Skip to content

Instantly share code, notes, and snippets.

@ebuildy

ebuildy/diagram.d2

Created September 23, 2024 12:12
Show Gist options
  • Save ebuildy/956f52b543d64c830a5337f6d8d9104c to your computer and use it in GitHub Desktop.
Save ebuildy/956f52b543d64c830a5337f6d8d9104c to your computer and use it in GitHub Desktop.
Download ZIP
Diagram about platform as-service
Raw
diagram.d2
grid-rows: 1
legends: {
class: container
grid-rows: 3
explanation: |md
# YAML everywhere
A `project` is defined in YAML format, it contains ALL details:
- members
- gitlab groups/projects
- kubernetes namespaces
- vault paths, roles
- azure roles
- any saas info (slack ....)
- jira project
|
project_yaml: |yaml
name: my-project
jira-project: MY
members:
- user: tom
role: dev
- user: tom
role: observer
gitlab:
group: my-project
projects:
helm-charts:
kind: helm-charts
my-app:
kind: nodejs-docker
vault:
roles:
my-app:
policies: [read-secret]
policies:
read-secret: "...."
kibana:
space: my-project
|
users: {
user_dev: {
icon: https://diagrams.mingrammer.com/img/resources/onprem/client/user.png
shape: image
label: Gentil dev
}
user_sre: {
icon: https://diagrams.mingrammer.com/img/resources/onprem/client/user.png
shape: image
label: SRE
}
user_platform: {
icon: https://diagrams.mingrammer.com/img/resources/onprem/client/user.png
shape: image
label: Platform ing
}
user_dev -> user_sre -> user_platform -> user_dev: pay beers
}
}
classes: {
gitlab: {
icon: https://diagrams.mingrammer.com/img/resources/onprem/vcs/gitlab.png
shape: image
}
workload: {
icon: https://diagrams.mingrammer.com/img/resources/k8s/compute/pod.png
}
container: {
style.fill: white
style.stroke-width: 0
label: ""
}
}
main: {
class: container
projects: {
class: gitlab
label: Repo projects as-code
}
engine: {
class: workload
label: GitLab CI
explanation2: |md
# Magic happens
- create MRs on services config-as-code projects
- sync configuration from main application YAML
(hey I am just GitLab CI runners on Kubernetes)
|
}
gitlab_projects: {
icon: https://diagrams.mingrammer.com/img/resources/onprem/vcs/gitlab.png
label: GitLab config-as-code projects
grid-rows: 2
gitlab: {
class: gitlab
label: GitLab CAC
}
ms_entraid: {
class: gitlab
label: MS EntraID CAC
}
azure_tenants: {
class: gitlab
label: Azure Service Principals
}
docker_registry: {
class: gitlab
label: Docker registry CAC
}
vault_cac: {
class: gitlab
label: Vault CAC
}
elastic_cac: {
class: gitlab
label: Elastic Stack CAC
}
}
sub_projects_ci: {
class: workload
label: GitLab CI
explanation2: |md
# Terraform apply
- use Terraform official providers
- tokens/secrets from Vault
|
}
services: {
vault: {
icon: https://diagrams.mingrammer.com/img/resources/onprem/security/vault.png
shape: image
}
kibana: {
icon: https://diagrams.mingrammer.com/img/resources/elastic/elasticsearch/kibana.png
shape: image
label: Kibana
}
ms_entraid: {
icon: https://diagrams.mingrammer.com/img/resources/azure/identity/active-directory.png
shape: image
label: Microsoft EntraID
}
docker_registry: {
icon: https://diagrams.mingrammer.com/img/resources/azure/compute/container-registries.png
shape: image
label: Azure Container Registry
}
# vault -> ms_entraid: auth
# kibana -> ms_entraid: auth
# docker_registry -> ms_entraid: auth
# vault -> kibana: log
# ms_entraid -> kibana: log
# docker_registry -> kibana: log
}
projects -> engine: run
engine -> gitlab_projects: Create Merge Requests per service
gitlab_projects -> sub_projects_ci: run
sub_projects_ci -> services: configure
}
legends.users.user_sre -> main.projects: Manage projects as MR
legends.users -> main.services: use
legends.users.user_platform -> main.gitlab_projects: approve MR
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment