eumel8 · March 14, 2024 21:52
diff --git a/composition-s3-backup.yaml b/composition-s3-backup.yaml
 apiVersion: apiextensions.crossplane.io/v1
 kind: Composition
 metadata:
  annotations:
  name: vcluster.caas.telekom.de
 spec:
  compositeTypeRef:
    apiVersion: caas.telekom.de/v1alpha1
    kind: Vcluster
  mode: Resources
  publishConnectionDetailsWithStoreConfigRef:
    name: default
  resources:
  - base:
      apiVersion: helm.crossplane.io/v1beta1
      kind: Release
      metadata: {}
      spec:
        forProvider:
          chart:
            name: s3-register
            repository: oci://mtr.devops.telekom.de/caas/charts
            url: oci://mtr.devops.telekom.de/caas/charts/s3-register:0.0.1
            version: 0.0.1
            pullSecretRef:
              name: "mtr-pull-secret"
              namespace: "crossplane-system"
          values:
            defaultImageRegistry: mtr.devops.telekom.de
            image: mtr.devops.telekom.de/mcsps/utils:latest
            s3:
              adminpassword: xxxxxx
              adminuser: xxxxx
              url: http://minio.minio:9000
        providerConfigRef:
          name: crossplane-provider-helm
        rollbackLimit: 3
    name: s3-register
    patches:
    - fromFieldPath: metadata.name
      policy:
        fromFieldPath: Required
      toFieldPath: spec.forProvider.values.clustername
      type: FromCompositeFieldPath
    - fromFieldPath: metadata.name
      policy:
        fromFieldPath: Required
      toFieldPath: spec.forProvider.namespace
      type: FromCompositeFieldPath
    - fromFieldPath: metadata.name
      policy:
        fromFieldPath: Required
      toFieldPath: metadata.annotations[crossplane.io/external-name]
      transforms:
      - string:
          fmt: '%s-s3-register'
          type: Format
        type: string
      type: FromCompositeFieldPath
    readinessChecks:
    - matchCondition:
        status: "True"
        type: Ready
      type: MatchCondition
  - base:
      apiVersion: helm.crossplane.io/v1beta1
      kind: Release
      metadata: {}
      spec:
        forProvider:
          chart:
            name: vcluster
            repository: oci://mtr.devops.telekom.de/caas/charts
            url: oci://mtr.devops.telekom.de/caas/charts/vcluster:v0.19.3
            version: v0.19.3
            pullSecretRef:
              name: "mtr-pull-secret"
              namespace: "crossplane-system"
          values:
            coredns:
              image: /rancher/mirrored-coredns-coredns:1.10.1
            defaultImageRegistry: mtr.devops.telekom.de
            sidecar:
            - env:
              - name: ENDPOINT
                value: minio.minio:9000
              - name: ACCESS_KEY
                value: # patchedvc1
              - name: BUCKET_NAME
                value: # patchedvc1
              - name: CLUSTERNAME
                value: # patchedvc1
              - name: ENC_KEY
                value: "12345"
              - name: TRACE
                value: ""
              - name: INSECURE
                value: "1"
              - name: BACKUP_INTERVAL
                value: 1
              - name: SECRET_KEY
                valueFrom:
                  secretKeyRef:
                    key: s3secretkey
              image: mtr.devops.telekom.de/caas/vcluster-backup:0.0.5
              imagePullPolicy: Always
              name: backup
              resources:
                limits:
                  cpu: "1"
                  memory: 512Mi
                requests:
                  cpu: 20m
                  memory: 64Mi
              securityContext:
                allowPrivilegeEscalation: false
                capabilities:
                  drop:
                  - all
                readOnlyRootFilesystem: true
                runAsGroup: 1000
                runAsNonRoot: true
                runAsUser: 1000
              volumeMounts:
              - mountPath: /tmp
                name: tmp
              - mountPath: /data
                name: data
            storage:
              className: sas
            sync:
              hoststorageclasses:
                enabled: true
              ingresses:
                enabled: true
            syncer:
              image: /caas/vcluster:0.19.3
            vcluster:
              extraArgs:
              - --system-default-registry=mtr.devops.telekom.de
              resources:
                limits:
                  cpu: 200m
                  memory: 2Gi
                requests:
                  cpu: 200m
                  memory: 256Mi
        providerConfigRef:
          name: crossplane-provider-helm
        rollbackLimit: 3
    name: vcluster-helm-release
    patches:
    - fromFieldPath: metadata.name
      policy:
        fromFieldPath: Required
      toFieldPath: spec.forProvider.values.sidecar[0].env[8].valueFrom.secretKeyRef.name
      transforms:
      - string:
          fmt: '%s-s3-register'
          type: Format
        type: string
      type: FromCompositeFieldPath
    - fromFieldPath: metadata.name
      policy:
        fromFieldPath: Required
      toFieldPath: spec.forProvider.values.sidecar[0].env[3].value
      type: FromCompositeFieldPath
    - fromFieldPath: metadata.name
      policy:
        fromFieldPath: Required
      toFieldPath: spec.forProvider.values.sidecar[0].env[2].value
      type: FromCompositeFieldPath
    - fromFieldPath: metadata.name
      policy:
        fromFieldPath: Required
      toFieldPath: spec.forProvider.values.sidecar[0].env[1].value
      type: FromCompositeFieldPath
    - fromFieldPath: spec.k8sversion
      policy:
        fromFieldPath: Required
      toFieldPath: spec.forProvider.values.vcluster.image
      transforms:
      - string:
          fmt: /rancher/k3s:%s
          type: Format
        type: string
      type: FromCompositeFieldPath
    - fromFieldPath: metadata.name
      policy:
        fromFieldPath: Required
      toFieldPath: spec.forProvider.namespace
      type: FromCompositeFieldPath
    - fromFieldPath: metadata.name
      policy:
        fromFieldPath: Required
      toFieldPath: metadata.annotations[crossplane.io/external-name]
      transforms:
      - string:
          fmt: '%s-vcluster'
          type: Format
        type: string
      type: FromCompositeFieldPath
    readinessChecks:
    - matchCondition:
        status: "True"
        type: Ready
      type: MatchCondition
  - base:
      apiVersion: helm.crossplane.io/v1beta1
      kind: Release
      metadata: {}
      spec:
        forProvider:
          chart:
            name: rancher-cluster
            repository: oci://mtr.devops.telekom.de/caas/charts
            url: oci://mtr.devops.telekom.de/caas/charts/rancher-cluster:0.0.40
            version: 0.0.40
            pullSecretRef:
              name: "mtr-pull-secret"
              namespace: "crossplane-system"
          values:
            defaultImageRegistry: mtr.devops.telekom.de
            image: mtr.devops.telekom.de/mcsps/utils:latest
            rancher:
              url: https://raseed-test.external.otc.telekomcloud.com
        providerConfigRef:
          name: crossplane-provider-helm
        rollbackLimit: 3
    name: vcluster-rancher-register
    patches:
    - fromFieldPath: metadata.name
      policy:
        fromFieldPath: Required
      toFieldPath: spec.forProvider.values.clustername
      type: FromCompositeFieldPath
    - fromFieldPath: metadata.name
      policy:
        fromFieldPath: Required
      toFieldPath: spec.forProvider.namespace
      type: FromCompositeFieldPath
    - fromFieldPath: metadata.name
      policy:
        fromFieldPath: Required
      toFieldPath: metadata.annotations[crossplane.io/external-name]
      transforms:
      - string:
          fmt: '%s-register-rancher'
          type: Format
        type: string
      type: FromCompositeFieldPath
    readinessChecks:
    - matchCondition:
        status: "True"
        type: Ready
      type: MatchCondition
  writeConnectionSecretsToNamespace: crossplane-system
	apiVersion: apiextensions.crossplane.io/v1
	kind: Composition
	metadata:
	annotations:
	name: vcluster.caas.telekom.de
	spec:
	compositeTypeRef:
	apiVersion: caas.telekom.de/v1alpha1
	kind: Vcluster
	mode: Resources
	publishConnectionDetailsWithStoreConfigRef:
	name: default
	resources:
	- base:
	apiVersion: helm.crossplane.io/v1beta1
	kind: Release
	metadata: {}
	spec:
	forProvider:
	chart:
	name: s3-register
	repository: oci://mtr.devops.telekom.de/caas/charts
	url: oci://mtr.devops.telekom.de/caas/charts/s3-register:0.0.1
	version: 0.0.1
	pullSecretRef:
	name: "mtr-pull-secret"
	namespace: "crossplane-system"
	values:
	defaultImageRegistry: mtr.devops.telekom.de
	image: mtr.devops.telekom.de/mcsps/utils:latest
	s3:
	adminpassword: xxxxxx
	adminuser: xxxxx
	url: http://minio.minio:9000
	providerConfigRef:
	name: crossplane-provider-helm
	rollbackLimit: 3
	name: s3-register
	patches:
	- fromFieldPath: metadata.name
	policy:
	fromFieldPath: Required
	toFieldPath: spec.forProvider.values.clustername
	type: FromCompositeFieldPath
	- fromFieldPath: metadata.name
	policy:
	fromFieldPath: Required
	toFieldPath: spec.forProvider.namespace
	type: FromCompositeFieldPath
	- fromFieldPath: metadata.name
	policy:
	fromFieldPath: Required
	toFieldPath: metadata.annotations[crossplane.io/external-name]
	transforms:
	- string:
	fmt: '%s-s3-register'
	type: Format
	type: string
	type: FromCompositeFieldPath
	readinessChecks:
	- matchCondition:
	status: "True"
	type: Ready
	type: MatchCondition
	- base:
	apiVersion: helm.crossplane.io/v1beta1
	kind: Release
	metadata: {}
	spec:
	forProvider:
	chart:
	name: vcluster
	repository: oci://mtr.devops.telekom.de/caas/charts
	url: oci://mtr.devops.telekom.de/caas/charts/vcluster:v0.19.3
	version: v0.19.3
	pullSecretRef:
	name: "mtr-pull-secret"
	namespace: "crossplane-system"
	values:
	coredns:
	image: /rancher/mirrored-coredns-coredns:1.10.1
	defaultImageRegistry: mtr.devops.telekom.de
	sidecar:
	- env:
	- name: ENDPOINT
	value: minio.minio:9000
	- name: ACCESS_KEY
	value: # patchedvc1
	- name: BUCKET_NAME
	value: # patchedvc1
	- name: CLUSTERNAME
	value: # patchedvc1
	- name: ENC_KEY
	value: "12345"
	- name: TRACE
	value: ""
	- name: INSECURE
	value: "1"
	- name: BACKUP_INTERVAL
	value: 1
	- name: SECRET_KEY
	valueFrom:
	secretKeyRef:
	key: s3secretkey
	image: mtr.devops.telekom.de/caas/vcluster-backup:0.0.5
	imagePullPolicy: Always
	name: backup
	resources:
	limits:
	cpu: "1"
	memory: 512Mi
	requests:
	cpu: 20m
	memory: 64Mi
	securityContext:
	allowPrivilegeEscalation: false
	capabilities:
	drop:
	- all
	readOnlyRootFilesystem: true
	runAsGroup: 1000
	runAsNonRoot: true
	runAsUser: 1000
	volumeMounts:
	- mountPath: /tmp
	name: tmp
	- mountPath: /data
	name: data
	storage:
	className: sas
	sync:
	hoststorageclasses:
	enabled: true
	ingresses:
	enabled: true
	syncer:
	image: /caas/vcluster:0.19.3
	vcluster:
	extraArgs:
	- --system-default-registry=mtr.devops.telekom.de
	resources:
	limits:
	cpu: 200m
	memory: 2Gi
	requests:
	cpu: 200m
	memory: 256Mi
	providerConfigRef:
	name: crossplane-provider-helm
	rollbackLimit: 3
	name: vcluster-helm-release
	patches:
	- fromFieldPath: metadata.name
	policy:
	fromFieldPath: Required
	toFieldPath: spec.forProvider.values.sidecar[0].env[8].valueFrom.secretKeyRef.name
	transforms:
	- string:
	fmt: '%s-s3-register'
	type: Format
	type: string
	type: FromCompositeFieldPath
	- fromFieldPath: metadata.name
	policy:
	fromFieldPath: Required
	toFieldPath: spec.forProvider.values.sidecar[0].env[3].value
	type: FromCompositeFieldPath
	- fromFieldPath: metadata.name
	policy:
	fromFieldPath: Required
	toFieldPath: spec.forProvider.values.sidecar[0].env[2].value
	type: FromCompositeFieldPath
	- fromFieldPath: metadata.name
	policy:
	fromFieldPath: Required
	toFieldPath: spec.forProvider.values.sidecar[0].env[1].value
	type: FromCompositeFieldPath
	- fromFieldPath: spec.k8sversion
	policy:
	fromFieldPath: Required
	toFieldPath: spec.forProvider.values.vcluster.image
	transforms:
	- string:
	fmt: /rancher/k3s:%s
	type: Format
	type: string
	type: FromCompositeFieldPath
	- fromFieldPath: metadata.name
	policy:
	fromFieldPath: Required
	toFieldPath: spec.forProvider.namespace
	type: FromCompositeFieldPath
	- fromFieldPath: metadata.name
	policy:
	fromFieldPath: Required
	toFieldPath: metadata.annotations[crossplane.io/external-name]
	transforms:
	- string:
	fmt: '%s-vcluster'
	type: Format
	type: string
	type: FromCompositeFieldPath
	readinessChecks:
	- matchCondition:
	status: "True"
	type: Ready
	type: MatchCondition
	- base:
	apiVersion: helm.crossplane.io/v1beta1
	kind: Release
	metadata: {}
	spec:
	forProvider:
	chart:
	name: rancher-cluster
	repository: oci://mtr.devops.telekom.de/caas/charts
	url: oci://mtr.devops.telekom.de/caas/charts/rancher-cluster:0.0.40
	version: 0.0.40
	pullSecretRef:
	name: "mtr-pull-secret"
	namespace: "crossplane-system"
	values:
	defaultImageRegistry: mtr.devops.telekom.de
	image: mtr.devops.telekom.de/mcsps/utils:latest
	rancher:
	url: https://raseed-test.external.otc.telekomcloud.com
	providerConfigRef:
	name: crossplane-provider-helm
	rollbackLimit: 3
	name: vcluster-rancher-register
	patches:
	- fromFieldPath: metadata.name
	policy:
	fromFieldPath: Required
	toFieldPath: spec.forProvider.values.clustername
	type: FromCompositeFieldPath
	- fromFieldPath: metadata.name
	policy:
	fromFieldPath: Required
	toFieldPath: spec.forProvider.namespace
	type: FromCompositeFieldPath
	- fromFieldPath: metadata.name
	policy:
	fromFieldPath: Required
	toFieldPath: metadata.annotations[crossplane.io/external-name]
	transforms:
	- string:
	fmt: '%s-register-rancher'
	type: Format
	type: string
	type: FromCompositeFieldPath
	readinessChecks:
	- matchCondition:
	status: "True"
	type: Ready
	type: MatchCondition
	writeConnectionSecretsToNamespace: crossplane-system