Created
June 18, 2024 16:39
-
-
Save khusseini/cb3ce6c88e42f9ceb971ced5a2f8552b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: apiextensions.crossplane.io/v1 | |
| kind: CompositeResourceDefinition | |
| metadata: | |
| name: xternaldns.crossplane.diepartments.dev | |
| spec: | |
| group: crossplane.diepartments.dev | |
| names: | |
| kind: XternalDNS | |
| plural: xternaldns | |
| versions: | |
| - name: v1alpha1 | |
| served: true | |
| referenceable: true | |
| schema: | |
| openAPIV3Schema: | |
| type: object | |
| properties: | |
| spec: | |
| type: object | |
| properties: | |
| xeksRef: | |
| type: string | |
| providerConfigRef: | |
| type: string | |
| domainFilters: | |
| type: array | |
| items: | |
| type: string | |
| required: | |
| - domainFilters | |
| - providerConfigRef | |
| - xeksRef | |
| status: | |
| description: A Status represents the observed state | |
| properties: | |
| eks: | |
| description: Freeform field containing status information for eks | |
| type: object | |
| x-kubernetes-preserve-unknown-fields: true | |
| policyArn: | |
| type: string | |
| roleArn: | |
| type: string | |
| type: object | |
| --- | |
| apiVersion: apiextensions.crossplane.io/v1 | |
| kind: Composition | |
| metadata: | |
| name: xternaldns.crossplane.diepartments.dev | |
| labels: | |
| provider: xternaldns | |
| spec: | |
| compositeTypeRef: | |
| apiVersion: crossplane.diepartments.dev/v1alpha1 | |
| kind: XternalDNS | |
| mode: Pipeline | |
| pipeline: | |
| - step: extra-resources | |
| functionRef: | |
| name: crossplane-contrib-function-extra-resources | |
| input: | |
| apiVersion: extra-resources.fn.crossplane.io/v1beta1 | |
| kind: Input | |
| spec: | |
| extraResources: | |
| - kind: XEKS | |
| into: xeks | |
| apiVersion: aws.platform.upbound.io/v1alpha1 | |
| type: Selector | |
| selector: | |
| matchLabels: | |
| - key: crossplane.io/composite | |
| type: FromCompositeFieldPath | |
| valueFromFieldPath: spec.xeksRef | |
| - step: fetch-xeks-information | |
| functionRef: | |
| name: crossplane-contrib-function-go-templating | |
| input: | |
| apiVersion: gotemplating.fn.crossplane.io/v1beta1 | |
| kind: GoTemplate | |
| source: Inline | |
| inline: | |
| template: | | |
| {{- $clusters := index (index $.context "apiextensions.crossplane.io/extra-resources") "xeks" }} | |
| {{- $cluster := index $clusters 0 }} | |
| {{- $status := index $cluster "status"}} | |
| {{- $eks := index $status "eks" }} | |
| apiVersion: crossplane.diepartments.dev/v1alpha1 | |
| kind: XternalDNS | |
| status: | |
| eks: | |
| accountId: {{ index $eks "accountId" }} | |
| oidc: {{ index $eks "oidc" }} | |
| oidcArn: {{ index $eks "oidcArn" }} | |
| oidcUri: {{ index $eks "oidcUri" }} | |
| - step: patch-and-transform | |
| functionRef: | |
| name: crossplane-contrib-function-patch-and-transform | |
| input: | |
| apiVersion: pt.fn.crossplane.io/v1beta1 | |
| kind: Resources | |
| patchSets: | |
| - name: providerConfigRef | |
| patches: | |
| - fromFieldPath: spec.providerConfigRef | |
| toFieldPath: spec.providerConfigRef.name | |
| type: FromCompositeFieldPath | |
| resources: | |
| - name: helmrelease | |
| base: | |
| apiVersion: helm.crossplane.io/v1beta1 | |
| kind: Release | |
| spec: | |
| forProvider: | |
| namespace: default | |
| chart: | |
| repository: https://kubernetes-sigs.github.io/external-dns/ | |
| name: external-dns | |
| version: 1.14.2 | |
| values: | |
| provider: | |
| name: aws | |
| env: | |
| - name: AWS_DEFAULT_REGION | |
| serviceAccount: | |
| annotations: {} | |
| patches: | |
| - fromFieldPath: spec.xeksRef | |
| toFieldPath: spec.providerConfigRef.name | |
| type: FromCompositeFieldPath | |
