Last active
June 26, 2020 09:16
-
-
Save negz/f9b959dc46a9e9141d5efb679d393831 to your computer and use it in GitHub Desktop.
A hypothetical Helm release managed resource
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: apiextensions.crossplane.io/v1alpha1 | |
| kind: InfrastructureDefinition | |
| metadata: | |
| name: wordpressinstances.apps.example.org | |
| spec: | |
| crdSpecTemplate: | |
| group: apps.example.org | |
| version: v1alpha1 | |
| names: | |
| kind: WordpressInstance | |
| listKind: WordpressInstanceList | |
| plural: wordpressinstances | |
| singular: wordpressinstance | |
| validation: | |
| openAPIV3Schema: | |
| type: object | |
| properties: | |
| spec: | |
| type: object | |
| properties: | |
| parameters: | |
| type: object | |
| properties: | |
| image: | |
| type: string | |
| storageGB: | |
| type: integer | |
| blogName: | |
| type: string | |
| required: | |
| - image | |
| - storageGB | |
| - blogName | |
| required: | |
| - parameters | |
| --- | |
| apiVersion: apiextensions.crossplane.io/v1alpha1 | |
| kind: Composition | |
| metadata: | |
| name: wordpressinstances.helm.apps.example.org | |
| labels: | |
| provider: helm | |
| spec: | |
| writeConnectionSecretsToNamespace: crossplane-system | |
| reclaimPolicy: Delete | |
| from: | |
| apiVersion: database.example.org/v1alpha1 | |
| kind: MySQLInstance | |
| to: | |
| - base: | |
| apiVersion: database.gcp.crossplane.io/v1beta1 | |
| kind: CloudSQLInstance | |
| spec: | |
| forProvider: | |
| databaseVersion: MYSQL_5_6 | |
| region: us-central1 | |
| settings: | |
| tier: db-custom-1-3840 | |
| dataDiskType: PD_SSD | |
| ipConfiguration: | |
| ipv4Enabled: true | |
| authorizedNetworks: | |
| - value: "0.0.0.0/0" | |
| writeConnectionSecretToRef: | |
| namespace: crossplane-system | |
| providerRef: | |
| name: gcp-provider | |
| reclaimPolicy: Delete | |
| patches: | |
| - fromFieldPath: "metadata.uid" | |
| toFieldPath: "spec.writeConnectionSecretToRef.name" | |
| transforms: | |
| - type: string | |
| string: | |
| fmt: "%s-postgresql" | |
| - fromFieldPath: "spec.parameters.storageGB" | |
| toFieldPath: "spec.forProvider.settings.dataDiskSizeGb" | |
| connectionDetails: | |
| - fromConnectionSecretKey: username | |
| - fromConnectionSecretKey: password | |
| - fromConnectionSecretKey: endpoint | |
| - name: port | |
| value: "5432" | |
| - base: | |
| apiVersion: helm.crossplane.io/v1alpha1 | |
| kind: Release | |
| spec: | |
| repository: https://charts.bitnami.com/bitnami | |
| chart: wordpress | |
| values: | | |
| mariadb.enabled: false | |
| externaldb.enabled: true | |
| set: | |
| - name: externalDatabase.host | |
| valueFrom: | |
| secretKeyRef: | |
| key: host | |
| - name: externalDatabase.user | |
| valueFrom: | |
| secretKeyRef: | |
| key: username | |
| - name: externalDatabase.password | |
| valueFrom: | |
| secretKeyRef: | |
| key: password | |
| - name: blogName | |
| providerRef: helm-provider | |
| reclaimPolicy: Delete | |
| patches: | |
| - fromFieldPath: "metadata.uid" | |
| toFieldPath: "spec.set[0].valueFrom.secretKeyRef.name" | |
| transforms: | |
| - type: string | |
| string: | |
| fmt: "%s-postgresql" | |
| - fromFieldPath: "metadata.uid" | |
| toFieldPath: "spec.set[1].valueFrom.secretKeyRef.name" | |
| transforms: | |
| - type: string | |
| string: | |
| fmt: "%s-postgresql" | |
| toFieldPath: "spec.set[2].valueFrom.secretKeyRef.name" | |
| transforms: | |
| - type: string | |
| string: | |
| fmt: "%s-postgresql" | |
| - fromFieldPath: "spec.parameters.blogName" | |
| toFieldPath: "spec.set[4].value" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: helm.crossplane.io/v1alpha1 | |
| kind: Release | |
| metadata: | |
| name: wordpress-example | |
| spec: | |
| # This spec is a CR translation of Terraform's provider-helm. It's not clear | |
| # whether invoking provider-helm in a CRUD controller loop would work well; | |
| # we might consider building on one of several existing Helm controllers for | |
| # this particular use case (e.g. Flux's, Rancher's, etc). | |
| # https://www.terraform.io/docs/providers/helm/r/release.html | |
| repository: https://charts.bitnami.com/bitnami | |
| chart: wordpress | |
| values: | | |
| # This is an opaque, inline YAML file of Helm values | |
| mariadb.enabled: false | |
| externaldb.enabled: true | |
| # Terraform supports an array of name/value pairs that override the above | |
| # opaque values file. If we extended this to support 'valueFrom' a secret, | |
| # we could read the values from the connection secret that was written by a | |
| # CloudSQLInstance (for example) within the same composition. This does mean | |
| # we wouldn't be purely generating our helm-provider from the Terraform | |
| # equivalent. | |
| set: | |
| - name: externalDatabase.host | |
| valueFrom: | |
| secretKeyRef: | |
| name: dbconn | |
| key: host | |
| - name: externalDatabase.user | |
| valueFrom: | |
| secretKeyRef: | |
| name: dbconn | |
| key: username | |
| - name: externalDatabase.password | |
| valueFrom: | |
| secretKeyRef: | |
| name: dbconn | |
| key: password | |
| # Provider presumably has a reference to a Secret with a kubecfg file. We | |
| # could use the existing "Kubernetes provider" that provider-rook uses. | |
| providerRef: helm-provider | |
| reclaimPolicy: Delete |
- name: externalDatabase.host
valueFrom:
secretKeyRef:
name: dbconn
key: host
@negz Does this mean that the controller will extract the content of secret and mount the key or is the blob under valueFrom directly passed like any other value?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This looks great !