Skip to content

Commit

Permalink
Migrate providers to DeploymentRuntimeConfigs
Browse files Browse the repository at this point in the history 
This also re-adds the syn managed service accounts. This is to ensure
that crossplane doesn't manage the service accounts anymore. As that
will lead to a reconcile loop on openshift.
  • Loading branch information
@Kidswiss
Kidswiss committed Nov 28, 2023
1 parent 4e3ed1d commit c973186
Show file tree
Hide file tree
Showing 72 changed files with 660 additions and 347 deletions.
13 changes: 8 additions & 5 deletions component/class/defaults.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@ parameters:
namespace: syn-appcat
namespaceLabels: {}
namespaceAnnotations: {}
crossplaneNamespace: ${crossplane:namespace}

appuioManaged: true
tenantID: ${cluster:tenant}
Expand Down Expand Up @@ -198,7 +199,8 @@ parameters:
CLOUDSCALE_API_TOKEN: "?{vaultkv:${cluster:tenant}/${cluster:name}/appcat/objectstorage/provider-cloudscale/token}"
spec:
package: ${appcat:images:provider-cloudscale:registry}/${appcat:images:provider-cloudscale:repository}:${appcat:images:provider-cloudscale:tag}
controllerConfig: {}
runtimeConfig:
serviceAccountName: provider-cloudscale
providerConfig: {}

exoscale:
Expand All @@ -212,15 +214,16 @@ parameters:
EXOSCALE_API_SECRET: "?{vaultkv:${cluster:tenant}/${cluster:name}/appcat/provider-exoscale/secret-key}"
spec:
package: ${appcat:images:provider-exoscale:registry}/${appcat:images:provider-exoscale:repository}:${appcat:images:provider-exoscale:tag}
controllerConfig: {}
runtimeConfig:
serviceAccountName: provider-exoscale
providerConfig: {}

kubernetes:
enabled: false
namespace: ${crossplane:namespace}
spec:
package: ${appcat:images:provider-kubernetes:registry}/${appcat:images:provider-kubernetes:repository}:${appcat:images:provider-kubernetes:tag}
controllerConfig:
runtimeConfig:
serviceAccountName: provider-kubernetes
providerConfig: {}

Expand All @@ -229,7 +232,7 @@ parameters:
namespace: ${crossplane:namespace}
spec:
package: ${appcat:images:provider-helm:registry}/${appcat:images:provider-helm:repository}:${appcat:images:provider-helm:tag}
controllerConfig:
runtimeConfig:
serviceAccountName: provider-helm
providerConfig: {}

Expand All @@ -238,7 +241,7 @@ parameters:
namespace: ${crossplane:namespace}
spec:
package: ${appcat:images:provider-minio:registry}/${appcat:images:provider-minio:repository}:${appcat:images:provider-minio:tag}
controllerConfig:
runtimeConfig:
serviceAccountName: provider-minio
providerConfigRefs: []
additionalProviderConfigs: []
Expand Down
30 changes: 30 additions & 0 deletions component/component/common.libsonnet
View file
Original file line number Diff line number Diff line change
Expand Up @@ -170,6 +170,34 @@ local defaultReadinessCheck() = {
],
};

local defaultRuntimeConfigWithSaName(name) = {
apiVersion: 'pkg.crossplane.io/v1beta1',
kind: 'DeploymentRuntimeConfig',
metadata: {
name: name,
},
spec: {
deploymentTemplate: {
spec: {
selector: {},
template: {
spec:
{
containers: [
{
name: 'package-runtime',
securityContext: {},
},
],
securityContext: {},
serviceAccountName: name,
},
},
},
},
},
};

{
SyncOptions: syncOptions,
VshnMetaDBaaSExoscale(dbname):
Expand Down Expand Up @@ -202,4 +230,6 @@ local defaultReadinessCheck() = {
emailAlerting(alertingSettings),
DefaultReadinessCheck():
defaultReadinessCheck(),
DefaultRuntimeConfigWithSaName(name):
defaultRuntimeConfigWithSaName(name),
}
60 changes: 22 additions & 38 deletions component/component/functions.jsonnet
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,22 +10,25 @@ local params = inv.parameters.appcat;
local appcatImage = params.images.functionAppcat;
local pntImage = params.images.functionpnt;

local getFunction(name, package) = {
local getFunction(name, package, runtimeConfigName) = {
apiVersion: 'pkg.crossplane.io/v1beta1',
kind: 'Function',
metadata: {
name: name,
},
spec: {
package: package,
runtimeConfigRef: {
name: runtimeConfigName,
},
},
};

local appcatRuntimeConfig = {
apiVersion: 'pkg.crossplane.io/v1beta1',
kind: 'DeploymentRuntimeConfig',
metadata: {
name: 'appcat-runtime-config',
name: 'function-appcat',
},
spec: {
deploymentTemplate: {
Expand All @@ -43,58 +46,39 @@ local appcatRuntimeConfig = {
},
],
securityContext: {},
serviceAccountName: 'function-appcat',
},
},
},
},
},
};

local defaultRuntimeConfig = {
apiVersion: 'pkg.crossplane.io/v1beta1',
kind: 'DeploymentRuntimeConfig',
metadata: {
name: 'default',
},
spec: {
deploymentTemplate: {
spec: {
selector: {},
template: {
spec:
{
containers: [
{
name: 'package-runtime',
securityContext: {},
},
],
securityContext: {},
},
},
},
},
},
};


local appcatImageTag = std.strReplace(appcatImage.tag, '/', '_');

local appcatFunctionImage = appcatImage.registry + '/' + appcatImage.repository + ':' + appcatImageTag;

local appcat = getFunction('function-appcat', appcatFunctionImage) + {
spec+: {
runtimeConfigRef: {
name: 'appcat-runtime-config',
},
local appcat = getFunction('function-appcat', appcatFunctionImage, 'function-appcat');

local saAppCat = kube.ServiceAccount('function-appcat') {
metadata+: {
namespace: params.crossplaneNamespace,
},
};

local saPnT = kube.ServiceAccount('function-patch-and-transform') {
metadata+: {
namespace: params.crossplaneNamespace,
},
};

local pntFunctionImage = pntImage.registry + '/' + pntImage.repository + ':' + pntImage.tag;

{
'10_function_patch_and_transform': getFunction('function-patch-and-transform', pntFunctionImage),
'10_function_patch_and_transform': getFunction('function-patch-and-transform', pntFunctionImage, 'function-patch-and-transform'),
'10_function_appcat': appcat,
'10_runtimeconfig_appcat': appcatRuntimeConfig,
'10_runtimeconfig_default': defaultRuntimeConfig,
'10_runtimeconfig_function_appcat': appcatRuntimeConfig,
'10_runtimeconfig_function_pnt': common.DefaultRuntimeConfigWithSaName('function-patch-and-transform'),
'20_serviceaccount_appcat': saAppCat,
'20_serviceaccount_pnt': saPnT,
}
Loading

0 comments on commit c973186

Please sign in to comment.