| - fromFieldPath: spec.domainFilters | |
| toFieldPath: spec.forProvider.values.domainFilters | |
| type: FromCompositeFieldPath | |
| - fromFieldPath: spec.parameters.region | |
| toFieldPath: spec.forProvider.values.env[0].value | |
| type: FromCompositeFieldPath | |
| - type: ToCompositeFieldPath | |
| fromFieldPath: metadata.name | |
| toFieldPath: status.eks.helmReleaseName | |
| - type: FromCompositeFieldPath | |
| fromFieldPath: status.roleArn | |
| toFieldPath: spec.forProvider.values.serviceAccount.annotations["eks.amazonaws.com/role-arn"] | |
| - name: iampolicy | |
| base: | |
| apiVersion: iam.aws.upbound.io/v1beta1 | |
| kind: Policy | |
| metadata: | |
| name: managed-external-dns | |
| labels: | |
| component: external-dns | |
| spec: | |
| deletionPolicy: Delete | |
| providerConfigRef: | |
| name: default | |
| forProvider: | |
| policy: | | |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "route53:ChangeResourceRecordSets" | |
| ], | |
| "Resource": [ | |
| "arn:aws:route53:::hostedzone/*" | |
| ] | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "route53:ListHostedZones", | |
| "route53:ListResourceRecordSets" | |
| ], | |
| "Resource": [ | |
| "*" | |
| ] | |
| } | |
| ] | |
| } | |
| patches: | |
| - patchSetName: providerConfigRef | |
| type: PatchSet | |
| - fromFieldPath: metadata.name | |
| toFieldPath: metadata.name | |
| transforms: | |
| - string: | |
| fmt: "managed-%s" | |
| type: Format | |
| type: string | |
| type: FromCompositeFieldPath | |
| - fromFieldPath: status.atProvider.arn | |
| toFieldPath: status.policyArn | |
| type: ToCompositeFieldPath | |
| - name: iamrole | |
| base: | |
| apiVersion: iam.aws.upbound.io/v1beta1 | |
| kind: Role | |
| metadata: | |
| name: managed-external-dns | |
| labels: | |
| component: external-dns | |
| spec: | |
| deletionPolicy: Delete | |
| forProvider: | |
| assumeRolePolicy: "" | |
| patches: | |
| - combine: | |
| strategy: string | |
| string: | |
| fmt: | | |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Principal": { | |
| "Federated": "%s" | |
| }, | |
| "Action": "sts:AssumeRoleWithWebIdentity", | |
| "Condition": { | |
| "StringEquals": { | |
| "%s:sub": "system:serviceaccount:default:%s-external-dns", | |
| "%s:aud": "sts.amazonaws.com" | |
| } | |
| } | |
| } | |
| ] | |
| } | |
| variables: | |
| - fromFieldPath: status.eks.oidcArn | |
| - fromFieldPath: status.eks.oidcUri | |
| - fromFieldPath: status.eks.helmReleaseName | |
| - fromFieldPath: status.eks.oidcUri | |
| toFieldPath: spec.forProvider.assumeRolePolicy | |
| type: CombineFromComposite | |
| - type: ToCompositeFieldPath | |
| fromFieldPath: status.atProvider.arn | |
| toFieldPath: status.roleArn | |
| - patchSetName: providerConfigRef | |
| type: PatchSet | |
| - fromFieldPath: metadata.name | |
| toFieldPath: metadata.name | |
| transforms: | |
| - string: | |
| fmt: "managed-%s" | |
| type: Format | |
| type: string | |
| type: FromCompositeFieldPath | |
| - fromFieldPath: status.atProvider.arn | |
| toFieldPath: status.policyArn | |
| type: ToCompositeFieldPath | |
| - name: iamroleassociation | |
| base: | |
| apiVersion: iam.aws.upbound.io/v1beta1 | |
| kind: RolePolicyAttachment | |
| metadata: | |
| labels: | |
| component: external-dns | |
| spec: | |
| deletionPolicy: Delete | |
| forProvider: | |
| policyArnSelector: | |
| matchControllerRef: true | |
| matchLabels: | |
| component: external-dns | |
| roleSelector: | |
| matchControllerRef: true | |
| matchLabels: | |
| component: external-dns | |
| patches: | |
| - patchSetName: providerConfigRef | |
| type: PatchSet |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment