath: metadata.annotations 140 | - fromFieldPath: spec.id 141 | toFieldPath: metadata.name 142 | transforms: 143 | - type: string 144 | string: 145 | fmt: "%s-sql" 146 | type: Format 147 | readinessChecks: 148 | - type: None 149 | - name: sql-secret 150 | base: 151 | apiVersion: kubernetes.crossplane.io/v1alpha1 152 | kind: Object 153 | metadata: 154 | name: sql-secret 155 | spec: 156 | forProvider: 157 | manifest: 158 | apiVersion: v1 159 | kind: Secret 160 | metadata: 161 | namespace: crossplane-system 162 | data: 163 | port: NTQzMg== 164 | references: 165 | - patchesFrom: 166 | apiVersion: sql.gcp.upbound.io/v1beta1 167 | kind: User 168 | namespace: crossplane-system 169 | fieldPath: metadata.name 170 | toFieldPath: stringData.username 171 | - patchesFrom: 172 | apiVersion: v1 173 | kind: Secret 174 | fieldPath: data.password 175 | toFieldPath: data.password 176 | - patchesFrom: 177 | apiVersion: sql.gcp.upbound.io/v1beta1 178 | kind: DatabaseInstance 179 | namespace: crossplane-system 180 | fieldPath: status.atProvider.publicIpAddress 181 | toFieldPath: stringData.endpoint 182 | patches: 183 | - type: PatchSet 184 | patchSetName: metadata 185 | - fromFieldPath: spec.id 186 | toFieldPath: spec.references[0].patchesFrom.name 187 | - fromFieldPath: spec.id 188 | toFieldPath: spec.references[1].patchesFrom.name 189 | transforms: 190 | - type: string 191 | string: 192 | fmt: "%s-password" 193 | type: Format 194 | - fromFieldPath: spec.claimRef.namespace 195 | toFieldPath: spec.references[1].patchesFrom.namespace 196 | - fromFieldPath: spec.id 197 | toFieldPath: spec.references[2].patchesFrom.name 198 | - fromFieldPath: spec.id 199 | toFieldPath: spec.forProvider.manifest.metadata.name 200 | - fromFieldPath: spec.id 201 | toFieldPath: spec.providerConfigRef.name 202 | transforms: 203 | - type: string 204 | string: 205 | fmt: "%s-sql" 206 | type: Format 207 | - fromFieldPath: spec.claimRef.namespace 208 | toFieldPath: spec.forProvider.manifest.metadata.namespace 209 | -------------------------------------------------------------------------------- /compositions/sql-v9/.gitignore: -------------------------------------------------------------------------------- 1 | /dot-sql*.xpkg 2 | -------------------------------------------------------------------------------- /compositions/sql-v9/azure.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: azure-postgresql 6 | labels: 7 | provider: azure 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | mode: Pipeline 14 | pipeline: 15 | - functionRef: 16 | name: crossplane-contrib-function-patch-and-transform 17 | step: patch-and-transform 18 | input: 19 | apiVersion: pt.fn.crossplane.io/v1beta1 20 | kind: Resources 21 | patchSets: 22 | - name: metadata 23 | patches: 24 | - fromFieldPath: metadata.annotations 25 | toFieldPath: metadata.annotations 26 | - fromFieldPath: spec.id 27 | toFieldPath: metadata.name 28 | resources: 29 | - name: resourcegroup 30 | base: 31 | apiVersion: azure.upbound.io/v1beta1 32 | kind: ResourceGroup 33 | spec: 34 | forProvider: 35 | location: eastus 36 | patches: 37 | - type: PatchSet 38 | patchSetName: metadata 39 | - name: server 40 | base: 41 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 42 | kind: Server 43 | spec: 44 | forProvider: 45 | location: eastus 46 | resourceGroupNameSelector: 47 | matchControllerRef: true 48 | storageMb: 5120 49 | autoGrowEnabled: true 50 | sslEnforcementEnabled: false 51 | sslMinimalTlsVersionEnforced: TLSEnforcementDisabled 52 | administratorLogin: postgres 53 | administratorLoginPasswordSecretRef: 54 | key: password 55 | publicNetworkAccessEnabled: true 56 | patches: 57 | - type: PatchSet 58 | patchSetName: metadata 59 | - fromFieldPath: spec.id 60 | toFieldPath: spec.writeConnectionSecretToRef.name 61 | - fromFieldPath: spec.claimRef.namespace 62 | toFieldPath: spec.writeConnectionSecretToRef.namespace 63 | - fromFieldPath: spec.parameters.version 64 | toFieldPath: spec.forProvider.version 65 | - fromFieldPath: spec.parameters.size 66 | toFieldPath: spec.forProvider.skuName 67 | transforms: 68 | - type: map 69 | map: 70 | small: B_Gen5_1 71 | medium: GP_Gen5_2 72 | large: GP_Gen5_8 73 | - fromFieldPath: spec.id 74 | toFieldPath: spec.forProvider.administratorLoginPasswordSecretRef.name 75 | transforms: 76 | - type: string 77 | string: 78 | fmt: "%s-password" 79 | type: Format 80 | - fromFieldPath: spec.claimRef.namespace 81 | toFieldPath: spec.forProvider.administratorLoginPasswordSecretRef.namespace 82 | - name: firewall-rule 83 | base: 84 | apiVersion: dbforpostgresql.azure.upbound.io/v1beta1 85 | kind: FirewallRule 86 | spec: 87 | forProvider: 88 | startIpAddress: 0.0.0.0 89 | endIpAddress: 255.255.255.255 90 | resourceGroupNameSelector: 91 | matchControllerRef: true 92 | serverNameSelector: 93 | matchControllerRef: true 94 | patches: 95 | - type: PatchSet 96 | patchSetName: metadata 97 | - name: sql-config 98 | base: 99 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 100 | kind: ProviderConfig 101 | metadata: 102 | name: default 103 | spec: 104 | credentials: 105 | source: PostgreSQLConnectionSecret 106 | sslMode: require 107 | patches: 108 | - type: PatchSet 109 | patchSetName: metadata 110 | - fromFieldPath: spec.id 111 | toFieldPath: spec.credentials.connectionSecretRef.name 112 | - fromFieldPath: spec.claimRef.namespace 113 | toFieldPath: spec.credentials.connectionSecretRef.namespace 114 | readinessChecks: 115 | - type: None 116 | - functionRef: 117 | name: upbound-function-go-templating 118 | step: sql-db 119 | input: 120 | apiVersion: gotemplating.fn.crossplane.io/v1beta1 121 | kind: GoTemplate 122 | source: Inline 123 | inline: 124 | template: | 125 | {{ range .observed.composite.resource.spec.parameters.databases }} 126 | --- 127 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 128 | kind: Database 129 | metadata: 130 | name: {{ $.observed.composite.resource.spec.id }}-{{ . }} 131 | annotations: 132 | crossplane.io/external-name: {{ . }} 133 | gotemplating.fn.crossplane.io/composition-resource-name: {{ $.observed.composite.resource.spec.id }}-{{ . }} 134 | spec: 135 | providerConfigRef: 136 | name: {{ $.observed.composite.resource.spec.id }} 137 | forProvider: {} 138 | {{ end }} 139 | -------------------------------------------------------------------------------- /compositions/sql-v9/crossplane.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: meta.pkg.crossplane.io/v1 2 | kind: Configuration 3 | metadata: 4 | name: dot-sql 5 | annotations: 6 | meta.crossplane.io/maintainer: Viktor Farcic (@vfarcic) 7 | meta.crossplane.io/source: github.com/vfarcic/crossplane-tutorial 8 | meta.crossplane.io/license: MIT 9 | meta.crossplane.io/description: Fully operational PostgreSQL databases in AWS, Google Cloud Platform, and Azure. 10 | meta.crossplane.io/readme: A Configuration package that defines a SQL and SQLClaim types that can be used to create and provision fully operational databases in AWS, Google Cloud Platform, and Azure. 11 | spec: 12 | crossplane: 13 | version: ">=v1.14.0" 14 | dependsOn: 15 | - provider: xpkg.upbound.io/upbound/provider-aws-ec2 16 | version: ">=v1.0.0" 17 | - provider: xpkg.upbound.io/upbound/provider-aws-rds 18 | version: ">=v1.0.0" 19 | - provider: xpkg.upbound.io/upbound/provider-azure-dbforpostgresql 20 | version: ">=v0.33.0" 21 | - provider: xpkg.upbound.io/upbound/provider-gcp-sql 22 | version: ">=v0.33.0" 23 | - provider: xpkg.upbound.io/crossplane-contrib/provider-sql 24 | version: ">=v0.9.0" 25 | # - provider: xpkg.upbound.io/crossplane-contrib/provider-kubernetes 26 | # version: ">=v0.10.0" 27 | -------------------------------------------------------------------------------- /compositions/sql-v9/definition.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: CompositeResourceDefinition 4 | metadata: 5 | name: sqls.devopstoolkitseries.com 6 | spec: 7 | group: devopstoolkitseries.com 8 | names: 9 | kind: SQL 10 | plural: sqls 11 | claimNames: 12 | kind: SQLClaim 13 | plural: sqlclaims 14 | versions: 15 | - name: v1alpha1 16 | served: true 17 | referenceable: true 18 | schema: 19 | openAPIV3Schema: 20 | type: object 21 | properties: 22 | spec: 23 | type: object 24 | properties: 25 | id: 26 | type: string 27 | description: Database ID 28 | parameters: 29 | type: object 30 | properties: 31 | version: 32 | description: The DB version depends on the DB type and versions available in the selected provider. 33 | type: string 34 | size: 35 | description: "Supported sizes: small, medium, large" 36 | type: string 37 | default: small 38 | databases: 39 | description: The list of databases to create inside the DB server. 40 | type: array 41 | items: 42 | type: string 43 | required: 44 | - version 45 | required: 46 | - parameters 47 | -------------------------------------------------------------------------------- /compositions/sql-v9/google.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.crossplane.io/v1 3 | kind: Composition 4 | metadata: 5 | name: google-postgresql 6 | labels: 7 | provider: google 8 | db: postgresql 9 | spec: 10 | compositeTypeRef: 11 | apiVersion: devopstoolkitseries.com/v1alpha1 12 | kind: SQL 13 | mode: Pipeline 14 | pipeline: 15 | - functionRef: 16 | name: crossplane-contrib-function-patch-and-transform 17 | step: patch-and-transform 18 | input: 19 | apiVersion: pt.fn.crossplane.io/v1beta1 20 | kind: Resources 21 | patchSets: 22 | - name: metadata 23 | patches: 24 | - fromFieldPath: metadata.annotations 25 | toFieldPath: metadata.annotations 26 | - fromFieldPath: spec.id 27 | toFieldPath: metadata.name 28 | resources: 29 | - name: sql 30 | base: 31 | apiVersion: sql.gcp.upbound.io/v1beta1 32 | kind: DatabaseInstance 33 | spec: 34 | forProvider: 35 | region: us-east1 36 | rootPasswordSecretRef: 37 | key: password 38 | settings: 39 | - availabilityType: REGIONAL 40 | backupConfiguration: 41 | - enabled: true 42 | binaryLogEnabled: false 43 | ipConfiguration: 44 | - ipv4Enabled: true 45 | authorizedNetworks: 46 | - name: all 47 | value: 0.0.0.0/0 48 | deletionProtection: false 49 | patches: 50 | - type: PatchSet 51 | patchSetName: metadata 52 | - fromFieldPath: spec.parameters.version 53 | toFieldPath: spec.forProvider.databaseVersion 54 | transforms: 55 | - type: string 56 | string: 57 | fmt: POSTGRES_%s 58 | type: Format 59 | - fromFieldPath: spec.parameters.size 60 | toFieldPath: spec.forProvider.settings[0].tier 61 | transforms: 62 | - type: map 63 | map: 64 | small: db-custom-1-3840 65 | medium: db-custom-16-61440 66 | large: db-custom-64-245760 67 | - fromFieldPath: spec.id 68 | toFieldPath: spec.forProvider.rootPasswordSecretRef.name 69 | transforms: 70 | - type: string 71 | string: 72 | fmt: "%s-password" 73 | type: Format 74 | - fromFieldPath: spec.claimRef.namespace 75 | toFieldPath: spec.forProvider.rootPasswordSecretRef.namespace 76 | - name: user 77 | base: 78 | apiVersion: sql.gcp.upbound.io/v1beta1 79 | kind: User 80 | spec: 81 | forProvider: 82 | passwordSecretRef: 83 | key: password 84 | instanceSelector: 85 | matchControllerRef: true 86 | patches: 87 | - type: PatchSet 88 | patchSetName: metadata 89 | - fromFieldPath: spec.id 90 | toFieldPath: spec.forProvider.passwordSecretRef.name 91 | transforms: 92 | - type: string 93 | string: 94 | fmt: "%s-password" 95 | type: Format 96 | - fromFieldPath: spec.claimRef.namespace 97 | toFieldPath: spec.forProvider.passwordSecretRef.namespace 98 | - name: sql-config 99 | base: 100 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 101 | kind: ProviderConfig 102 | metadata: 103 | name: default 104 | spec: 105 | credentials: 106 | source: PostgreSQLConnectionSecret 107 | connectionSecretRef: 108 | namespace: crossplane-system 109 | sslMode: require 110 | patches: 111 | - type: PatchSet 112 | patchSetName: metadata 113 | - fromFieldPath: spec.id 114 | toFieldPath: spec.credentials.connectionSecretRef.name 115 | - fromFieldPath: spec.claimRef.namespace 116 | toFieldPath: spec.credentials.connectionSecretRef.namespace 117 | readinessChecks: 118 | - type: None 119 | - name: kubernetes 120 | base: 121 | apiVersion: kubernetes.crossplane.io/v1alpha1 122 | kind: ProviderConfig 123 | spec: 124 | credentials: 125 | source: InjectedIdentity 126 | patches: 127 | - fromFieldPath: metadata.annotations 128 | toFieldPath: metadata.annotations 129 | - fromFieldPath: spec.id 130 | toFieldPath: metadata.name 131 | transforms: 132 | - type: string 133 | string: 134 | fmt: "%s-sql" 135 | type: Format 136 | readinessChecks: 137 | - type: None 138 | - name: sql-secret 139 | base: 140 | apiVersion: kubernetes.crossplane.io/v1alpha1 141 | kind: Object 142 | metadata: 143 | name: sql-secret 144 | spec: 145 | forProvider: 146 | manifest: 147 | apiVersion: v1 148 | kind: Secret 149 | metadata: 150 | namespace: crossplane-system 151 | data: 152 | port: NTQzMg== 153 | references: 154 | - patchesFrom: 155 | apiVersion: sql.gcp.upbound.io/v1beta1 156 | kind: User 157 | namespace: crossplane-system 158 | fieldPath: metadata.name 159 | toFieldPath: stringData.username 160 | - patchesFrom: 161 | apiVersion: v1 162 | kind: Secret 163 | fieldPath: data.password 164 | toFieldPath: data.password 165 | - patchesFrom: 166 | apiVersion: sql.gcp.upbound.io/v1beta1 167 | kind: DatabaseInstance 168 | namespace: crossplane-system 169 | fieldPath: status.atProvider.publicIpAddress 170 | toFieldPath: stringData.endpoint 171 | patches: 172 | - type: PatchSet 173 | patchSetName: metadata 174 | - fromFieldPath: spec.id 175 | toFieldPath: spec.references[0].patchesFrom.name 176 | - fromFieldPath: spec.id 177 | toFieldPath: spec.references[1].patchesFrom.name 178 | transforms: 179 | - type: string 180 | string: 181 | fmt: "%s-password" 182 | type: Format 183 | - fromFieldPath: spec.claimRef.namespace 184 | toFieldPath: spec.references[1].patchesFrom.namespace 185 | - fromFieldPath: spec.id 186 | toFieldPath: spec.references[2].patchesFrom.name 187 | - fromFieldPath: spec.id 188 | toFieldPath: spec.forProvider.manifest.metadata.name 189 | - fromFieldPath: spec.id 190 | toFieldPath: spec.providerConfigRef.name 191 | transforms: 192 | - type: string 193 | string: 194 | fmt: "%s-sql" 195 | type: Format 196 | - fromFieldPath: spec.claimRef.namespace 197 | toFieldPath: spec.forProvider.manifest.metadata.namespace 198 | - functionRef: 199 | name: upbound-function-go-templating 200 | step: sql-db 201 | input: 202 | apiVersion: gotemplating.fn.crossplane.io/v1beta1 203 | kind: GoTemplate 204 | source: Inline 205 | inline: 206 | template: | 207 | {{ range .observed.composite.resource.spec.parameters.databases }} 208 | --- 209 | apiVersion: postgresql.sql.crossplane.io/v1alpha1 210 | kind: Database 211 | metadata: 212 | name: {{ $.observed.composite.resource.spec.id }}-{{ . }} 213 | annotations: 214 | crossplane.io/external-name: {{ . }} 215 | gotemplating.fn.crossplane.io/composition-resource-name: {{ $.observed.composite.resource.spec.id }}-{{ . }} 216 | spec: 217 | providerConfigRef: 218 | name: {{ $.observed.composite.resource.spec.id }} 219 | forProvider: {} 220 | {{ end }} 221 | -------------------------------------------------------------------------------- /destroy/00-intro.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | gum style \ 5 | --foreground 212 --border-foreground 212 --border double \ 6 | --margin "1 2" --padding "2 4" \ 7 | 'Destruction of the Introduction chapter' 8 | 9 | gum confirm ' 10 | Are you ready to start? 11 | Select "Yes" only if you did NOT follow the story from the start (if you jumped straight into this chapter). 12 | Feel free to say "No" and inspect the script if you prefer setting up resources manually. 13 | ' || exit 0 14 | 15 | echo " 16 | ## You will need following tools installed: 17 | |Name |Required |More info | 18 | |----------------|---------------------|---------------------------------------------------| 19 | |Linux Shell |Yes |Use WSL if you are running Windows | 20 | |Docker |Yes |'https://docs.docker.com/engine/install' | 21 | |kind CLI |Yes |'https://kind.sigs.k8s.io/docs/user/quick-start/#installation'| 22 | |AWS account with admin permissions|If using AWS|'https://aws.amazon.com' | 23 | |AWS CLI |If using AWS |'https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html'| 24 | |Google Cloud account with admin permissions|If using Google Cloud|'https://cloud.google.com'| 25 | |Google Cloud CLI|If using Google Cloud|'https://cloud.google.com/sdk/docs/install' | 26 | |Azure account with admin permissions|If using Azure|'https://azure.microsoft.com' | 27 | |az CLI |If using Azure |'https://learn.microsoft.com/cli/azure/install-azure-cli'| 28 | 29 | If you are running this script from **Nix shell**, most of the requirements are already set with the exception of **Docker** and the **hyperscaler account**. 30 | " | gum format 31 | 32 | gum confirm " 33 | Do you have those tools installed? 34 | " || exit 0 35 | 36 | ############## 37 | # Crossplane # 38 | ############## 39 | 40 | rm -f a-team/intro.yaml 41 | 42 | git add . 43 | 44 | git commit -m "Remove intro" 45 | 46 | git push 47 | 48 | COUNTER=$(kubectl get managed --no-headers | grep -v database \ 49 | | grep -v object | grep -v release | wc -l) 50 | 51 | while [ $COUNTER -ne 0 ]; do 52 | echo "$COUNTER resources still exist. Waiting for them to be deleted..." 53 | sleep 30 54 | COUNTER=$(kubectl get managed --no-headers \ 55 | | grep -v database | grep -v object | grep -v release \ 56 | | wc -l) 57 | done 58 | 59 | if [[ "$HYPERSCALER" == "google" ]]; then 60 | 61 | gcloud projects delete $PROJECT_ID --quiet 62 | 63 | fi 64 | 65 | ######################### 66 | # Control Plane Cluster # 67 | ######################### 68 | 69 | kind delete cluster 70 | 71 | ################## 72 | # Commit Changes # 73 | ################## 74 | 75 | git add . 76 | 77 | git commit -m "Chapter end" 78 | 79 | git push 80 | -------------------------------------------------------------------------------- /destroy/01-managed-resources.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | gum style \ 5 | --foreground 212 --border-foreground 212 --border double \ 6 | --margin "1 2" --padding "2 4" \ 7 | 'Destruction of the Managed Resources chapter' 8 | 9 | gum confirm ' 10 | Are you ready to start? 11 | Select "Yes" only if you did NOT follow the story from the start (if you jumped straight into this chapter). 12 | Feel free to say "No" and inspect the script if you prefer setting up resources manually. 13 | ' || exit 0 14 | 15 | echo " 16 | ## You will need following tools installed: 17 | |Name |Required |More info | 18 | |----------------|---------------------|---------------------------------------------------| 19 | |Linux Shell |Yes |Use WSL if you are running Windows | 20 | |Docker |Yes |'https://docs.docker.com/engine/install' | 21 | |kind CLI |Yes |'https://kind.sigs.k8s.io/docs/user/quick-start/#installation'| 22 | |AWS account with admin permissions|If using AWS|'https://aws.amazon.com' | 23 | |AWS CLI |If using AWS |'https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html'| 24 | |Google Cloud account with admin permissions|If using Google Cloud|'https://cloud.google.com'| 25 | |Google Cloud CLI|If using Google Cloud|'https://cloud.google.com/sdk/docs/install' | 26 | |Azure account with admin permissions|If using Azure|'https://azure.microsoft.com' | 27 | |az CLI |If using Azure |'https://learn.microsoft.com/cli/azure/install-azure-cli'| 28 | 29 | If you are running this script from **Nix shell**, most of the requirements are already set with the exception of **Docker** and the **hyperscaler account**. 30 | " | gum format 31 | 32 | gum confirm " 33 | Do you have those tools installed? 34 | " || exit 0 35 | 36 | ############### 37 | # Hyperscaler # 38 | ############### 39 | 40 | if [[ "$HYPERSCALER" == "google" ]]; then 41 | 42 | gcloud projects delete $PROJECT_ID --quiet 43 | 44 | fi 45 | 46 | ######################### 47 | # Control Plane Cluster # 48 | ######################### 49 | 50 | kind delete cluster 51 | 52 | ################## 53 | # Commit Changes # 54 | ################## 55 | 56 | git add . 57 | 58 | git commit -m "Chapter end" 59 | 60 | git push 61 | -------------------------------------------------------------------------------- /destroy/02-compositions.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | gum style \ 5 | --foreground 212 --border-foreground 212 --border double \ 6 | --margin "1 2" --padding "2 4" \ 7 | 'Destruction of the Compositions chapter' 8 | 9 | gum confirm ' 10 | Are you ready to start? 11 | Select "Yes" only if you did NOT follow the story from the start (if you jumped straight into this chapter). 12 | Feel free to say "No" and inspect the script if you prefer setting up resources manually. 13 | ' || exit 0 14 | 15 | echo " 16 | ## You will need following tools installed: 17 | |Name |Required |More info | 18 | |----------------|---------------------|---------------------------------------------------| 19 | |Linux Shell |Yes |Use WSL if you are running Windows | 20 | |Docker |Yes |'https://docs.docker.com/engine/install' | 21 | |kind CLI |Yes |'https://kind.sigs.k8s.io/docs/user/quick-start/#installation'| 22 | |AWS account with admin permissions|If using AWS|'https://aws.amazon.com' | 23 | |AWS CLI |If using AWS |'https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html'| 24 | |Google Cloud account with admin permissions|If using Google Cloud|'https://cloud.google.com'| 25 | |Google Cloud CLI|If using Google Cloud|'https://cloud.google.com/sdk/docs/install' | 26 | |Azure account with admin permissions|If using Azure|'https://azure.microsoft.com' | 27 | |az CLI |If using Azure |'https://learn.microsoft.com/cli/azure/install-azure-cli'| 28 | 29 | If you are running this script from **Nix shell**, most of the requirements are already set with the exception of **Docker** and the **hyperscaler account**. 30 | " | gum format 31 | 32 | gum confirm " 33 | Do you have those tools installed? 34 | " || exit 0 35 | 36 | ############## 37 | # Crossplane # 38 | ############## 39 | 40 | if [[ "$HYPERSCALER" == "google" ]]; then 41 | 42 | gcloud projects delete $PROJECT_ID --quiet 43 | 44 | else 45 | 46 | kubectl --namespace a-team delete \ 47 | --filename examples/$HYPERSCALER-sql-v6.yaml 48 | 49 | COUNTER=$(kubectl get managed --no-headers | grep -v database \ 50 | | wc -l) 51 | 52 | while [ $COUNTER -ne 0 ]; do 53 | echo "$COUNTER resources still exist. Waiting for them to be deleted..." 54 | sleep 30 55 | COUNTER=$(kubectl get managed --no-headers \ 56 | | grep -v database | wc -l) 57 | done 58 | 59 | fi 60 | 61 | ######################### 62 | # Control Plane Cluster # 63 | ######################### 64 | 65 | kind delete cluster 66 | 67 | ################## 68 | # Commit Changes # 69 | ################## 70 | 71 | git add . 72 | 73 | git commit -m "Chapter end" 74 | 75 | git push 76 | -------------------------------------------------------------------------------- /destroy/03-configurations.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | gum style \ 5 | --foreground 212 --border-foreground 212 --border double \ 6 | --margin "1 2" --padding "2 4" \ 7 | 'Destruction of the Compositions chapter' 8 | 9 | gum confirm ' 10 | Are you ready to start? 11 | Select "Yes" only if you did NOT follow the story from the start (if you jumped straight into this chapter). 12 | Feel free to say "No" and inspect the script if you prefer setting up resources manually. 13 | ' || exit 0 14 | 15 | echo " 16 | ## You will need following tools installed: 17 | |Name |Required |More info | 18 | |----------------|---------------------|---------------------------------------------------| 19 | |Linux Shell |Yes |Use WSL if you are running Windows | 20 | |Docker |Yes |'https://docs.docker.com/engine/install' | 21 | |kind CLI |Yes |'https://kind.sigs.k8s.io/docs/user/quick-start/#installation'| 22 | |Google Cloud CLI|If using Google Cloud|'https://cloud.google.com/sdk/docs/install' | 23 | 24 | If you are running this script from **Nix shell**, most of the requirements are already set with the exception of **Docker** and the **hyperscaler account**. 25 | " | gum format 26 | 27 | gum confirm " 28 | Do you have those tools installed? 29 | " || exit 0 30 | 31 | ############## 32 | # Crossplane # 33 | ############## 34 | 35 | if [[ "$HYPERSCALER" == "google" ]]; then 36 | 37 | gcloud projects delete $PROJECT_ID --quiet 38 | 39 | else 40 | 41 | kubectl --namespace a-team delete \ 42 | --filename examples/$HYPERSCALER-sql-v6.yaml 43 | 44 | COUNTER=$(kubectl get managed --no-headers | grep -v database \ 45 | | wc -l) 46 | 47 | while [ $COUNTER -ne 0 ]; do 48 | echo "$COUNTER resources still exist. Waiting for them to be deleted..." 49 | sleep 30 50 | COUNTER=$(kubectl get managed --no-headers \ 51 | | grep -v database | wc -l) 52 | done 53 | 54 | fi 55 | 56 | ######################### 57 | # Control Plane Cluster # 58 | ######################### 59 | 60 | kind delete cluster 61 | 62 | ################## 63 | # Commit Changes # 64 | ################## 65 | 66 | git add . 67 | 68 | git commit -m "Chapter end" 69 | 70 | git push 71 | -------------------------------------------------------------------------------- /destroy/04-functions.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | gum style \ 5 | --foreground 212 --border-foreground 212 --border double \ 6 | --margin "1 2" --padding "2 4" \ 7 | 'Destruction of the Compositions chapter' 8 | 9 | gum confirm ' 10 | Are you ready to start? 11 | Select "Yes" only if you did NOT follow the story from the start (if you jumped straight into this chapter). 12 | Feel free to say "No" and inspect the script if you prefer setting up resources manually. 13 | ' || exit 0 14 | 15 | echo " 16 | ## You will need following tools installed: 17 | |Name |Required |More info | 18 | |----------------|---------------------|---------------------------------------------------| 19 | |Linux Shell |Yes |Use WSL if you are running Windows | 20 | |Docker |Yes |'https://docs.docker.com/engine/install' | 21 | |kind CLI |Yes |'https://kind.sigs.k8s.io/docs/user/quick-start/#installation'| 22 | |Google Cloud CLI|If using Google Cloud|'https://cloud.google.com/sdk/docs/install' | 23 | 24 | If you are running this script from **Nix shell**, most of the requirements are already set with the exception of **Docker** and the **hyperscaler account**. 25 | " | gum format 26 | 27 | gum confirm " 28 | Do you have those tools installed? 29 | " || exit 0 30 | 31 | ############## 32 | # Crossplane # 33 | ############## 34 | 35 | if [[ "$HYPERSCALER" == "google" ]]; then 36 | 37 | gcloud projects delete $PROJECT_ID --quiet 38 | 39 | else 40 | 41 | kubectl --namespace a-team delete \ 42 | --filename examples/$HYPERSCALER-sql-v10.yaml 43 | 44 | COUNTER=$(kubectl get managed --no-headers | grep -v database \ 45 | | wc -l) 46 | 47 | while [ $COUNTER -ne 0 ]; do 48 | echo "$COUNTER resources still exist. Waiting for them to be deleted..." 49 | sleep 30 50 | COUNTER=$(kubectl get managed --no-headers \ 51 | | grep -v database | wc -l) 52 | done 53 | 54 | fi 55 | 56 | ######################### 57 | # Control Plane Cluster # 58 | ######################### 59 | 60 | kind delete cluster 61 | 62 | ################## 63 | # Commit Changes # 64 | ################## 65 | 66 | git add . 67 | 68 | git commit -m "Chapter end" 69 | 70 | git push 71 | -------------------------------------------------------------------------------- /devbox.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://raw.githubusercontent.com/jetify-com/devbox/0.10.5/.schema/devbox.schema.json", 3 | "packages": [ 4 | "bat@0.24.0", 5 | "kind@0.22.0", 6 | "kubernetes-helm@3.14.3", 7 | "kubectl@1.29.3", 8 | "gum@0.13.0", 9 | "awscli2@2.15.15", 10 | "path:gcloud#google-cloud-sdk", 11 | "yq-go@4.43.1", 12 | "crossplane-cli@1.15.1", 13 | "azure-cli@2.60.0", 14 | "viddy@0.4.0", 15 | "teller@2.0.7" 16 | ], 17 | "shell": { 18 | "init_hook": [ 19 | "alias cat='bat --paging never --theme DarkNeon --style plain'" 20 | ], 21 | "scripts": {} 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /examples/aws-intro.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: devopstoolkitseries.com/v1alpha1 3 | kind: ClusterClaim 4 | metadata: 5 | name: cluster-01 6 | spec: 7 | id: cluster-01 8 | compositionSelector: 9 | matchLabels: 10 | provider: aws 11 | cluster: eks 12 | parameters: 13 | nodeSize: small 14 | minNodeCount: 3 15 | --- 16 | apiVersion: v1 17 | kind: Secret 18 | metadata: 19 | name: silly-demo-db-password 20 | data: 21 | password: cG9zdGdyZXM= 22 | --- 23 | apiVersion: devopstoolkitseries.com/v1alpha1 24 | kind: SQLClaim 25 | metadata: 26 | name: silly-demo-db 27 | spec: 28 | id: silly-demo-db 29 | compositionSelector: 30 | matchLabels: 31 | provider: aws 32 | db: postgresql 33 | parameters: 34 | version: "13" 35 | size: small 36 | databases: 37 | - silly-demo-db 38 | --- 39 | apiVersion: devopstoolkitseries.com/v1alpha1 40 | kind: AppClaim 41 | metadata: 42 | name: silly-demo 43 | spec: 44 | id: silly-demo 45 | compositionSelector: 46 | matchLabels: 47 | type: backend-db 48 | location: remote 49 | parameters: 50 | namespace: production 51 | image: c8n.io/vfarcic/silly-demo:1.4.52 52 | port: 8080 53 | host: silly-demo.acme.com 54 | dbSecret: 55 | name: silly-demo-db 56 | namespace: a-team 57 | kubernetesProviderConfigName: cluster-01 58 | -------------------------------------------------------------------------------- /examples/aws-sql-v1.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-password 6 | namespace: crossplane-system 7 | data: 8 | password: cG9zdGdyZXM= 9 | --- 10 | apiVersion: devopstoolkitseries.com/v1alpha1 11 | kind: SQL 12 | metadata: 13 | name: my-db 14 | spec: 15 | compositionSelector: 16 | matchLabels: 17 | provider: aws 18 | db: postgresql 19 | -------------------------------------------------------------------------------- /examples/aws-sql-v10.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-password 6 | data: 7 | password: cG9zdGdyZXM= 8 | --- 9 | apiVersion: devopstoolkitseries.com/v1alpha1 10 | kind: SQLClaim 11 | metadata: 12 | name: my-db 13 | annotations: 14 | organization: DevOps Toolkit 15 | author: Viktor Farcic 16 | spec: 17 | id: my-db 18 | compositionSelector: 19 | matchLabels: 20 | provider: aws 21 | db: postgresql 22 | parameters: 23 | version: "13" 24 | size: small 25 | databases: 26 | - db-01 27 | - db-02 28 | schemas: 29 | - database: db-01 30 | sql: | 31 | create table videos ( 32 | id varchar(50) not null, 33 | description text, 34 | primary key (id) 35 | ); 36 | create table comments ( 37 | id serial, 38 | video_id varchar(50) not null, 39 | description text not null, 40 | primary key (id), 41 | CONSTRAINT fk_videos FOREIGN KEY(video_id) REFERENCES videos(id) 42 | ); 43 | -------------------------------------------------------------------------------- /examples/aws-sql-v3.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-password 6 | namespace: crossplane-system 7 | data: 8 | password: cG9zdGdyZXM= 9 | --- 10 | apiVersion: devopstoolkitseries.com/v1alpha1 11 | kind: SQL 12 | metadata: 13 | name: my-db 14 | annotations: 15 | organization: DevOps Toolkit 16 | author: Viktor Farcic 17 | spec: 18 | id: my-db 19 | compositionSelector: 20 | matchLabels: 21 | provider: aws 22 | db: postgresql 23 | parameters: 24 | version: "13" 25 | size: small 26 | -------------------------------------------------------------------------------- /examples/aws-sql-v6.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-password 6 | data: 7 | password: cG9zdGdyZXM= 8 | --- 9 | apiVersion: devopstoolkitseries.com/v1alpha1 10 | kind: SQLClaim 11 | metadata: 12 | name: my-db 13 | annotations: 14 | organization: DevOps Toolkit 15 | author: Viktor Farcic 16 | spec: 17 | id: my-db 18 | compositionSelector: 19 | matchLabels: 20 | provider: aws 21 | db: postgresql 22 | parameters: 23 | version: "13" 24 | size: small 25 | -------------------------------------------------------------------------------- /examples/aws-sql-v7.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-password 6 | data: 7 | password: cG9zdGdyZXM= 8 | --- 9 | apiVersion: devopstoolkitseries.com/v1alpha1 10 | kind: SQLClaim 11 | metadata: 12 | name: my-db 13 | annotations: 14 | organization: DevOps Toolkit 15 | author: Viktor Farcic 16 | spec: 17 | id: my-db 18 | compositionSelector: 19 | matchLabels: 20 | provider: aws 21 | db: postgresql 22 | parameters: 23 | version: "13" 24 | size: small 25 | -------------------------------------------------------------------------------- /examples/aws-sql-v9.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-password 6 | data: 7 | password: cG9zdGdyZXM= 8 | --- 9 | apiVersion: devopstoolkitseries.com/v1alpha1 10 | kind: SQLClaim 11 | metadata: 12 | name: my-db 13 | annotations: 14 | organization: DevOps Toolkit 15 | author: Viktor Farcic 16 | spec: 17 | id: my-db 18 | compositionSelector: 19 | matchLabels: 20 | provider: aws 21 | db: postgresql 22 | parameters: 23 | version: "13" 24 | size: small 25 | databases: 26 | - db-01 27 | - db-02 28 | -------------------------------------------------------------------------------- /examples/aws-vm-bigger.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: ec2.aws.upbound.io/v1beta1 3 | kind: Instance 4 | metadata: 5 | name: my-vm 6 | spec: 7 | forProvider: 8 | ami: ami-052efd3df9dad4825 9 | region: us-east-1 10 | instanceType: t2.micro 11 | subnetIdRef: 12 | name: my-vm 13 | tags: 14 | Name: my-vm 15 | --- 16 | apiVersion: ec2.aws.upbound.io/v1beta1 17 | kind: InstanceState 18 | metadata: 19 | name: my-vm 20 | spec: 21 | forProvider: 22 | region: us-east-1 23 | instanceIdRef: 24 | name: my-vm 25 | state: running 26 | --- 27 | apiVersion: ec2.aws.upbound.io/v1beta1 28 | kind: VPC 29 | metadata: 30 | name: my-vm 31 | spec: 32 | forProvider: 33 | region: us-east-1 34 | cidrBlock: 10.0.0.0/16 35 | enableDnsSupport: true 36 | --- 37 | apiVersion: ec2.aws.upbound.io/v1beta1 38 | kind: Subnet 39 | metadata: 40 | name: my-vm 41 | spec: 42 | forProvider: 43 | region: us-east-1 44 | availabilityZone: us-east-1a 45 | cidrBlock: 10.0.0.0/24 46 | vpcIdRef: 47 | name: my-vm 48 | mapPublicIpOnLaunch: true 49 | -------------------------------------------------------------------------------- /examples/aws-vm.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: ec2.aws.upbound.io/v1beta1 3 | kind: Instance 4 | metadata: 5 | name: my-vm 6 | spec: 7 | forProvider: 8 | ami: ami-052efd3df9dad4825 9 | region: us-east-1 10 | instanceType: t2.nano 11 | subnetIdRef: 12 | name: my-vm 13 | tags: 14 | Name: my-vm 15 | --- 16 | apiVersion: ec2.aws.upbound.io/v1beta1 17 | kind: InstanceState 18 | metadata: 19 | name: my-vm 20 | spec: 21 | forProvider: 22 | region: us-east-1 23 | instanceIdRef: 24 | name: my-vm 25 | state: running 26 | --- 27 | apiVersion: ec2.aws.upbound.io/v1beta1 28 | kind: VPC 29 | metadata: 30 | name: my-vm 31 | spec: 32 | forProvider: 33 | region: us-east-1 34 | cidrBlock: 10.0.0.0/16 35 | enableDnsSupport: true 36 | --- 37 | apiVersion: ec2.aws.upbound.io/v1beta1 38 | kind: Subnet 39 | metadata: 40 | name: my-vm 41 | spec: 42 | forProvider: 43 | region: us-east-1 44 | availabilityZone: us-east-1a 45 | cidrBlock: 10.0.0.0/24 46 | vpcIdRef: 47 | name: my-vm 48 | mapPublicIpOnLaunch: true 49 | -------------------------------------------------------------------------------- /examples/aws-vpc-external-name.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: ec2.aws.upbound.io/v1beta1 3 | kind: VPC 4 | metadata: 5 | name: my-vpc 6 | annotations: 7 | crossplane.io/external-name: vpc-0ed16d160e9a9d6ac 8 | spec: 9 | forProvider: 10 | region: us-east-1 11 | cidrBlock: 10.0.0.0/16 12 | -------------------------------------------------------------------------------- /examples/aws-vpc.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: ec2.aws.upbound.io/v1beta1 3 | kind: VPC 4 | metadata: 5 | name: my-vpc 6 | spec: 7 | forProvider: 8 | region: us-east-1 9 | cidrBlock: 10.0.0.0/16 10 | -------------------------------------------------------------------------------- /examples/azure-intro.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: devopstoolkitseries.com/v1alpha1 3 | kind: ClusterClaim 4 | metadata: 5 | name: cluster-01 6 | spec: 7 | id: cluster01 8 | compositionSelector: 9 | matchLabels: 10 | provider: azure 11 | cluster: aks 12 | parameters: 13 | nodeSize: small 14 | minNodeCount: 3 15 | --- 16 | apiVersion: v1 17 | kind: Secret 18 | metadata: 19 | name: silly-demo-db-20240114234411-password 20 | data: 21 | password: SVdpbGxOZXZlclRlbGxAMQ== 22 | --- 23 | apiVersion: devopstoolkitseries.com/v1alpha1 24 | kind: SQLClaim 25 | metadata: 26 | name: silly-demo-db 27 | spec: 28 | id: silly-demo-db-20240114234411 29 | compositionSelector: 30 | matchLabels: 31 | provider: azure 32 | db: postgresql 33 | parameters: 34 | version: "11" 35 | size: small 36 | databases: 37 | - silly-demo-db 38 | --- 39 | apiVersion: devopstoolkitseries.com/v1alpha1 40 | kind: AppClaim 41 | metadata: 42 | name: silly-demo 43 | spec: 44 | id: silly-demo 45 | compositionSelector: 46 | matchLabels: 47 | type: backend-db 48 | location: remote 49 | parameters: 50 | namespace: production 51 | image: c8n.io/vfarcic/silly-demo:1.4.52 52 | port: 8080 53 | host: silly-demo.acme.com 54 | dbSecret: 55 | name: silly-demo-db 56 | namespace: a-team 57 | kubernetesProviderConfigName: cluster01 58 | -------------------------------------------------------------------------------- /examples/azure-sql-v1.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-password 6 | namespace: crossplane-system 7 | data: 8 | password: T1QrOXZQcDhMdXhoeFVQWVpLSk1kUG1YM04xTzBTd3YzWG5ZVjI0UFZzcz0= 9 | --- 10 | apiVersion: devopstoolkitseries.com/v1alpha1 11 | kind: SQL 12 | metadata: 13 | name: my-db-20240114235140 14 | spec: 15 | compositionSelector: 16 | matchLabels: 17 | provider: azure 18 | db: postgresql 19 | -------------------------------------------------------------------------------- /examples/azure-sql-v10.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-20240115001654-password 6 | data: 7 | password: T1QrOXZQcDhMdXhoeFVQWVpLSk1kUG1YM04xTzBTd3YzWG5ZVjI0UFZzcz0= 8 | --- 9 | apiVersion: devopstoolkitseries.com/v1alpha1 10 | kind: SQLClaim 11 | metadata: 12 | name: my-db 13 | annotations: 14 | organization: DevOps Toolkit 15 | author: Viktor Farcic 16 | spec: 17 | id: my-db-20240115001654 18 | compositionSelector: 19 | matchLabels: 20 | provider: azure 21 | db: postgresql 22 | parameters: 23 | version: "11" 24 | size: small 25 | databases: 26 | - db-01 27 | - db-02 28 | schemas: 29 | - database: db-01 30 | sql: | 31 | create table videos ( 32 | id varchar(50) not null, 33 | description text, 34 | primary key (id) 35 | ); 36 | create table comments ( 37 | id serial, 38 | video_id varchar(50) not null, 39 | description text not null, 40 | primary key (id), 41 | CONSTRAINT fk_videos FOREIGN KEY(video_id) REFERENCES videos(id) 42 | ); 43 | -------------------------------------------------------------------------------- /examples/azure-sql-v3.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-20240115000456-password 6 | namespace: crossplane-system 7 | data: 8 | password: T1QrOXZQcDhMdXhoeFVQWVpLSk1kUG1YM04xTzBTd3YzWG5ZVjI0UFZzcz0= 9 | --- 10 | apiVersion: devopstoolkitseries.com/v1alpha1 11 | kind: SQL 12 | metadata: 13 | name: my-db 14 | annotations: 15 | organization: DevOps Toolkit 16 | author: Viktor Farcic 17 | spec: 18 | id: my-db-20240115000456 19 | compositionSelector: 20 | matchLabels: 21 | provider: azure 22 | db: postgresql 23 | parameters: 24 | version: "11" 25 | size: small 26 | -------------------------------------------------------------------------------- /examples/azure-sql-v6.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-20240115000551-password 6 | data: 7 | password: T1QrOXZQcDhMdXhoeFVQWVpLSk1kUG1YM04xTzBTd3YzWG5ZVjI0UFZzcz0= 8 | --- 9 | apiVersion: devopstoolkitseries.com/v1alpha1 10 | kind: SQLClaim 11 | metadata: 12 | name: my-db 13 | annotations: 14 | organization: DevOps Toolkit 15 | author: Viktor Farcic 16 | spec: 17 | id: my-db-20240115000551 18 | compositionSelector: 19 | matchLabels: 20 | provider: azure 21 | db: postgresql 22 | parameters: 23 | version: "11" 24 | size: small 25 | -------------------------------------------------------------------------------- /examples/azure-sql-v7.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-20240115001654-password 6 | data: 7 | password: T1QrOXZQcDhMdXhoeFVQWVpLSk1kUG1YM04xTzBTd3YzWG5ZVjI0UFZzcz0= 8 | --- 9 | apiVersion: devopstoolkitseries.com/v1alpha1 10 | kind: SQLClaim 11 | metadata: 12 | name: my-db 13 | annotations: 14 | organization: DevOps Toolkit 15 | author: Viktor Farcic 16 | spec: 17 | id: my-db-20240115001654 18 | compositionSelector: 19 | matchLabels: 20 | provider: azure 21 | db: postgresql 22 | parameters: 23 | version: "11" 24 | size: small 25 | -------------------------------------------------------------------------------- /examples/azure-sql-v9.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-20240115001654-password 6 | data: 7 | password: T1QrOXZQcDhMdXhoeFVQWVpLSk1kUG1YM04xTzBTd3YzWG5ZVjI0UFZzcz0= 8 | --- 9 | apiVersion: devopstoolkitseries.com/v1alpha1 10 | kind: SQLClaim 11 | metadata: 12 | name: my-db 13 | annotations: 14 | organization: DevOps Toolkit 15 | author: Viktor Farcic 16 | spec: 17 | id: my-db-20240115001654 18 | compositionSelector: 19 | matchLabels: 20 | provider: azure 21 | db: postgresql 22 | parameters: 23 | version: "11" 24 | size: small 25 | databases: 26 | - db-01 27 | - db-02 28 | -------------------------------------------------------------------------------- /examples/azure-vm-bigger.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: compute.azure.upbound.io/v1beta1 3 | kind: LinuxVirtualMachine 4 | metadata: 5 | name: my-vm 6 | spec: 7 | forProvider: 8 | location: eastus 9 | resourceGroupNameRef: 10 | name: dot-group 11 | size: Standard_A2_v2 12 | sourceImageReference: 13 | - offer: UbuntuServer 14 | publisher: Canonical 15 | sku: 16.04-LTS 16 | version: latest 17 | adminSshKey: 18 | - publicKey: ssh-rsa 19 | AAAAB3NzaC1yc2EAAAADAQABAAABAQC+wWK73dCr+jgQOAxNsHAnNNNMEMWOHYEccp6wJm2gotpr9katuF/ZAdou5AaW1C61slRkHRkpRRX9FA9CYBiitZgvCCz+3nWNN7l/Up54Zps/pHWGZLHNJZRYyAB6j5yVLMVHIHriY49d/GZTZVNB8GoJv9Gakwc/fuEZYYl4YDFiGMBP///TzlI4jhiJzjKnEvqPFki5p2ZRJqcbCiF4pJrxUQR/RXqVFQdbRLZgYfJ8xGB878RENq3yQ39d8dVOkq4edbkzwcUmwwwkYVPIoDGsYLaRHnG+To7FvMeyO7xDVQkMKzopTQV8AuKpyvpqu0a9pWOMaiCyDytO7GGN 20 | you@me.com 21 | username: adminuser 22 | adminUsername: adminuser 23 | osDisk: 24 | - caching: ReadWrite 25 | storageAccountType: Standard_LRS 26 | networkInterfaceIdsRefs: 27 | - name: dot-interface 28 | --- 29 | apiVersion: azure.upbound.io/v1beta1 30 | kind: ResourceGroup 31 | metadata: 32 | name: dot-group 33 | spec: 34 | forProvider: 35 | location: eastus 36 | --- 37 | apiVersion: network.azure.upbound.io/v1beta1 38 | kind: NetworkInterface 39 | metadata: 40 | name: dot-interface 41 | spec: 42 | forProvider: 43 | ipConfiguration: 44 | - name: my-vm 45 | privateIpAddressAllocation: Dynamic 46 | subnetIdRef: 47 | name: dot-subnet 48 | location: eastus 49 | resourceGroupNameRef: 50 | name: dot-group 51 | --- 52 | apiVersion: network.azure.upbound.io/v1beta1 53 | kind: Subnet 54 | metadata: 55 | name: dot-subnet 56 | spec: 57 | forProvider: 58 | addressPrefixes: 59 | - 10.0.1.0/24 60 | resourceGroupNameRef: 61 | name: dot-group 62 | virtualNetworkNameRef: 63 | name: dot-network 64 | --- 65 | apiVersion: network.azure.upbound.io/v1beta1 66 | kind: VirtualNetwork 67 | metadata: 68 | name: dot-network 69 | spec: 70 | forProvider: 71 | addressSpace: 72 | - 10.0.0.0/16 73 | location: eastus 74 | resourceGroupNameRef: 75 | name: dot-group 76 | -------------------------------------------------------------------------------- /examples/azure-vm.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: compute.azure.upbound.io/v1beta1 3 | kind: LinuxVirtualMachine 4 | metadata: 5 | name: my-vm 6 | spec: 7 | forProvider: 8 | location: eastus 9 | resourceGroupNameRef: 10 | name: dot-group 11 | size: Standard_A1_v2 12 | sourceImageReference: 13 | - offer: UbuntuServer 14 | publisher: Canonical 15 | sku: 16.04-LTS 16 | version: latest 17 | adminSshKey: 18 | - publicKey: ssh-rsa 19 | AAAAB3NzaC1yc2EAAAADAQABAAABAQC+wWK73dCr+jgQOAxNsHAnNNNMEMWOHYEccp6wJm2gotpr9katuF/ZAdou5AaW1C61slRkHRkpRRX9FA9CYBiitZgvCCz+3nWNN7l/Up54Zps/pHWGZLHNJZRYyAB6j5yVLMVHIHriY49d/GZTZVNB8GoJv9Gakwc/fuEZYYl4YDFiGMBP///TzlI4jhiJzjKnEvqPFki5p2ZRJqcbCiF4pJrxUQR/RXqVFQdbRLZgYfJ8xGB878RENq3yQ39d8dVOkq4edbkzwcUmwwwkYVPIoDGsYLaRHnG+To7FvMeyO7xDVQkMKzopTQV8AuKpyvpqu0a9pWOMaiCyDytO7GGN 20 | you@me.com 21 | username: adminuser 22 | adminUsername: adminuser 23 | osDisk: 24 | - caching: ReadWrite 25 | storageAccountType: Standard_LRS 26 | networkInterfaceIdsRefs: 27 | - name: dot-interface 28 | --- 29 | apiVersion: azure.upbound.io/v1beta1 30 | kind: ResourceGroup 31 | metadata: 32 | name: dot-group 33 | spec: 34 | forProvider: 35 | location: eastus 36 | --- 37 | apiVersion: network.azure.upbound.io/v1beta1 38 | kind: NetworkInterface 39 | metadata: 40 | name: dot-interface 41 | spec: 42 | forProvider: 43 | ipConfiguration: 44 | - name: my-vm 45 | privateIpAddressAllocation: Dynamic 46 | subnetIdRef: 47 | name: dot-subnet 48 | location: eastus 49 | resourceGroupNameRef: 50 | name: dot-group 51 | --- 52 | apiVersion: network.azure.upbound.io/v1beta1 53 | kind: Subnet 54 | metadata: 55 | name: dot-subnet 56 | spec: 57 | forProvider: 58 | addressPrefixes: 59 | - 10.0.1.0/24 60 | resourceGroupNameRef: 61 | name: dot-group 62 | virtualNetworkNameRef: 63 | name: dot-network 64 | --- 65 | apiVersion: network.azure.upbound.io/v1beta1 66 | kind: VirtualNetwork 67 | metadata: 68 | name: dot-network 69 | spec: 70 | forProvider: 71 | addressSpace: 72 | - 10.0.0.0/16 73 | location: eastus 74 | resourceGroupNameRef: 75 | name: dot-group 76 | -------------------------------------------------------------------------------- /examples/google-intro.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: devopstoolkitseries.com/v1alpha1 3 | kind: ClusterClaim 4 | metadata: 5 | name: cluster-01 6 | spec: 7 | id: cluster-01 8 | compositionSelector: 9 | matchLabels: 10 | provider: google 11 | cluster: gke 12 | parameters: 13 | nodeSize: small 14 | minNodeCount: 1 15 | --- 16 | apiVersion: v1 17 | kind: Secret 18 | metadata: 19 | name: silly-demo-db-password 20 | data: 21 | password: cG9zdGdyZXM= 22 | --- 23 | apiVersion: devopstoolkitseries.com/v1alpha1 24 | kind: SQLClaim 25 | metadata: 26 | name: silly-demo-db 27 | spec: 28 | id: silly-demo-db 29 | compositionSelector: 30 | matchLabels: 31 | provider: google 32 | db: postgresql 33 | parameters: 34 | version: "13" 35 | size: small 36 | databases: 37 | - silly-demo-db 38 | --- 39 | apiVersion: devopstoolkitseries.com/v1alpha1 40 | kind: AppClaim 41 | metadata: 42 | name: silly-demo 43 | spec: 44 | id: silly-demo 45 | compositionSelector: 46 | matchLabels: 47 | type: backend-db 48 | location: remote 49 | parameters: 50 | namespace: production 51 | image: c8n.io/vfarcic/silly-demo:1.4.52 52 | port: 8080 53 | host: silly-demo.acme.com 54 | dbSecret: 55 | name: silly-demo-db 56 | namespace: a-team 57 | kubernetesProviderConfigName: cluster-01 58 | -------------------------------------------------------------------------------- /examples/google-k8s.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: devopstoolkitseries.com/v1alpha1 3 | kind: ClusterClaim 4 | metadata: 5 | name: cluster-01 6 | spec: 7 | id: cluster-01 8 | compositionSelector: 9 | matchLabels: 10 | provider: google 11 | cluster: gke 12 | parameters: 13 | nodeSize: small 14 | minNodeCount: 1 15 | -------------------------------------------------------------------------------- /examples/google-sql-v1.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-password 6 | namespace: crossplane-system 7 | data: 8 | password: cG9zdGdyZXM= 9 | --- 10 | apiVersion: devopstoolkitseries.com/v1alpha1 11 | kind: SQL 12 | metadata: 13 | name: my-db 14 | spec: 15 | compositionSelector: 16 | matchLabels: 17 | provider: google 18 | db: postgresql 19 | -------------------------------------------------------------------------------- /examples/google-sql-v10.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-password 6 | data: 7 | password: cG9zdGdyZXM= 8 | --- 9 | apiVersion: devopstoolkitseries.com/v1alpha1 10 | kind: SQLClaim 11 | metadata: 12 | name: my-db 13 | annotations: 14 | organization: DevOps Toolkit 15 | author: Viktor Farcic 16 | spec: 17 | id: my-db 18 | compositionSelector: 19 | matchLabels: 20 | provider: google 21 | db: postgresql 22 | parameters: 23 | version: "13" 24 | size: small 25 | databases: 26 | - db-01 27 | - db-02 28 | schemas: 29 | - database: db-01 30 | sql: | 31 | create table videos ( 32 | id varchar(50) not null, 33 | description text, 34 | primary key (id) 35 | ); 36 | create table comments ( 37 | id serial, 38 | video_id varchar(50) not null, 39 | description text not null, 40 | primary key (id), 41 | CONSTRAINT fk_videos FOREIGN KEY(video_id) REFERENCES videos(id) 42 | ); 43 | -------------------------------------------------------------------------------- /examples/google-sql-v3.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-password 6 | namespace: crossplane-system 7 | data: 8 | password: cG9zdGdyZXM= 9 | --- 10 | apiVersion: devopstoolkitseries.com/v1alpha1 11 | kind: SQL 12 | metadata: 13 | name: my-db 14 | annotations: 15 | organization: DevOps Toolkit 16 | author: Viktor Farcic 17 | spec: 18 | id: my-db 19 | compositionSelector: 20 | matchLabels: 21 | provider: google 22 | db: postgresql 23 | parameters: 24 | version: "13" 25 | size: small 26 | -------------------------------------------------------------------------------- /examples/google-sql-v6.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-password 6 | data: 7 | password: cG9zdGdyZXM= 8 | --- 9 | apiVersion: devopstoolkitseries.com/v1alpha1 10 | kind: SQLClaim 11 | metadata: 12 | name: my-db 13 | annotations: 14 | organization: DevOps Toolkit 15 | author: Viktor Farcic 16 | spec: 17 | id: my-db 18 | compositionSelector: 19 | matchLabels: 20 | provider: google 21 | db: postgresql 22 | parameters: 23 | version: "13" 24 | size: small 25 | -------------------------------------------------------------------------------- /examples/google-sql-v7.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-password 6 | data: 7 | password: cG9zdGdyZXM= 8 | --- 9 | apiVersion: devopstoolkitseries.com/v1alpha1 10 | kind: SQLClaim 11 | metadata: 12 | name: my-db 13 | annotations: 14 | organization: DevOps Toolkit 15 | author: Viktor Farcic 16 | spec: 17 | id: my-db 18 | compositionSelector: 19 | matchLabels: 20 | provider: google 21 | db: postgresql 22 | parameters: 23 | version: "13" 24 | size: small 25 | -------------------------------------------------------------------------------- /examples/google-sql-v9.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: my-db-password 6 | data: 7 | password: cG9zdGdyZXM= 8 | --- 9 | apiVersion: devopstoolkitseries.com/v1alpha1 10 | kind: SQLClaim 11 | metadata: 12 | name: my-db 13 | annotations: 14 | organization: DevOps Toolkit 15 | author: Viktor Farcic 16 | spec: 17 | id: my-db 18 | compositionSelector: 19 | matchLabels: 20 | provider: google 21 | db: postgresql 22 | parameters: 23 | version: "13" 24 | size: small 25 | databases: 26 | - db-01 27 | - db-02 28 | -------------------------------------------------------------------------------- /examples/google-vm-bigger.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: compute.gcp.upbound.io/v1beta1 3 | kind: Instance 4 | metadata: 5 | name: my-vm 6 | spec: 7 | forProvider: 8 | bootDisk: 9 | - initializeParams: 10 | - image: debian-cloud/debian-11 11 | machineType: g1-small 12 | networkInterface: 13 | - networkRef: 14 | name: dot-network 15 | zone: us-east1-b 16 | desiredStatus: RUNNING 17 | allowStoppingForUpdate: true 18 | --- 19 | apiVersion: compute.gcp.upbound.io/v1beta1 20 | kind: Network 21 | metadata: 22 | name: dot-network 23 | spec: 24 | forProvider: {} 25 | -------------------------------------------------------------------------------- /examples/google-vm-no-network.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: compute.gcp.upbound.io/v1beta1 3 | kind: Instance 4 | metadata: 5 | name: my-vm 6 | spec: 7 | forProvider: 8 | zone: us-east1-b 9 | machineType: e2-micro 10 | bootDisk: 11 | - initializeParams: 12 | - image: debian-cloud/debian-12 13 | networkInterface: 14 | - network: default 15 | desiredStatus: RUNNING 16 | allowStoppingForUpdate: true 17 | -------------------------------------------------------------------------------- /examples/google-vm.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: compute.gcp.upbound.io/v1beta1 3 | kind: Instance 4 | metadata: 5 | name: my-vm 6 | spec: 7 | forProvider: 8 | bootDisk: 9 | - initializeParams: 10 | - image: debian-cloud/debian-11 11 | machineType: f1-micro 12 | networkInterface: 13 | - networkRef: 14 | name: dot-network 15 | zone: us-east1-b 16 | desiredStatus: RUNNING 17 | allowStoppingForUpdate: true 18 | --- 19 | apiVersion: compute.gcp.upbound.io/v1beta1 20 | kind: Network 21 | metadata: 22 | name: dot-network 23 | spec: 24 | forProvider: {} 25 | -------------------------------------------------------------------------------- /examples/sql-v1.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: devopstoolkitseries.com/v1alpha1 2 | kind: SQL 3 | metadata: 4 | name: my-db 5 | spec: {} 6 | -------------------------------------------------------------------------------- /gcloud/flake.lock: -------------------------------------------------------------------------------- 1 | { 2 | "nodes": { 3 | "flake-utils": { 4 | "inputs": { 5 | "systems": "systems" 6 | }, 7 | "locked": { 8 | "lastModified": 1709126324, 9 | "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", 10 | "owner": "numtide", 11 | "repo": "flake-utils", 12 | "rev": "d465f4819400de7c8d874d50b982301f28a84605", 13 | "type": "github" 14 | }, 15 | "original": { 16 | "owner": "numtide", 17 | "repo": "flake-utils", 18 | "type": "github" 19 | } 20 | }, 21 | "nixpkgs": { 22 | "locked": { 23 | "lastModified": 1709703039, 24 | "narHash": "sha256-6hqgQ8OK6gsMu1VtcGKBxKQInRLHtzulDo9Z5jxHEFY=", 25 | "owner": "NixOS", 26 | "repo": "nixpkgs", 27 | "rev": "9df3e30ce24fd28c7b3e2de0d986769db5d6225d", 28 | "type": "github" 29 | }, 30 | "original": { 31 | "owner": "NixOS", 32 | "ref": "nixos-unstable", 33 | "repo": "nixpkgs", 34 | "type": "github" 35 | } 36 | }, 37 | "root": { 38 | "inputs": { 39 | "flake-utils": "flake-utils", 40 | "nixpkgs": "nixpkgs" 41 | } 42 | }, 43 | "systems": { 44 | "locked": { 45 | "lastModified": 1681028828, 46 | "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", 47 | "owner": "nix-systems", 48 | "repo": "default", 49 | "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", 50 | "type": "github" 51 | }, 52 | "original": { 53 | "owner": "nix-systems", 54 | "repo": "default", 55 | "type": "github" 56 | } 57 | } 58 | }, 59 | "root": "root", 60 | "version": 7 61 | } 62 | -------------------------------------------------------------------------------- /gcloud/flake.nix: -------------------------------------------------------------------------------- 1 | { 2 | description = "Google Cloud SDK with GKE auth plugin"; 3 | 4 | inputs = { 5 | nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; 6 | flake-utils.url = "github:numtide/flake-utils"; 7 | }; 8 | 9 | outputs = { self, nixpkgs, flake-utils}: 10 | flake-utils.lib.eachDefaultSystem (system: 11 | let 12 | pkgs = import nixpkgs { 13 | inherit system; 14 | }; 15 | in { 16 | packages = { 17 | google-cloud-sdk = pkgs.google-cloud-sdk.withExtraComponents [pkgs.google-cloud-sdk.components.gke-gcloud-auth-plugin]; 18 | }; 19 | } 20 | ); 21 | } 22 | -------------------------------------------------------------------------------- /kind.yaml: -------------------------------------------------------------------------------- 1 | kind: Cluster 2 | apiVersion: kind.x-k8s.io/v1alpha4 3 | nodes: 4 | - role: control-plane 5 | kubeadmConfigPatches: 6 | - | 7 | kind: InitConfiguration 8 | nodeRegistration: 9 | kubeletExtraArgs: 10 | node-labels: "ingress-ready=true" 11 | extraPortMappings: 12 | - containerPort: 80 13 | hostPort: 80 14 | protocol: TCP 15 | - containerPort: 443 16 | hostPort: 443 17 | protocol: TCP 18 | -------------------------------------------------------------------------------- /providers/aws-config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: aws.upbound.io/v1beta1 3 | kind: ProviderConfig 4 | metadata: 5 | name: default 6 | spec: 7 | credentials: 8 | source: Secret 9 | secretRef: 10 | namespace: crossplane-system 11 | name: aws-creds 12 | key: creds 13 | -------------------------------------------------------------------------------- /providers/aws-vm.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: pkg.crossplane.io/v1 3 | kind: Provider 4 | metadata: 5 | name: provider-aws-ec2 6 | spec: 7 | package: xpkg.upbound.io/upbound/provider-aws-ec2:v1.0.0 8 | -------------------------------------------------------------------------------- /providers/azure-config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: azure.upbound.io/v1beta1 3 | kind: ProviderConfig 4 | metadata: 5 | name: default 6 | spec: 7 | credentials: 8 | source: Secret 9 | secretRef: 10 | namespace: crossplane-system 11 | name: azure-creds 12 | key: creds 13 | -------------------------------------------------------------------------------- /providers/azure-vm.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: pkg.crossplane.io/v1 3 | kind: Provider 4 | metadata: 5 | name: provider-azure-compute 6 | spec: 7 | package: xpkg.upbound.io/upbound/provider-azure-compute:v0.40.0 8 | --- 9 | apiVersion: pkg.crossplane.io/v1 10 | kind: Provider 11 | metadata: 12 | name: provider-azure-network 13 | spec: 14 | package: xpkg.upbound.io/upbound/provider-azure-network:v0.40.0 15 | -------------------------------------------------------------------------------- /providers/dot-app.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | apiVersion: pkg.crossplane.io/v1 4 | kind: Configuration 5 | metadata: 6 | name: crossplane-app 7 | spec: 8 | package: xpkg.upbound.io/devops-toolkit/dot-application:v0.5.45 9 | -------------------------------------------------------------------------------- /providers/dot-kubernetes.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | apiVersion: pkg.crossplane.io/v1 4 | kind: Configuration 5 | metadata: 6 | name: crossplane-k8s 7 | spec: 8 | package: xpkg.upbound.io/devops-toolkit/dot-kubernetes:v0.12.45 9 | -------------------------------------------------------------------------------- /providers/dot-sql-v7.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: pkg.crossplane.io/v1 3 | kind: Configuration 4 | metadata: 5 | name: crossplane-sql 6 | spec: 7 | package: xpkg.upbound.io/vfarcic/dot-sql:v0.0.7 8 | -------------------------------------------------------------------------------- /providers/dot-sql.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | apiVersion: pkg.crossplane.io/v1 4 | kind: Configuration 5 | metadata: 6 | name: crossplane-sql 7 | spec: 8 | package: xpkg.upbound.io/devops-toolkit/dot-sql:v0.8.77 -------------------------------------------------------------------------------- /providers/function-auto-ready.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: pkg.crossplane.io/v1beta1 3 | kind: Function 4 | metadata: 5 | name: upbound-function-auto-ready 6 | spec: 7 | package: xpkg.upbound.io/crossplane-contrib/function-auto-ready:v0.2.1 8 | -------------------------------------------------------------------------------- /providers/function-go-templating.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: pkg.crossplane.io/v1beta1 3 | kind: Function 4 | metadata: 5 | name: upbound-function-go-templating 6 | spec: 7 | package: xpkg.upbound.io/crossplane-contrib/function-go-templating:v0.4.0 8 | -------------------------------------------------------------------------------- /providers/function-patch-and-transform.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: pkg.crossplane.io/v1beta1 2 | kind: Function 3 | metadata: 4 | name: crossplane-contrib-function-patch-and-transform 5 | spec: 6 | package: xpkg.upbound.io/crossplane-contrib/function-patch-and-transform:v0.1.4 7 | -------------------------------------------------------------------------------- /providers/google-config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: gcp.upbound.io/v1beta1 3 | kind: ProviderConfig 4 | metadata: 5 | name: default 6 | spec: 7 | projectID: dot-20241001225546 8 | credentials: 9 | source: Secret 10 | secretRef: 11 | namespace: crossplane-system 12 | name: gcp-creds 13 | key: creds 14 | -------------------------------------------------------------------------------- /providers/google-vm.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: pkg.crossplane.io/v1 3 | kind: Provider 4 | metadata: 5 | name: provider-gcp-compute 6 | spec: 7 | package: xpkg.upbound.io/upbound/provider-gcp-compute:v1.8.3 8 | -------------------------------------------------------------------------------- /providers/provider-helm-incluster.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: crossplane-provider-helm 6 | namespace: crossplane-system 7 | --- 8 | apiVersion: rbac.authorization.k8s.io/v1 9 | kind: ClusterRoleBinding 10 | metadata: 11 | name: crossplane-provider-helm 12 | subjects: 13 | - kind: ServiceAccount 14 | name: crossplane-provider-helm 15 | namespace: crossplane-system 16 | roleRef: 17 | kind: ClusterRole 18 | name: cluster-admin 19 | apiGroup: rbac.authorization.k8s.io 20 | --- 21 | apiVersion: pkg.crossplane.io/v1alpha1 22 | kind: ControllerConfig 23 | metadata: 24 | name: crossplane-provider-helm 25 | spec: 26 | serviceAccountName: crossplane-provider-helm 27 | --- 28 | apiVersion: pkg.crossplane.io/v1 29 | kind: Provider 30 | metadata: 31 | name: crossplane-provider-helm 32 | spec: 33 | package: xpkg.upbound.io/crossplane-contrib/provider-helm:v0.17.0 34 | controllerConfigRef: 35 | name: crossplane-provider-helm 36 | -------------------------------------------------------------------------------- /providers/provider-kubernetes-incluster.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: crossplane-provider-kubernetes 6 | namespace: crossplane-system 7 | --- 8 | apiVersion: rbac.authorization.k8s.io/v1 9 | kind: ClusterRoleBinding 10 | metadata: 11 | name: crossplane-provider-kubernetes 12 | subjects: 13 | - kind: ServiceAccount 14 | name: crossplane-provider-kubernetes 15 | namespace: crossplane-system 16 | roleRef: 17 | kind: ClusterRole 18 | name: cluster-admin 19 | apiGroup: rbac.authorization.k8s.io 20 | --- 21 | apiVersion: pkg.crossplane.io/v1alpha1 22 | kind: ControllerConfig 23 | metadata: 24 | name: crossplane-provider-kubernetes 25 | spec: 26 | serviceAccountName: crossplane-provider-kubernetes 27 | --- 28 | apiVersion: pkg.crossplane.io/v1 29 | kind: Provider 30 | metadata: 31 | name: crossplane-contrib-provider-kubernetes 32 | spec: 33 | package: xpkg.upbound.io/crossplane-contrib/provider-kubernetes:v0.12.1 34 | controllerConfigRef: 35 | name: crossplane-provider-kubernetes 36 | -------------------------------------------------------------------------------- /providers/sql-v1.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: pkg.crossplane.io/v1 3 | kind: Provider 4 | metadata: 5 | name: provider-aws-ec2 6 | spec: 7 | package: xpkg.upbound.io/upbound/provider-aws-ec2:v1.0.0 8 | --- 9 | apiVersion: pkg.crossplane.io/v1 10 | kind: Provider 11 | metadata: 12 | name: provider-aws-rds 13 | spec: 14 | package: xpkg.upbound.io/upbound/provider-aws-rds:v1.0.0 15 | --- 16 | apiVersion: pkg.crossplane.io/v1 17 | kind: Provider 18 | metadata: 19 | name: provider-gcp-sql 20 | spec: 21 | package: xpkg.upbound.io/upbound/provider-gcp-sql:v0.41.0 22 | --- 23 | apiVersion: pkg.crossplane.io/v1 24 | kind: Provider 25 | metadata: 26 | name: provider-azure-dbforpostgresql 27 | spec: 28 | package: xpkg.upbound.io/upbound/provider-azure-dbforpostgresql:v0.40.0 29 | -------------------------------------------------------------------------------- /providers/sql-v5.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: pkg.crossplane.io/v1 3 | kind: Provider 4 | metadata: 5 | name: provider-aws-ec2 6 | spec: 7 | package: xpkg.upbound.io/upbound/provider-aws-ec2:v1.0.0 8 | --- 9 | apiVersion: pkg.crossplane.io/v1 10 | kind: Provider 11 | metadata: 12 | name: provider-aws-rds 13 | spec: 14 | package: xpkg.upbound.io/upbound/provider-aws-rds:v1.0.0 15 | --- 16 | apiVersion: pkg.crossplane.io/v1 17 | kind: Provider 18 | metadata: 19 | name: provider-gcp-sql 20 | spec: 21 | package: xpkg.upbound.io/upbound/provider-gcp-sql:v0.41.0 22 | --- 23 | apiVersion: pkg.crossplane.io/v1 24 | kind: Provider 25 | metadata: 26 | name: provider-azure-dbforpostgresql 27 | spec: 28 | package: xpkg.upbound.io/upbound/provider-azure-dbforpostgresql:v0.40.0 29 | --- 30 | apiVersion: pkg.crossplane.io/v1 31 | kind: Provider 32 | metadata: 33 | name: provider-sql 34 | spec: 35 | package: xpkg.upbound.io/crossplane-contrib/provider-sql:v0.9.0 36 | --- 37 | apiVersion: v1 38 | kind: ServiceAccount 39 | metadata: 40 | name: crossplane-provider-kubernetes 41 | namespace: crossplane-system 42 | --- 43 | apiVersion: rbac.authorization.k8s.io/v1 44 | kind: ClusterRoleBinding 45 | metadata: 46 | name: crossplane-provider-kubernetes 47 | subjects: 48 | - kind: ServiceAccount 49 | name: crossplane-provider-kubernetes 50 | namespace: crossplane-system 51 | roleRef: 52 | kind: ClusterRole 53 | name: cluster-admin 54 | apiGroup: rbac.authorization.k8s.io 55 | --- 56 | apiVersion: pkg.crossplane.io/v1alpha1 57 | kind: ControllerConfig 58 | metadata: 59 | name: crossplane-provider-kubernetes 60 | spec: 61 | serviceAccountName: crossplane-provider-kubernetes 62 | --- 63 | apiVersion: pkg.crossplane.io/v1 64 | kind: Provider 65 | metadata: 66 | name: crossplane-provider-kubernetes 67 | spec: 68 | package: xpkg.upbound.io/crossplane-contrib/provider-kubernetes:v0.9.0 69 | controllerConfigRef: 70 | name: crossplane-provider-kubernetes 71 | -------------------------------------------------------------------------------- /setup/00-intro.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | gum style \ 5 | --foreground 212 --border-foreground 212 --border double \ 6 | --margin "1 2" --padding "2 4" \ 7 | 'Setup for the Introduction chapter' 8 | 9 | gum confirm ' 10 | Are you ready to start? 11 | Select "Yes" only if you did NOT follow the story from the start (if you jumped straight into this chapter). 12 | Feel free to say "No" and inspect the script if you prefer setting up resources manually. 13 | ' || exit 0 14 | 15 | echo " 16 | ## You will need following tools installed: 17 | |Name |Required |More info | 18 | |----------------|---------------------|---------------------------------------------------| 19 | |Linux Shell |Yes |Use WSL if you are running Windows | 20 | |Docker |Yes |'https://docs.docker.com/engine/install' | 21 | |kind CLI |Yes |'https://kind.sigs.k8s.io/docs/user/quick-start/#installation'| 22 | |kubectl CLI |Yes |'https://kubernetes.io/docs/tasks/tools/#kubectl' | 23 | |crossplane CLI |Yes |'https://docs.crossplane.io/latest/cli' | 24 | |yq CLI |Yes |'https://github.com/mikefarah/yq#install' | 25 | |Google Cloud account with admin permissions|If using Google Cloud|'https://cloud.google.com'| 26 | |Google Cloud CLI|If using Google Cloud|'https://cloud.google.com/sdk/docs/install' | 27 | |AWS account with admin permissions|If using AWS|'https://aws.amazon.com' | 28 | |AWS CLI |If using AWS |'https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html'| 29 | |Azure account with admin permissions|If using Azure|'https://azure.microsoft.com' | 30 | |az CLI |If using Azure |'https://learn.microsoft.com/cli/azure/install-azure-cli'| 31 | 32 | If you are running this script from **Nix shell**, most of the requirements are already set with the exception of **Docker** and the **hyperscaler account**. 33 | " | gum format 34 | 35 | gum confirm " 36 | Do you have those tools installed? 37 | " || exit 0 38 | 39 | rm -f .env 40 | 41 | ######################### 42 | # Control Plane Cluster # 43 | ######################### 44 | 45 | kind create cluster --config kind.yaml 46 | 47 | kubectl apply \ 48 | --filename https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml 49 | 50 | ############## 51 | # Crossplane # 52 | ############## 53 | 54 | helm upgrade --install crossplane crossplane \ 55 | --repo https://charts.crossplane.io/stable \ 56 | --namespace crossplane-system --create-namespace --wait 57 | 58 | kubectl apply \ 59 | --filename providers/provider-kubernetes-incluster.yaml 60 | 61 | kubectl apply --filename providers/provider-helm-incluster.yaml 62 | 63 | kubectl apply --filename providers/dot-kubernetes.yaml 64 | 65 | kubectl apply --filename providers/dot-sql.yaml 66 | 67 | kubectl apply --filename providers/dot-app.yaml 68 | 69 | gum spin --spinner dot \ 70 | --title "Waiting for Crossplane providers..." -- sleep 60 71 | 72 | kubectl wait --for=condition=healthy provider.pkg.crossplane.io \ 73 | --all --timeout=1800s 74 | 75 | echo "## Which Hyperscaler do you want to use?" | gum format 76 | 77 | HYPERSCALER=$(gum choose "google" "aws" "azure") 78 | 79 | echo "export HYPERSCALER=$HYPERSCALER" >> .env 80 | 81 | if [[ "$HYPERSCALER" == "google" ]]; then 82 | 83 | gcloud auth login 84 | 85 | PROJECT_ID=dot-$(date +%Y%m%d%H%M%S) 86 | 87 | echo "export PROJECT_ID=$PROJECT_ID" >> .env 88 | 89 | gcloud projects create ${PROJECT_ID} 90 | 91 | echo "## Open https://console.cloud.google.com/billing/linkedaccount?project=$PROJECT_ID and link a billing account" \ 92 | | gum format 93 | 94 | gum input --placeholder "Press the enter key to continue." 95 | 96 | echo "## Open https://console.cloud.google.com/marketplace/product/google/container.googleapis.com?project=$PROJECT_ID and *ENABLE* the API" \ 97 | | gum format 98 | 99 | gum input --placeholder "Press the enter key to continue." 100 | 101 | echo "## Open https://console.cloud.google.com/apis/library/sqladmin.googleapis.com?project=$PROJECT_ID and *ENABLE* the API" \ 102 | | gum format 103 | 104 | gum input --placeholder "Press the enter key to continue." 105 | 106 | export SA_NAME=devops-toolkit 107 | 108 | export SA="${SA_NAME}@${PROJECT_ID}.iam.gserviceaccount.com" 109 | 110 | gcloud iam service-accounts create $SA_NAME \ 111 | --project $PROJECT_ID 112 | 113 | export ROLE=roles/admin 114 | 115 | gcloud projects add-iam-policy-binding \ 116 | --role $ROLE $PROJECT_ID --member serviceAccount:$SA 117 | 118 | gcloud iam service-accounts keys create gcp-creds.json \ 119 | --project $PROJECT_ID --iam-account $SA 120 | 121 | kubectl --namespace crossplane-system \ 122 | create secret generic gcp-creds \ 123 | --from-file creds=./gcp-creds.json 124 | 125 | echo " 126 | apiVersion: gcp.upbound.io/v1beta1 127 | kind: ProviderConfig 128 | metadata: 129 | name: default 130 | spec: 131 | projectID: $PROJECT_ID 132 | credentials: 133 | source: Secret 134 | secretRef: 135 | namespace: crossplane-system 136 | name: gcp-creds 137 | key: creds" | kubectl apply --filename - 138 | 139 | elif [[ "$HYPERSCALER" == "aws" ]]; then 140 | 141 | AWS_ACCESS_KEY_ID=$(gum input --placeholder "AWS Access Key ID" --value "$AWS_ACCESS_KEY_ID") 142 | echo "export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID" >> .env 143 | 144 | AWS_SECRET_ACCESS_KEY=$(gum input --placeholder "AWS Secret Access Key" --value "$AWS_SECRET_ACCESS_KEY" --password) 145 | echo "export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY" >> .env 146 | 147 | AWS_ACCOUNT_ID=$(gum input --placeholder "AWS Account ID" --value "$AWS_ACCOUNT_ID") 148 | echo "export AWS_ACCOUNT_ID=$AWS_ACCOUNT_ID" >> .env 149 | 150 | echo "[default] 151 | aws_access_key_id = $AWS_ACCESS_KEY_ID 152 | aws_secret_access_key = $AWS_SECRET_ACCESS_KEY 153 | " >aws-creds.conf 154 | 155 | kubectl --namespace crossplane-system \ 156 | create secret generic aws-creds \ 157 | --from-file creds=./aws-creds.conf 158 | 159 | kubectl apply --filename providers/aws-config.yaml 160 | 161 | else 162 | 163 | AZURE_TENANT_ID=$(gum input --placeholder "Azure Tenant ID" --value "$AZURE_TENANT_ID") 164 | 165 | az login --tenant $AZURE_TENANT_ID 166 | 167 | export SUBSCRIPTION_ID=$(az account show --query id -o tsv) 168 | 169 | az ad sp create-for-rbac --sdk-auth --role Owner --scopes /subscriptions/$SUBSCRIPTION_ID | tee azure-creds.json 170 | 171 | kubectl --namespace crossplane-system create secret generic azure-creds --from-file creds=./azure-creds.json 172 | 173 | kubectl apply --filename providers/azure-config.yaml 174 | 175 | DB_NAME=silly-demo-db-$(date +%Y%m%d%H%M%S) 176 | 177 | echo "--- 178 | apiVersion: devopstoolkitseries.com/v1alpha1 179 | kind: ClusterClaim 180 | metadata: 181 | name: cluster-01 182 | spec: 183 | id: cluster01 184 | compositionSelector: 185 | matchLabels: 186 | provider: azure 187 | cluster: aks 188 | parameters: 189 | nodeSize: small 190 | minNodeCount: 3 191 | --- 192 | apiVersion: v1 193 | kind: Secret 194 | metadata: 195 | name: $DB_NAME-password 196 | data: 197 | password: SVdpbGxOZXZlclRlbGxAMQ== 198 | --- 199 | apiVersion: devopstoolkitseries.com/v1alpha1 200 | kind: SQLClaim 201 | metadata: 202 | name: silly-demo-db 203 | spec: 204 | id: $DB_NAME 205 | compositionSelector: 206 | matchLabels: 207 | provider: azure 208 | db: postgresql 209 | parameters: 210 | version: \"11\" 211 | size: small 212 | --- 213 | apiVersion: devopstoolkitseries.com/v1alpha1 214 | kind: AppClaim 215 | metadata: 216 | name: silly-demo 217 | spec: 218 | id: silly-demo 219 | compositionSelector: 220 | matchLabels: 221 | type: backend-db 222 | location: remote 223 | parameters: 224 | namespace: production 225 | image: c8n.io/vfarcic/silly-demo:1.4.52 226 | port: 8080 227 | host: silly-demo.acme.com 228 | dbSecret: 229 | name: silly-demo-db 230 | namespace: a-team 231 | kubernetesProviderConfigName: cluster01" \ 232 | | tee examples/azure-intro.yaml 233 | 234 | fi 235 | 236 | kubectl create namespace a-team 237 | 238 | ########### 239 | # Argo CD # 240 | ########### 241 | 242 | REPO_URL=$(git config --get remote.origin.url) 243 | # workaround to avoid setting up SSH key in ArgoCD 244 | REPO_URL=$(echo $REPO_URL | sed 's/git@github.com:/https:\/\/github.com\//') # replace git@github.com: to https://github.com/ 245 | 246 | yq --inplace ".spec.source.repoURL = \"$REPO_URL\"" argocd/apps.yaml 247 | 248 | helm upgrade --install argocd argo-cd \ 249 | --repo https://argoproj.github.io/argo-helm \ 250 | --namespace argocd --create-namespace \ 251 | --values argocd/helm-values.yaml --wait 252 | 253 | kubectl apply --filename argocd/apps.yaml 254 | -------------------------------------------------------------------------------- /setup/01-managed-resources-nix.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env nix-shell 2 | #! nix-shell -i bash 3 | #! nix-shell -p gum kind kubectl yq google-cloud-sdk awscli2 eksctl azure-cli 4 | 5 | set -e 6 | 7 | gum style \ 8 | --foreground 212 --border-foreground 212 --border double \ 9 | --margin "1 2" --padding "2 4" \ 10 | 'Setup for the Managed Resources chapter. 11 | 12 | This script assumes that you jumped straight into this chapter. 13 | If that is not the case (if you are continuing from the previous 14 | chapter), please answer with "No" when asked whether you are 15 | ready to start.' 16 | 17 | gum confirm ' 18 | Are you ready to start? 19 | Select "Yes" only if you did NOT follow the story from the start (if you jumped straight into this chapter). 20 | Feel free to say "No" and inspect the script if you prefer setting up resources manually. 21 | ' || exit 0 22 | 23 | rm -f .env 24 | 25 | ######################### 26 | # Control Plane Cluster # 27 | ######################### 28 | 29 | kind delete cluster 30 | 31 | kind create cluster 32 | 33 | ############## 34 | # Crossplane # 35 | ############## 36 | 37 | echo "## Which Hyperscaler do you want to use?" | gum format 38 | 39 | HYPERSCALER=$(gum choose "google" "aws" "azure") 40 | 41 | echo "export HYPERSCALER=$HYPERSCALER" >> .env 42 | 43 | if [[ "$HYPERSCALER" == "google" ]]; then 44 | 45 | gcloud auth login 46 | 47 | PROJECT_ID=dot-$(date +%Y%m%d%H%M%S) 48 | 49 | echo "export PROJECT_ID=$PROJECT_ID" >> .env 50 | 51 | gcloud projects create ${PROJECT_ID} 52 | 53 | echo " 54 | Please open https://console.developers.google.com/apis/api/compute.googleapis.com/overview?project=$PROJECT_ID in a browser and *ENABLE* the API." 55 | 56 | gum input --placeholder " 57 | Press the enter key to continue." 58 | 59 | export SA_NAME=devops-toolkit 60 | 61 | export SA="${SA_NAME}@${PROJECT_ID}.iam.gserviceaccount.com" 62 | 63 | gcloud iam service-accounts create $SA_NAME \ 64 | --project $PROJECT_ID 65 | 66 | export ROLE=roles/admin 67 | 68 | gcloud projects add-iam-policy-binding \ 69 | --role $ROLE $PROJECT_ID --member serviceAccount:$SA 70 | 71 | gcloud iam service-accounts keys create gcp-creds.json \ 72 | --project $PROJECT_ID --iam-account $SA 73 | 74 | yq --inplace ".spec.projectID = \"$PROJECT_ID\"" \ 75 | providers/google-config.yaml 76 | 77 | elif [[ "$HYPERSCALER" == "aws" ]]; then 78 | 79 | AWS_ACCESS_KEY_ID=$(gum input \ 80 | --placeholder "AWS Access Key ID" \ 81 | --value "$AWS_ACCESS_KEY_ID") 82 | echo "export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID" >> .env 83 | 84 | AWS_SECRET_ACCESS_KEY=$(gum input \ 85 | --placeholder "AWS Secret Access Key" \ 86 | --value "$AWS_SECRET_ACCESS_KEY" --password) 87 | echo "export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY" >> .env 88 | 89 | AWS_ACCOUNT_ID=$(gum input --placeholder "AWS Account ID" \ 90 | --value "$AWS_ACCOUNT_ID") 91 | echo "export AWS_ACCOUNT_ID=$AWS_ACCOUNT_ID" >> .env 92 | 93 | echo "[default] 94 | aws_access_key_id = $AWS_ACCESS_KEY_ID 95 | aws_secret_access_key = $AWS_SECRET_ACCESS_KEY 96 | " >aws-creds.conf 97 | 98 | else 99 | 100 | AZURE_TENANT_ID=$(gum input --placeholder "Azure Tenant ID" --value "$AZURE_TENANT_ID") 101 | 102 | az login --tenant $AZURE_TENANT_ID 103 | 104 | export SUBSCRIPTION_ID=$(az account show --query id -o tsv) 105 | 106 | az ad sp create-for-rbac --sdk-auth --role Owner \ 107 | --scopes /subscriptions/$SUBSCRIPTION_ID \ 108 | | tee azure-creds.json 109 | 110 | fi 111 | -------------------------------------------------------------------------------- /setup/01-managed-resources.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | gum style \ 5 | --foreground 212 --border-foreground 212 --border double \ 6 | --margin "1 2" --padding "2 4" \ 7 | 'Setup for the Managed Resources chapter. 8 | 9 | This script assumes that you jumped straight into this chapter. 10 | If that is not the case (if you are continuing from the previous 11 | chapter), please answer with "No" when asked whether you are 12 | ready to start.' 13 | 14 | gum confirm ' 15 | Are you ready to start? 16 | Select "Yes" only if you did NOT follow the story from the start (if you jumped straight into this chapter). 17 | Feel free to say "No" and inspect the script if you prefer setting up resources manually. 18 | ' || exit 0 19 | 20 | echo " 21 | ## You will need following tools installed: 22 | |Name |Required |More info | 23 | |----------------|---------------------|---------------------------------------------------| 24 | |Linux Shell |Yes |Use WSL if you are running Windows | 25 | |Docker |Yes |'https://docs.docker.com/engine/install' | 26 | |kind CLI |Yes |'https://kind.sigs.k8s.io/docs/user/quick-start/#installation'| 27 | |kubectl CLI |Yes |'https://kubernetes.io/docs/tasks/tools/#kubectl' | 28 | |yq CLI |Yes |'https://github.com/mikefarah/yq#install' | 29 | |Google Cloud account with admin permissions|If using Google Cloud|'https://cloud.google.com'| 30 | |Google Cloud CLI|If using Google Cloud|'https://cloud.google.com/sdk/docs/install' | 31 | |AWS account with admin permissions|If using AWS|'https://aws.amazon.com' | 32 | |AWS CLI |If using AWS |'https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html'| 33 | |Azure account with admin permissions|If using Azure|'https://azure.microsoft.com' | 34 | |az CLI |If using Azure |'https://learn.microsoft.com/cli/azure/install-azure-cli'| 35 | 36 | If you are running this script from **Nix shell**, most of the requirements are already set with the exception of **Docker** and the **hyperscaler account**. 37 | " | gum format 38 | 39 | gum confirm " 40 | Do you have those tools installed? 41 | " || exit 0 42 | 43 | rm -f .env 44 | 45 | set +e 46 | 47 | git fetch upstream 48 | 49 | git merge upstream/main 50 | 51 | set -e 52 | 53 | ######################### 54 | # Control Plane Cluster # 55 | ######################### 56 | 57 | kind create cluster 58 | 59 | ############## 60 | # Crossplane # 61 | ############## 62 | 63 | echo "## Which Hyperscaler do you want to use?" | gum format 64 | 65 | HYPERSCALER=$(gum choose "google" "aws" "azure") 66 | 67 | echo "export HYPERSCALER=$HYPERSCALER" >> .env 68 | 69 | if [ "$HYPERSCALER" = "google" ]; then 70 | 71 | gcloud auth login 72 | 73 | PROJECT_ID=dot-$(date +%Y%m%d%H%M%S) 74 | 75 | echo "export PROJECT_ID=$PROJECT_ID" >> .env 76 | 77 | gcloud projects create ${PROJECT_ID} 78 | 79 | echo "## Open https://console.cloud.google.com/billing/linkedaccount?project=$PROJECT_ID and link a billing account" \ 80 | | gum format 81 | 82 | gum input --placeholder "Press the enter key to continue." 83 | 84 | echo "## Open https://console.developers.google.com/apis/api/compute.googleapis.com/overview?project=$PROJECT_ID and *ENABLE* the API" \ 85 | | gum format 86 | 87 | gum input --placeholder "Press the enter key to continue." 88 | 89 | export SA_NAME=devops-toolkit 90 | 91 | export SA="${SA_NAME}@${PROJECT_ID}.iam.gserviceaccount.com" 92 | 93 | gcloud iam service-accounts create $SA_NAME \ 94 | --project $PROJECT_ID 95 | 96 | export ROLE=roles/admin 97 | 98 | gcloud projects add-iam-policy-binding \ 99 | --role $ROLE $PROJECT_ID --member serviceAccount:$SA 100 | 101 | gcloud iam service-accounts keys create gcp-creds.json \ 102 | --project $PROJECT_ID --iam-account $SA 103 | 104 | yq --inplace ".spec.projectID = \"$PROJECT_ID\"" \ 105 | providers/google-config.yaml 106 | 107 | elif [ "$HYPERSCALER" = "aws" ]; then 108 | 109 | AWS_ACCESS_KEY_ID=$(gum input \ 110 | --placeholder "AWS Access Key ID" \ 111 | --value "$AWS_ACCESS_KEY_ID") 112 | echo "export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID" >> .env 113 | 114 | AWS_SECRET_ACCESS_KEY=$(gum input \ 115 | --placeholder "AWS Secret Access Key" \ 116 | --value "$AWS_SECRET_ACCESS_KEY" --password) 117 | echo "export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY" >> .env 118 | 119 | AWS_ACCOUNT_ID=$(gum input --placeholder "AWS Account ID" \ 120 | --value "$AWS_ACCOUNT_ID") 121 | echo "export AWS_ACCOUNT_ID=$AWS_ACCOUNT_ID" >> .env 122 | 123 | echo "[default] 124 | aws_access_key_id = $AWS_ACCESS_KEY_ID 125 | aws_secret_access_key = $AWS_SECRET_ACCESS_KEY 126 | " >aws-creds.conf 127 | 128 | else 129 | 130 | AZURE_TENANT_ID=$(gum input --placeholder "Azure Tenant ID" --value "$AZURE_TENANT_ID") 131 | 132 | az login --tenant $AZURE_TENANT_ID 133 | 134 | export SUBSCRIPTION_ID=$(az account show --query id -o tsv) 135 | 136 | az ad sp create-for-rbac --sdk-auth --role Owner \ 137 | --scopes /subscriptions/$SUBSCRIPTION_ID \ 138 | | tee azure-creds.json 139 | 140 | fi 141 | -------------------------------------------------------------------------------- /setup/02-compositions.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | gum style \ 5 | --foreground 212 --border-foreground 212 --border double \ 6 | --margin "1 2" --padding "2 4" \ 7 | 'Setup for the Compositions chapter' 8 | 9 | gum confirm ' 10 | Are you ready to start? 11 | Select "Yes" only if you did NOT follow the story from the start (if you jumped straight into this chapter). 12 | Feel free to say "No" and inspect the script if you prefer setting up resources manually. 13 | ' || exit 0 14 | 15 | echo " 16 | ## You will need following tools installed: 17 | |Name |Required |More info | 18 | |----------------|---------------------|---------------------------------------------------| 19 | |Linux Shell |Yes |Use WSL if you are running Windows | 20 | |Docker |Yes |'https://docs.docker.com/engine/install' | 21 | |kind CLI |Yes |'https://kind.sigs.k8s.io/docs/user/quick-start/#installation'| 22 | |kubectl CLI |Yes |'https://kubernetes.io/docs/tasks/tools/#kubectl' | 23 | |crossplane CLI |Yes |'https://docs.crossplane.io/latest/cli' | 24 | |yq CLI |Yes |'https://github.com/mikefarah/yq#install' | 25 | |Google Cloud account with admin permissions|If using Google Cloud|'https://cloud.google.com'| 26 | |Google Cloud CLI|If using Google Cloud|'https://cloud.google.com/sdk/docs/install' | 27 | |AWS account with admin permissions|If using AWS|'https://aws.amazon.com' | 28 | |AWS CLI |If using AWS |'https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html'| 29 | |Azure account with admin permissions|If using Azure|'https://azure.microsoft.com' | 30 | |az CLI |If using Azure |'https://learn.microsoft.com/cli/azure/install-azure-cli'| 31 | 32 | If you are running this script from **Nix shell**, most of the requirements are already set with the exception of **Docker** and the **hyperscaler account**. 33 | " | gum format 34 | 35 | gum confirm " 36 | Do you have those tools installed? 37 | " || exit 0 38 | 39 | rm -f .env 40 | 41 | set +e 42 | 43 | git fetch upstream 44 | 45 | git merge upstream/main 46 | 47 | set -e 48 | 49 | ######################### 50 | # Control Plane Cluster # 51 | ######################### 52 | 53 | kind create cluster --config kind.yaml 54 | 55 | kubectl create namespace a-team 56 | 57 | ############## 58 | # Crossplane # 59 | ############## 60 | 61 | helm upgrade --install crossplane crossplane \ 62 | --repo https://charts.crossplane.io/stable \ 63 | --namespace crossplane-system --create-namespace --wait 64 | 65 | echo "## Which Hyperscaler do you want to use?" | gum format 66 | 67 | HYPERSCALER=$(gum choose "google" "aws" "azure") 68 | 69 | echo "export HYPERSCALER=$HYPERSCALER" >> .env 70 | 71 | if [ "$HYPERSCALER" = "google" ]; then 72 | 73 | gcloud auth login 74 | 75 | PROJECT_ID=dot-$(date +%Y%m%d%H%M%S) 76 | 77 | echo "export PROJECT_ID=$PROJECT_ID" >> .env 78 | 79 | gcloud projects create ${PROJECT_ID} 80 | 81 | echo "## Open https://console.cloud.google.com/billing/linkedaccount?project=$PROJECT_ID and link a billing account" \ 82 | | gum format 83 | 84 | gum input --placeholder "Press the enter key to continue." 85 | 86 | echo "## Open https://console.cloud.google.com/apis/library/sqladmin.googleapis.com?project=$PROJECT_ID and *ENABLE* the API" \ 87 | | gum format 88 | 89 | gum input --placeholder "Press the enter key to continue." 90 | 91 | export SA_NAME=devops-toolkit 92 | 93 | export SA="${SA_NAME}@${PROJECT_ID}.iam.gserviceaccount.com" 94 | 95 | gcloud iam service-accounts create $SA_NAME \ 96 | --project $PROJECT_ID 97 | 98 | gcloud projects add-iam-policy-binding \ 99 | --role roles/admin $PROJECT_ID \ 100 | --member serviceAccount:$SA 101 | 102 | gcloud iam service-accounts keys create gcp-creds.json \ 103 | --project $PROJECT_ID --iam-account $SA 104 | 105 | kubectl --namespace crossplane-system \ 106 | create secret generic gcp-creds \ 107 | --from-file creds=./gcp-creds.json 108 | 109 | yq --inplace ".spec.projectID = \"$PROJECT_ID\"" \ 110 | providers/google-config.yaml 111 | 112 | elif [ "$HYPERSCALER" = "aws" ]; then 113 | 114 | AWS_ACCESS_KEY_ID=$(gum input --placeholder "AWS Access Key ID" --value "$AWS_ACCESS_KEY_ID") 115 | echo "export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID" >> .env 116 | 117 | AWS_SECRET_ACCESS_KEY=$(gum input --placeholder "AWS Secret Access Key" --value "$AWS_SECRET_ACCESS_KEY" --password) 118 | echo "export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY" >> .env 119 | 120 | AWS_ACCOUNT_ID=$(gum input --placeholder "AWS Account ID" --value "$AWS_ACCOUNT_ID") 121 | echo "export AWS_ACCOUNT_ID=$AWS_ACCOUNT_ID" >> .env 122 | 123 | echo "[default] 124 | aws_access_key_id = $AWS_ACCESS_KEY_ID 125 | aws_secret_access_key = $AWS_SECRET_ACCESS_KEY 126 | " >aws-creds.conf 127 | 128 | kubectl --namespace crossplane-system \ 129 | create secret generic aws-creds \ 130 | --from-file creds=./aws-creds.conf 131 | 132 | else 133 | 134 | AZURE_TENANT_ID=$(gum input --placeholder "Azure Tenant ID" --value "$AZURE_TENANT_ID") 135 | 136 | az login --tenant $AZURE_TENANT_ID 137 | 138 | export SUBSCRIPTION_ID=$(az account show --query id -o tsv) 139 | 140 | az ad sp create-for-rbac --sdk-auth --role Owner --scopes /subscriptions/$SUBSCRIPTION_ID | tee azure-creds.json 141 | 142 | kubectl --namespace crossplane-system create secret generic azure-creds --from-file creds=./azure-creds.json 143 | 144 | DB_NAME=my-db-$(date +%Y%m%d%H%M%S) 145 | 146 | echo "--- 147 | apiVersion: v1 148 | kind: Secret 149 | metadata: 150 | name: $DB_NAME-password 151 | namespace: crossplane-system 152 | data: 153 | password: T1QrOXZQcDhMdXhoeFVQWVpLSk1kUG1YM04xTzBTd3YzWG5ZVjI0UFZzcz0= 154 | --- 155 | apiVersion: devopstoolkitseries.com/v1alpha1 156 | kind: SQL 157 | metadata: 158 | name: $DB_NAME 159 | spec: 160 | compositionSelector: 161 | matchLabels: 162 | provider: azure 163 | db: postgresql" \ 164 | | tee examples/azure-sql-v1.yaml 165 | 166 | sleep 1 167 | 168 | DB_NAME=my-db-$(date +%Y%m%d%H%M%S) 169 | 170 | echo "--- 171 | apiVersion: v1 172 | kind: Secret 173 | metadata: 174 | name: $DB_NAME-password 175 | namespace: crossplane-system 176 | data: 177 | password: T1QrOXZQcDhMdXhoeFVQWVpLSk1kUG1YM04xTzBTd3YzWG5ZVjI0UFZzcz0= 178 | --- 179 | apiVersion: devopstoolkitseries.com/v1alpha1 180 | kind: SQL 181 | metadata: 182 | name: my-db 183 | annotations: 184 | organization: DevOps Toolkit 185 | author: Viktor Farcic 186 | spec: 187 | id: $DB_NAME 188 | compositionSelector: 189 | matchLabels: 190 | provider: azure 191 | db: postgresql 192 | parameters: 193 | version: \"11\" 194 | size: small" \ 195 | | tee examples/azure-sql-v3.yaml 196 | 197 | sleep 1 198 | 199 | DB_NAME=my-db-$(date +%Y%m%d%H%M%S) 200 | 201 | echo "--- 202 | apiVersion: v1 203 | kind: Secret 204 | metadata: 205 | name: $DB_NAME-password 206 | data: 207 | password: T1QrOXZQcDhMdXhoeFVQWVpLSk1kUG1YM04xTzBTd3YzWG5ZVjI0UFZzcz0= 208 | --- 209 | apiVersion: devopstoolkitseries.com/v1alpha1 210 | kind: SQLClaim 211 | metadata: 212 | name: my-db 213 | annotations: 214 | organization: DevOps Toolkit 215 | author: Viktor Farcic 216 | spec: 217 | id: $DB_NAME 218 | compositionSelector: 219 | matchLabels: 220 | provider: azure 221 | db: postgresql 222 | parameters: 223 | version: \"11\" 224 | size: small" \ 225 | | tee examples/azure-sql-v6.yaml 226 | 227 | fi 228 | -------------------------------------------------------------------------------- /setup/03-configurations.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | gum style \ 5 | --foreground 212 --border-foreground 212 --border double \ 6 | --margin "1 2" --padding "2 4" \ 7 | 'Setup for the Configuration Packages chapter' 8 | 9 | gum confirm ' 10 | Are you ready to start? 11 | Select "Yes" only if you did NOT follow the story from the start (if you jumped straight into this chapter). 12 | Feel free to say "No" and inspect the script if you prefer setting up resources manually. 13 | ' || exit 0 14 | 15 | echo " 16 | ## You will need following tools installed: 17 | |Name |Required |More info | 18 | |----------------|---------------------|---------------------------------------------------| 19 | |Linux Shell |Yes |Use WSL if you are running Windows | 20 | |Docker |Yes |'https://docs.docker.com/engine/install' | 21 | |kind CLI |Yes |'https://kind.sigs.k8s.io/docs/user/quick-start/#installation'| 22 | |kubectl CLI |Yes |'https://kubernetes.io/docs/tasks/tools/#kubectl' | 23 | |crossplane CLI |Yes |'https://docs.crossplane.io/latest/cli' | 24 | |up CLI |Yes |'https://docs.upbound.io/reference/cli' | 25 | |yq CLI |Yes |'https://github.com/mikefarah/yq#install' | 26 | |Google Cloud account with admin permissions|If using Google Cloud|'https://cloud.google.com'| 27 | |Google Cloud CLI|If using Google Cloud|'https://cloud.google.com/sdk/docs/install' | 28 | |AWS account with admin permissions|If using AWS|'https://aws.amazon.com' | 29 | |AWS CLI |If using AWS |'https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html'| 30 | |Azure account with admin permissions|If using Azure|'https://azure.microsoft.com' | 31 | |az CLI |If using Azure |'https://learn.microsoft.com/cli/azure/install-azure-cli'| 32 | 33 | If you are running this script from **Nix shell**, most of the requirements are already set with the exception of **Docker** and the **hyperscaler account**. 34 | " | gum format 35 | 36 | gum confirm " 37 | Do you have those tools installed? 38 | " || exit 0 39 | 40 | rm -f .env 41 | 42 | set +e 43 | 44 | git fetch upstream 45 | 46 | git merge upstream/main 47 | 48 | set -e 49 | 50 | ######################### 51 | # Control Plane Cluster # 52 | ######################### 53 | 54 | kind create cluster --config kind.yaml 55 | 56 | kubectl create namespace a-team 57 | 58 | ############## 59 | # Crossplane # 60 | ############## 61 | 62 | helm upgrade --install crossplane crossplane \ 63 | --repo https://charts.crossplane.io/stable \ 64 | --namespace crossplane-system --create-namespace --wait 65 | 66 | echo "## Which Hyperscaler do you want to use?" | gum format 67 | 68 | HYPERSCALER=$(gum choose "google" "aws" "azure") 69 | 70 | echo "export HYPERSCALER=$HYPERSCALER" >> .env 71 | 72 | if [ "$HYPERSCALER" = "google" ]; then 73 | 74 | gcloud auth login 75 | 76 | PROJECT_ID=dot-$(date +%Y%m%d%H%M%S) 77 | 78 | echo "export PROJECT_ID=$PROJECT_ID" >> .env 79 | 80 | gcloud projects create ${PROJECT_ID} 81 | 82 | echo "## Open https://console.cloud.google.com/billing/linkedaccount?project=$PROJECT_ID and link a billing account" \ 83 | | gum format 84 | 85 | gum input --placeholder "Press the enter key to continue." 86 | 87 | echo "## Open https://console.cloud.google.com/apis/library/sqladmin.googleapis.com?project=$PROJECT_ID and *ENABLE* the API" \ 88 | | gum format 89 | 90 | gum input --placeholder "Press the enter key to continue." 91 | 92 | export SA_NAME=devops-toolkit 93 | 94 | export SA="${SA_NAME}@${PROJECT_ID}.iam.gserviceaccount.com" 95 | 96 | gcloud iam service-accounts create $SA_NAME \ 97 | --project $PROJECT_ID 98 | 99 | gcloud projects add-iam-policy-binding \ 100 | --role roles/admin $PROJECT_ID \ 101 | --member serviceAccount:$SA 102 | 103 | gcloud iam service-accounts keys create gcp-creds.json \ 104 | --project $PROJECT_ID --iam-account $SA 105 | 106 | kubectl --namespace crossplane-system \ 107 | create secret generic gcp-creds \ 108 | --from-file creds=./gcp-creds.json 109 | 110 | yq --inplace ".spec.projectID = \"$PROJECT_ID\"" \ 111 | providers/google-config.yaml 112 | 113 | elif [ "$HYPERSCALER" = "aws" ]; then 114 | 115 | AWS_ACCESS_KEY_ID=$(gum input \ 116 | --placeholder "AWS Access Key ID" \ 117 | --value "$AWS_ACCESS_KEY_ID") 118 | echo "export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID" >> .env 119 | 120 | AWS_SECRET_ACCESS_KEY=$(gum input \ 121 | --placeholder "AWS Secret Access Key" \ 122 | --value "$AWS_SECRET_ACCESS_KEY" --password) 123 | echo "export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY" >> .env 124 | 125 | AWS_ACCOUNT_ID=$(gum input --placeholder "AWS Account ID" \ 126 | --value "$AWS_ACCOUNT_ID") 127 | echo "export AWS_ACCOUNT_ID=$AWS_ACCOUNT_ID" >> .env 128 | 129 | echo "[default] 130 | aws_access_key_id = $AWS_ACCESS_KEY_ID 131 | aws_secret_access_key = $AWS_SECRET_ACCESS_KEY 132 | " >aws-creds.conf 133 | 134 | kubectl --namespace crossplane-system \ 135 | create secret generic aws-creds \ 136 | --from-file creds=./aws-creds.conf 137 | 138 | else 139 | 140 | AZURE_TENANT_ID=$(gum input --placeholder "Azure Tenant ID" \ 141 | --value "$AZURE_TENANT_ID") 142 | 143 | az login --tenant $AZURE_TENANT_ID 144 | 145 | export SUBSCRIPTION_ID=$(az account show --query id -o tsv) 146 | 147 | az ad sp create-for-rbac --sdk-auth --role Owner \ 148 | --scopes /subscriptions/$SUBSCRIPTION_ID \ 149 | | tee azure-creds.json 150 | 151 | kubectl --namespace crossplane-system \ 152 | create secret generic azure-creds \ 153 | --from-file creds=./azure-creds.json 154 | 155 | DB_NAME=my-db-$(date +%Y%m%d%H%M%S) 156 | 157 | echo "--- 158 | apiVersion: v1 159 | kind: Secret 160 | metadata: 161 | name: my-db-password 162 | data: 163 | password: T1QrOXZQcDhMdXhoeFVQWVpLSk1kUG1YM04xTzBTd3YzWG5ZVjI0UFZzcz0= 164 | --- 165 | apiVersion: devopstoolkitseries.com/v1alpha1 166 | kind: SQLClaim 167 | metadata: 168 | name: my-db 169 | annotations: 170 | organization: DevOps Toolkit 171 | author: Viktor Farcic 172 | spec: 173 | id: $DB_NAME 174 | compositionSelector: 175 | matchLabels: 176 | provider: azure 177 | db: postgresql 178 | parameters: 179 | version: \"11\" 180 | size: small" \ 181 | | tee examples/azure-sql-v6.yaml 182 | 183 | echo "--- 184 | apiVersion: v1 185 | kind: Secret 186 | metadata: 187 | name: $DB_NAME-password 188 | data: 189 | password: T1QrOXZQcDhMdXhoeFVQWVpLSk1kUG1YM04xTzBTd3YzWG5ZVjI0UFZzcz0= 190 | --- 191 | apiVersion: devopstoolkitseries.com/v1alpha1 192 | kind: SQLClaim 193 | metadata: 194 | name: my-db 195 | annotations: 196 | organization: DevOps Toolkit 197 | author: Viktor Farcic 198 | spec: 199 | id: $DB_NAME 200 | compositionSelector: 201 | matchLabels: 202 | provider: azure 203 | db: postgresql 204 | parameters: 205 | version: \"11\" 206 | size: small" \ 207 | | tee examples/azure-sql-v7.yaml 208 | 209 | fi 210 | -------------------------------------------------------------------------------- /shell.nix: -------------------------------------------------------------------------------- 1 | { pkgs ? import {} }:pkgs.mkShell { 2 | packages = with pkgs; [ 3 | gum 4 | gh 5 | kind 6 | kubectl 7 | yq-go 8 | jq 9 | (google-cloud-sdk.withExtraComponents [google-cloud-sdk.components.gke-gcloud-auth-plugin]) 10 | awscli2 11 | azure-cli 12 | upbound 13 | teller 14 | crossplane-cli 15 | kubernetes-helm 16 | ]; 17 | } 18 | --------------------------------------------------------------------------------