haarchri/gist:e845a2213618f12e663915da53110839

## gistfile1.yaml
    - step: addon-keyvault-secrets-provider
      functionRef:
        name: crossplane-contrib-function-go-templating
      input:
        apiVersion: gotemplating.fn.crossplane.io/v1beta1
        kind: GoTemplate
        source: Inline
        inline:
          template: |
            {{ if and (ne $.observed.resources nil) }}

            {{ $compositeSpec := index $.observed.composite.resource.spec.parameters }}
            {{ $addOns := index $compositeSpec "addOns" }}
            {{ $monitorId := index $compositeSpec "monitorId" }}

            {{ $aksResource := index $.observed.resources "aks" }}
            {{ if and $aksResource $addOns (gt (len $addOns) 0) }}
            ---
            apiVersion: containerservice.azure.upbound.io/v1beta1
            kind: KubernetesCluster
            metadata:
              annotations:
                gotemplating.fn.crossplane.io/composition-resource-name: aks
            spec:
              forProvider:
                {{ with $aksResource.resource.spec.forProvider }}
                  {{ $mergedForProvider := . }}
                  {{ $mergedAzureKeyvaultSecretsProvider := list }}
                  {{ $mergedOmsAgent := list }}
                  {{ $mergedPolicy := dict }}
                  {{ range $index, $addon := $addOns }}
                    {{ if eq $addon "keyvault" }}
                      {{ $mergedAzureKeyvaultSecretsProvider = list (dict
                          "secretRotationEnabled" true
                          "secretRotationInterval" "2m"
                        )
                      }}
                    {{ else if eq $addon "monitoring" }}
                      {{ $mergedOmsAgent = list (dict
                          "msiAuthForMonitoringEnabled" true
                          "logAnalyticsWorkspaceId" $monitorId
                        )
                      }}
                    {{ else if eq $addon "policy" }}
                      {{ $policy := dict
                        "azurePolicyEnabled" true
                      }}
                      {{ $mergedPolicy = $mergedPolicy | merge $policy }}
                    {{ end }}
                  {{ end }}
                 {{ if and (not (eq $mergedOmsAgent nil)) (ne (len $mergedOmsAgent) 0) }}
                    {{ $mergedForProvider = $mergedForProvider | merge (dict "omsAgent" $mergedOmsAgent) }}
                  {{ end }}
                  {{ if and (not (eq $mergedAzureKeyvaultSecretsProvider nil)) (ne (len $mergedAzureKeyvaultSecretsProvider) 0) }}
                    {{ $mergedForProvider = $mergedForProvider | merge (dict "keyVaultSecretsProvider" $mergedAzureKeyvaultSecretsProvider) }}
                  {{ end }}
                  {{ $mergedForProvider = $mergedForProvider | merge $mergedPolicy }}
                  {{ $mergedYAML := $mergedForProvider | toYaml | indent 6 }}
                  {{ trim $mergedYAML }}
                {{ end }}
            {{ end }}
            {{ end }}
	- step: addon-keyvault-secrets-provider
	functionRef:
	name: crossplane-contrib-function-go-templating
	input:
	apiVersion: gotemplating.fn.crossplane.io/v1beta1
	kind: GoTemplate
	source: Inline
	inline:
	template: \|
	{{ if and (ne $.observed.resources nil) }}

	{{ $compositeSpec := index $.observed.composite.resource.spec.parameters }}
	{{ $addOns := index $compositeSpec "addOns" }}
	{{ $monitorId := index $compositeSpec "monitorId" }}

	{{ $aksResource := index $.observed.resources "aks" }}
	{{ if and $aksResource $addOns (gt (len $addOns) 0) }}
	---
	apiVersion: containerservice.azure.upbound.io/v1beta1
	kind: KubernetesCluster
	metadata:
	annotations:
	gotemplating.fn.crossplane.io/composition-resource-name: aks
	spec:
	forProvider:
	{{ with $aksResource.resource.spec.forProvider }}
	{{ $mergedForProvider := . }}
	{{ $mergedAzureKeyvaultSecretsProvider := list }}
	{{ $mergedOmsAgent := list }}
	{{ $mergedPolicy := dict }}
	{{ range $index, $addon := $addOns }}
	{{ if eq $addon "keyvault" }}
	{{ $mergedAzureKeyvaultSecretsProvider = list (dict
	"secretRotationEnabled" true
	"secretRotationInterval" "2m"
	)
	}}
	{{ else if eq $addon "monitoring" }}
	{{ $mergedOmsAgent = list (dict
	"msiAuthForMonitoringEnabled" true
	"logAnalyticsWorkspaceId" $monitorId
	)
	}}
	{{ else if eq $addon "policy" }}
	{{ $policy := dict
	"azurePolicyEnabled" true
	}}
	{{ $mergedPolicy = $mergedPolicy \| merge $policy }}
	{{ end }}
	{{ end }}
	{{ if and (not (eq $mergedOmsAgent nil)) (ne (len $mergedOmsAgent) 0) }}
	{{ $mergedForProvider = $mergedForProvider \| merge (dict "omsAgent" $mergedOmsAgent) }}
	{{ end }}
	{{ if and (not (eq $mergedAzureKeyvaultSecretsProvider nil)) (ne (len $mergedAzureKeyvaultSecretsProvider) 0) }}
	{{ $mergedForProvider = $mergedForProvider \| merge (dict "keyVaultSecretsProvider" $mergedAzureKeyvaultSecretsProvider) }}
	{{ end }}
	{{ $mergedForProvider = $mergedForProvider \| merge $mergedPolicy }}
	{{ $mergedYAML := $mergedForProvider \| toYaml \| indent 6 }}
	{{ trim $mergedYAML }}
	{{ end }}
	{{ end }}
	{{ end }}