diff --git a/.github/workflows/git-pr-status-checks.yml b/.github/workflows/git-pr-status-checks.yml index f389384..494a085 100644 --- a/.github/workflows/git-pr-status-checks.yml +++ b/.github/workflows/git-pr-status-checks.yml @@ -4,7 +4,7 @@ on: workflow_call: {} concurrency: - group: building-blocks-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: true permissions: diff --git a/.github/workflows/git-release-create.yml b/.github/workflows/git-release-create.yml index 00195d9..04b1ba1 100644 --- a/.github/workflows/git-release-create.yml +++ b/.github/workflows/git-release-create.yml @@ -9,7 +9,7 @@ on: jobs: git-release-create: name: Helm Chart Release Tag - runs-on: [solinas] + runs-on: ubuntu-latest steps: - name: Login to GitHub Enterprise with token run: | diff --git a/.github/workflows/git-tag-modified-helm-chart.yml b/.github/workflows/git-tag-modified-helm-chart.yml index a2368be..a4df887 100644 --- a/.github/workflows/git-tag-modified-helm-chart.yml +++ b/.github/workflows/git-tag-modified-helm-chart.yml @@ -10,6 +10,6 @@ permissions: jobs: git-tag-modified-helm-chart: name: Tag modified Helm Chart - runs-on: [solinas] + runs-on: ubuntu-latest steps: - uses: openmcp-project/blueprint-building-blocks/.github/actions/git-tag-modified-helm-chart@main \ No newline at end of file diff --git a/.github/workflows/gh-pages-release.yml b/.github/workflows/helm-charts-release-to-gh-oci.yml similarity index 91% rename from .github/workflows/gh-pages-release.yml rename to .github/workflows/helm-charts-release-to-gh-oci.yml index 72d7604..520ead6 100644 --- a/.github/workflows/gh-pages-release.yml +++ b/.github/workflows/helm-charts-release-to-gh-oci.yml @@ -1,9 +1,8 @@ name: Release Charts on: - push: - branches: - - main + workflow_call: {} + workflow_dispatch: {} jobs: release: @@ -27,6 +26,7 @@ jobs: with: charts_dir: helm/charts env: + CR_GENERATE_RELEASE_NOTES: true CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - name: Upload to OCI-based registry diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f43abdc..02a4cee 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -17,12 +17,13 @@ jobs: secrets: inherit release: name: Release - runs-on: [solinas] + runs-on: ubuntu-latest permissions: contents: write # to be able to publish a GitHub release issues: write # to be able to comment on released issues pull-requests: write # to be able to comment on released pull requests id-token: write # to enable use of OIDC for npm provenance + packages: write # to be able to publish a GitHub Packages steps: - name: Checkout uses: actions/checkout@v4 @@ -47,7 +48,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.CO_GOLDEN_PATH_SERVICEUSER_GH_TOKEN }} run: npx semantic-release git-release-create: - uses: "openmcp-project/blueprint-building-blocks/.github/workflows/git-release-create.yml@main" + uses: "openmcp-project/blueprint-building-blocks/.github/workflows/gh-pages-release.yml@main" name: Helm Chart Github Releases needs: release secrets: inherit diff --git a/.github/workflows/shellcheck.yaml b/.github/workflows/shellcheck.yaml index c3f103d..26c09ef 100644 --- a/.github/workflows/shellcheck.yaml +++ b/.github/workflows/shellcheck.yaml @@ -23,9 +23,17 @@ env: MESSAGE_HEADER: "Shell Check" MESSAGE: "" +permissions: + pull-requests: write + contents: write + packages: read + actions: write + checks: write + statuses: write + jobs: shellcheck: - runs-on: [solinas] + runs-on: ubuntu-latest steps: - name: Checkout repo uses: actions/checkout@v4 diff --git a/.github/workflows/yamllint.yml b/.github/workflows/yamllint.yml index 48e4a48..7a430e3 100644 --- a/.github/workflows/yamllint.yml +++ b/.github/workflows/yamllint.yml @@ -7,7 +7,7 @@ on: # Triggers the workflow on push or pull request events but only for the "main" branch pull_request: branches: - - "main-not-activated-yet" + - "main-branch-not-activated-yet" concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} @@ -22,7 +22,7 @@ env: jobs: yamllint: - runs-on: [solinas] + runs-on: ubuntu-latest steps: - name: Checkout repo uses: actions/checkout@v4 @@ -117,4 +117,4 @@ jobs: echo "::group:: human readable validation result" echo -e "${{ env.MESSAGE }}" echo "::endgroup::" - exit 1 \ No newline at end of file + exit 1 diff --git a/.gitignore b/.gitignore index cfb181a..3ef751d 100644 --- a/.gitignore +++ b/.gitignore @@ -36,5 +36,4 @@ bin/ ### Mac OS ### .DS_Store /.idea/ -/ketos-co-helm-charts.iml **/*/values-credentials.yaml diff --git a/.reuse/dep5 b/.reuse/dep5 new file mode 100644 index 0000000..6586e1e --- /dev/null +++ b/.reuse/dep5 @@ -0,0 +1,29 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: blueprint-building-blocks +Upstream-Contact: ospo@sap.com +Source: https://github.com/openmcp-project/blueprint-building-blocks +Disclaimer: The code in this project may include calls to APIs ("API Calls") of + SAP or third-party products or services developed outside of this project + ("External Products"). + "APIs" means application programming interfaces, as well as their respective + specifications and implementing code that allows software to communicate with + other software. + API Calls to External Products are not licensed under the open source license + that governs this project. The use of such API Calls and related External + Products are subject to applicable additional agreements with the relevant + provider of the External Products. In no event shall the open source license + that governs this project grant any rights in or to any External Products,or + alter, expand or supersede any terms of the applicable additional agreements. + If you have a valid license agreement with SAP for the use of a particular SAP + External Product, then you may make use of any API Calls included in this + project's code for that SAP External Product, subject to the terms of such + license agreement. If you do not have a valid license agreement for the use of + a particular SAP External Product, then you may only make use of any API Calls + in this project for that SAP External Product for your internal, non-productive + and non-commercial test and evaluation of such API Calls. Nothing herein grants + you any rights to use or access any SAP External Product, or provide any third + parties the right to use of access any SAP External Product, through API Calls. + +Files: * +Copyright: 2025 SAP SE or an SAP affiliate company and blueprint-building-blocks contributors +License: Apache-2.0 \ No newline at end of file diff --git a/README.md b/README.md index bbe755a..c8124b2 100644 --- a/README.md +++ b/README.md @@ -4,11 +4,139 @@ ## About this project -Helm chart building blocks for Cloud Orchestrator MCP Blueprints +This repositry contains [sub helm charts](https://helm.sh/docs/chart_template_guide/subcharts_and_globals/) of the [OpenMCP](https://github.com/openmcp-project) which are the building blocks for the OpenMCP Blueprints. To start your [Infrastructure as Data]() Cloud Journey with the OpenMCP Blueprint, visit this [repository](https://github.com/openmcp-project/blueprints) and follow `Getting Started` section. ## Requirements and Setup -*Insert a short description what is required to get your project running...* +### Helm Charts +[Helm Charts](http://helm.sh) located at [`./helm/charts`](./helm/charts) are build with various purpose in mind. Please consult `README.md` file of each Helm Chart to discover its purpose, `values.yaml` structure and intended puropse. + +### Continous Delivery +All [Helm Charts](http://helm.sh) located in this repository will be [automatically versioned](https://github.com/openmcp-project/blueprint-workflows/tree/main/.github/actions/helm-chart/version-bump) and [pushed](.github/workflows/gh-pages-release.yml) into [Projects OCI registry](https://github.com/orgs/openmcp-project/packages?repo_name=blueprint-building-blocks) and Helm Repositry [cloud-orchestrator-mcp-blueprint-building-blocks](https://openmcp-project.github.io/blueprint-building-blocks). + + +### [Github Workflows](#github-workflows) +#### [`PR Status Checks`](#github-workflow-git-pr-status-checks) +More details see Github Workflow [`.github/workflows/git-pr-status-checks.yml`](https://github.com/openmcp-project/blueprint-workflows/tree/main/.github/workflows/git-pr-status-checks.yml) of [blueprint-workflows](https://github.com/openmcp-project/blueprint-workflows/tree/main/) + +#### [`.ci.config.yaml`](#github-workflow-ci-config-yaml) + +File `chart-abc/.ci.config.yaml` is optional for every Helm Chart and influences execution of [`.github/workflows/git-pr-status-checks.yml`](.github/workflows/git-pr-status-checks.yml). + +You can enable or disable processing of certain Github Workflows for certain Helm Charts via [`.ci.config.yaml`](helm/charts/test-custom-chart/.ci.config.yaml)! + +```yaml +helm-chart-dependency-update: + enable: true # default is true, even if you do NOT declare this in .ci.config.yaml! +helm-chart-linting: + enable: true # default is true, even if you do NOT declare this in .ci.config.yaml! + options: + --strict: true # fail on lint warnings (default true) + --with-subcharts: false # lint dependent charts (default false) +helm-chart-validation: + enable: true # default is true, even if you do NOT declare this in .ci.config.yaml! + options: + --skip-crds: false # if set true, no CRDs will be templated. By default, CRDs are templated (default false) + --skip-tests: false # skip tests from templated output (default false) + --include-crds: false # include CRDs in the templated output (default false) + --debug: false # enable verbose output (default false) + --dependency-update: true # update dependencies if they are missing before installing the chart (default true) +helm-docs: + enable: true # default is true, even if you do NOT declare this in .ci.config.yaml! + options: + --badge-style: "flat-square" # badge style to use for charts (default "flat-square") + --document-dependency-values: true # For charts with dependencies, include the dependency values in the chart values documentation + --documentation-strict-mode: false # Fail the generation of docs if there are undocumented values + --skip-version-footer: false # if true the helm-docs version footer will not be shown in the default README template + --sort-values-order: "file" # order in which to sort the values table ("alphanum" or "file") (default "alphanum") + --output-file: "README.md" # markdown file path relative to each chart directory to which rendered documentation will be written (default "README.md") +helm-chart-version-bump: + enable: true # default is true, even if you do NOT declare this in .ci.config.yaml! +k8s-manifest-templating: + enable: true # default is true, even if you do NOT declare this in .ci.config.yaml! + options: + --skip-crds: false # if set true, no CRDs will be templated. By default, CRDs are templated (default false) +``` + +:bangbang: It is **HIGHLY** recommended **NOT** to `enabled: false`for `helm-chart-linting-manifest-validation.sh` :bangbang: + +### [Deletion Dependency Graph](#helm-chart-dependencies-deletion-dependency-graph) +:bangbang: **DO NOT DELETE** / **DISABLE** your [Umbrella Helm Chart](https://github.com/openmcp-project/blueprints) Dependencies all at ONCE :bangbang: +If you want to clean-up / deprovision / delete SAP & Hyperscaler Resources, you need to follow a certain order! + +We recommend to delete / disable the Helm Chart Dependencies in the following order: *read from right to left* +``` +flux-config +└── crossplane-provider-pkgs + └── external-secrets-config + ├── crossplane-provider-configs + └── crossplane-provider-apiextensions-composition + ├── crossplane-gardener-shoot-clusters + │ ├── crossplane-provider-helm + │ └── crossplane-provider-kubernetes + ├── crossplane-gardener-shoot-kubeconfigs + │ ├── crossplane-provider-helm + │ └── crossplane-provider-kubernetes + ├── crossplane-provider-aws-* + ├── crossplane-provider-btp-accounts + └── crossplane-provider-dynatrace +``` +E.g.: The `flux-config` dependency shall be deleted / disabled as last. + +#### Example +Lets have a look at the [`Chart.yaml`](https://github.com/openmcp-project/blueprints/blob/main/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/Chart.yaml) of the template [`provider-gardener.abc.shoot.live.k8s-hana.ondemand.com`](https://github.com/openmcp-project/blueprints/blob/main/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com). + +```yaml +dependencies: + - name: crossplane-provider-configs + alias: crossplane-provider-configs + version: .... + repository: "oci://ghcr.io/openmcp-project" + tags: + - crossplane-provider-configs + - name: external-secrets-config + alias: external-secrets-config + version: ... + repository: "oci://ghcr.io/openmcp-project" + tags: + - external-secrets-config + - name: crossplane-gardener-shoot-clusters + alias: crossplane-gardener-shoot-clusters + version: ... + repository: "oci://ghcr.io/openmcp-project" + tags: + - crossplane-gardener-shoot-clusters + - name: crossplane-provider-helm + alias: crossplane-provider-helm + version: ... + repository: "oci://ghcr.io/openmcp-project" + tags: + - crossplane-provider-helm +``` + +```yaml +# values.yaml +tags: + external-secrets-config: true + crossplane-provider-configs: true + crossplane-gardener-shoot-clusters: true + crossplane-provider-helm: true +``` +According to the `Deletion Dependency Graph` section, the order of **deletion / disabling** the Helm Chart dependency is: +1. crossplane-provider-helm +2. crossplane-gardener-shoot-clusters +3. crossplane-provider-configs +4. external-secrets-config + +**Why in this order**? +1. crossplane-provider-helm +> This Helm Chart is used to orchestrate the k8s stack on your Gardener / Kyma Cluster. +2. crossplane-gardener-shoot-clusters +> This Helm Chart is used to orchestrate Gardener Shoot Clusters. +3. crossplane-provider-configs +> This Helm Chart is used to create `crossplane` k8s manifests `kind: ProviderConfig` (e.g. `apiVersion: account.btp.sap.crossplane.io/v1alpha1`) for `crossplane providers` in order to orchestrate (cloud) service providers (e.g. BTP Accounts) +4. external-secrets-config +> This Helm Chart is used to establish a connection to SAP HashiCorp Vault in order to pull/push credentials of (cloud) service providers. ## Support, Feedback, Contributing diff --git a/REUSE.toml b/REUSE.toml deleted file mode 100644 index efecdd3..0000000 --- a/REUSE.toml +++ /dev/null @@ -1,11 +0,0 @@ -version = 1 -SPDX-PackageName = "blueprint-building-blocks" -SPDX-PackageSupplier = "ospo@sap.com" -SPDX-PackageDownloadLocation = "https://github.com/openmcp-project/blueprint-building-blocks" -SPDX-PackageComment = "The code in this project may include calls to APIs (\"API Calls\") of\n SAP or third-party products or services developed outside of this project\n (\"External Products\").\n \"APIs\" means application programming interfaces, as well as their respective\n specifications and implementing code that allows software to communicate with\n other software.\n API Calls to External Products are not licensed under the open source license\n that governs this project. The use of such API Calls and related External\n Products are subject to applicable additional agreements with the relevant\n provider of the External Products. In no event shall the open source license\n that governs this project grant any rights in or to any External Products,or\n alter, expand or supersede any terms of the applicable additional agreements.\n If you have a valid license agreement with SAP for the use of a particular SAP\n External Product, then you may make use of any API Calls included in this\n project's code for that SAP External Product, subject to the terms of such\n license agreement. If you do not have a valid license agreement for the use of\n a particular SAP External Product, then you may only make use of any API Calls\n in this project for that SAP External Product for your internal, non-productive\n and non-commercial test and evaluation of such API Calls. Nothing herein grants\n you any rights to use or access any SAP External Product, or provide any third\n parties the right to use of access any SAP External Product, through API Calls." - -[[annotations]] -path = "**" -precedence = "aggregate" -SPDX-FileCopyrightText = "2025 SAP SE or an SAP affiliate company and blueprint-building-blocks contributors" -SPDX-License-Identifier = "Apache-2.0" diff --git a/helm/charts/mcp/crossplane-gardener-core-cloud/Chart.yaml b/helm/charts/mcp/crossplane-gardener-core-cloud/Chart.yaml index c286331..eae63af 100644 --- a/helm/charts/mcp/crossplane-gardener-core-cloud/Chart.yaml +++ b/helm/charts/mcp/crossplane-gardener-core-cloud/Chart.yaml @@ -16,7 +16,7 @@ icon: "https://gardener.cloud/images/lp/gardener-logo.svg" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.2 +version: 0.0.3 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. @@ -25,4 +25,4 @@ appVersion: "0.1.0" home: "https://gardener.cloud/docs/gardener/api-reference/core/#core.gardener.cloud/v1beta1" # A list of URLs to source code for this project (optional) sources: - - https://github.com/openmcp-project/blueprint-building-blocks \ No newline at end of file + - https://github.com/openmcp-project/blueprint-building-blocks diff --git a/helm/charts/mcp/crossplane-gardener-core-cloud/README.md b/helm/charts/mcp/crossplane-gardener-core-cloud/README.md index 9a78922..7efaf7c 100644 --- a/helm/charts/mcp/crossplane-gardener-core-cloud/README.md +++ b/helm/charts/mcp/crossplane-gardener-core-cloud/README.md @@ -2,12 +2,15 @@ # crossplane-gardener-core-cloud -![Version: 0.0.2](https://img.shields.io/badge/Version-0.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.0](https://img.shields.io/badge/AppVersion-0.1.0-informational?style=flat-square) +![Version: 0.0.3](https://img.shields.io/badge/Version-0.0.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.0](https://img.shields.io/badge/AppVersion-0.1.0-informational?style=flat-square) A Helm chart to template crossplane manifests to manage core.gardener.cloud resources. **Homepage:** +## Source Code + +* ## Values @@ -18,7 +21,7 @@ A Helm chart to template crossplane manifests to manage core.gardener.cloud reso | secretBindings[0].kubernetesCrossplaneProviderConfigRefName | string | `""` | kubernetesCrossplaneProviderConfigRefName needs to match crossplane provider configuration reference name (identifier) of SAP garden cluster control plane! (.shootClusters[*].kubernetesCrossplaneProviderConfigRefName) | | secretBindings[0].labels | list | `[]` | [labels](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta) Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels | | secretBindings[0].name | string | `""` | name defines technical gardener shoot cluster. Max length 15 and must only be lowercase letters, numbers and hyphens! | -| secretBindings[0].projectNamespace | string | `""` | gardener project name. Starts with "garden..." e.g. "garden-aas-dt" | +| secretBindings[0].projectnamespace | string | `"ns1"` | gardener project name. Starts with "garden..." e.g. "garden-aas-dt" | | secretBindings[0].quotas | object | `{}` | *(Optional)* [quotas](https://gardener.cloud/docs/gardener/api-reference/core/#core.gardener.cloud/v1beta1.SecretBinding) is a list of references to Quota objects in the same or another namespace. This field is immutable. | | secretBindings[0].secretBindingName | string | `""` | secretBindingName defines the technical name of [infrastructure secret](https://gardener.cloud/docs/gardener/development/secrets_management/) binding on gardener control plane cluster. e.g. [Secrets of AAS-DT](https://dashboard.garden.canary.k8s.ondemand.com/namespace/garden-aas-dt/secrets) | | secretBindings[0].secretRef | list | `[]` | [secretRef](https://gardener.cloud/docs/gardener/api-reference/core/#core.gardener.cloud/v1beta1.SecretBinding) is a reference to a secret object in the same or another namespace. This field is immutable. | diff --git a/helm/charts/mcp/crossplane-gardener-core-cloud/values.yaml b/helm/charts/mcp/crossplane-gardener-core-cloud/values.yaml index 993a677..9032f3d 100644 --- a/helm/charts/mcp/crossplane-gardener-core-cloud/values.yaml +++ b/helm/charts/mcp/crossplane-gardener-core-cloud/values.yaml @@ -6,7 +6,7 @@ secretBindings: # secretBindings[0].name -- name defines technical gardener shoot cluster. Max length 15 and must only be lowercase letters, numbers and hyphens! - name: "" # -- gardener project name. Starts with "garden..." e.g. "garden-aas-dt" - projectNamespace: "" + projectnamespace: "ns1" # -- kubernetesCrossplaneProviderConfigRefName needs to match crossplane provider configuration reference name (identifier) of SAP garden cluster control plane! (.shootClusters[*].kubernetesCrossplaneProviderConfigRefName) kubernetesCrossplaneProviderConfigRefName: "" # -- secretBindingName defines the technical name of [infrastructure secret](https://gardener.cloud/docs/gardener/development/secrets_management/) binding on gardener control plane cluster. e.g. [Secrets of AAS-DT](https://dashboard.garden.canary.k8s.ondemand.com/namespace/garden-aas-dt/secrets) diff --git a/helm/charts/mcp/crossplane-gardener-shoot-clusters/Chart.yaml b/helm/charts/mcp/crossplane-gardener-shoot-clusters/Chart.yaml index eb83521..4e8aa52 100644 --- a/helm/charts/mcp/crossplane-gardener-shoot-clusters/Chart.yaml +++ b/helm/charts/mcp/crossplane-gardener-shoot-clusters/Chart.yaml @@ -16,7 +16,7 @@ icon: "https://avatars.githubusercontent.com/u/45158470?s=48&v=4" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.8 +version: 0.0.9 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. @@ -24,4 +24,4 @@ version: 0.0.8 appVersion: "0.1.0" # A list of URLs to source code for this project (optional) sources: - - https://github.com/openmcp-project/blueprint-building-blocks \ No newline at end of file + - https://github.com/openmcp-project/blueprint-building-blocks diff --git a/helm/charts/mcp/crossplane-gardener-shoot-clusters/README.md b/helm/charts/mcp/crossplane-gardener-shoot-clusters/README.md index e138ba6..e6ab1b7 100644 --- a/helm/charts/mcp/crossplane-gardener-shoot-clusters/README.md +++ b/helm/charts/mcp/crossplane-gardener-shoot-clusters/README.md @@ -2,10 +2,14 @@ # crossplane-gardener-shoot-clusters -![Version: 0.0.8](https://img.shields.io/badge/Version-0.0.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.0](https://img.shields.io/badge/AppVersion-0.1.0-informational?style=flat-square) +![Version: 0.0.9](https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.0](https://img.shields.io/badge/AppVersion-0.1.0-informational?style=flat-square) A Helm chart to template crossplane manifests to manage Gardener Shoot resources. +## Source Code + +* + ## Values | Key | Type | Default | Description | @@ -40,10 +44,10 @@ A Helm chart to template crossplane manifests to manage Gardener Shoot resources | shootClusters[0].maintenance | list | `[]` | [maintenance](https://github.com/gardener/gardener/blob/master/docs/api-reference/core.md#core.gardener.cloud/v1beta1.Maintenance) contains information about the time window for maintenance operations and which operations should be performed. Setting this value will override .gardener.defaults.maintenance for this shoot cluster! | | shootClusters[0].name | string | `""` | name defines technical gardener shoot cluster. Max length 15 and must only be lowercase letters, numbers and hyphens! | | shootClusters[0].networking | list | `[]` | [networking](https://github.com/gardener/gardener/blob/master/docs/api-reference/core.md#core.gardener.cloud/v1beta1.Networking) contains information about cluster networking such as CNI Plugin type, CIDRs, …etc. Setting this value will override .gardener.defaults.networking for this shoot cluster! | -| shootClusters[0].projectNamespace | string | `""` | gardener project name. Starts with "garden..." e.g. "garden-aas-dt" | +| shootClusters[0].projectnamespace | string | `"ns1"` | gardener project name. Starts with "garden..." e.g. "garden-aas-dt" | | shootClusters[0].providerInfrastructureConfig | list | `[]` | [infrastructureConfig](https://github.com/gardener/gardener/blob/master/docs/api-reference/core.md#provider) contains the provider-specific infrastructure config blob. Please look up the concrete definition in the documentation of your provider extension. Setting this value will override .gardener.defaults.infrastructureConfig for this shoot cluster! | | shootClusters[0].purpose | string | `""` | [purpose](https://github.com/gardener/gardener/blob/master/docs/api-reference/core.md#shoot) is the purpose class for this cluster. e.g. evaluation / development / testing / production | -| shootClusters[0].region | string | `""` | [region](https://github.com/gardener/gardener/blob/master/docs/api-reference/core.md#shoot) is a name of a region. This field is immutable and content is [cloud profile](https://github.com/gardener/gardener/blob/master/docs/api-reference/core.md#cloudprofile) specific. | +| shootClusters[0].region | string | `"eu01"` | [region](https://github.com/gardener/gardener/blob/master/docs/api-reference/core.md#shoot) is a name of a region. This field is immutable and content is [cloud profile](https://github.com/gardener/gardener/blob/master/docs/api-reference/core.md#cloudprofile) specific. | | shootClusters[0].secretBindingName | string | `""` | secretBindingName defines the technical name of [infrastructure secret](https://gardener.cloud/docs/gardener/development/secrets_management/) binding on gardener control plane cluster. e.g. [Secrets of AAS-DT](https://dashboard.garden.canary.k8s.ondemand.com/namespace/garden-aas-dt/secrets) | | shootClusters[0].workers | list | `[]` | [workers](https://github.com/gardener/gardener/blob/master/docs/api-reference/core.md#core.gardener.cloud/v1beta1.Worker) is a list of worker groups. Setting this value will override .gardener.defaults.workers for this shoot cluster! | diff --git a/helm/charts/mcp/crossplane-gardener-shoot-clusters/values.yaml b/helm/charts/mcp/crossplane-gardener-shoot-clusters/values.yaml index 383aaec..166d725 100644 --- a/helm/charts/mcp/crossplane-gardener-shoot-clusters/values.yaml +++ b/helm/charts/mcp/crossplane-gardener-shoot-clusters/values.yaml @@ -178,7 +178,7 @@ shootClusters: # shootClusters[0].name -- name defines technical gardener shoot cluster. Max length 15 and must only be lowercase letters, numbers and hyphens! - name: "" # -- gardener project name. Starts with "garden..." e.g. "garden-aas-dt" - projectNamespace: "" + projectnamespace: "ns1" # -- kubernetesCrossplaneProviderConfigRefName needs to match crossplane provider configuration reference name (identifier) of SAP garden cluster control plane! (.shootClusters[*].kubernetesCrossplaneProviderConfigRefName) kubernetesCrossplaneProviderConfigRefName: "" # -- gardenerOrchestrateCloudProviderConfigRefName needs to match crossplane provider configuration reference name (identifier) of SAP garden cluster control plane! (.shootClusters[*].kubernetesCrossplaneProviderConfigRefName) @@ -188,7 +188,7 @@ shootClusters: # -- cloudProfile is a name of a [CloudProfile object](https://github.com/gardener/gardener/blob/master/docs/api-reference/core.md#cloudprofile). This field is immutable. E.g. gcp / azure / aws cloudProfile: "" # -- [region](https://github.com/gardener/gardener/blob/master/docs/api-reference/core.md#shoot) is a name of a region. This field is immutable and content is [cloud profile](https://github.com/gardener/gardener/blob/master/docs/api-reference/core.md#cloudprofile) specific. - region: "" + region: "eu01" # -- [purpose](https://github.com/gardener/gardener/blob/master/docs/api-reference/core.md#shoot) is the purpose class for this cluster. e.g. evaluation / development / testing / production purpose: "" # -- kubernetes[Version](https://github.com/gardener/gardener/blob/master/docs/api-reference/core.md#core.gardener.cloud/v1beta1.Kubernetes) is the semantic Kubernetes version to use for the Shoot cluster. Defaults to the highest supported minor and patch version given in the referenced cloud profile. The version can be omitted completely or partially specified, e.g. .. diff --git a/helm/charts/mcp/crossplane-gardener-shoot-kubeconfigs/Chart.yaml b/helm/charts/mcp/crossplane-gardener-shoot-kubeconfigs/Chart.yaml index 9918cc1..3ba7cc1 100644 --- a/helm/charts/mcp/crossplane-gardener-shoot-kubeconfigs/Chart.yaml +++ b/helm/charts/mcp/crossplane-gardener-shoot-kubeconfigs/Chart.yaml @@ -16,7 +16,7 @@ icon: "https://avatars.githubusercontent.com/u/45158470?s=48&v=4" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.7 +version: 0.0.8 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. @@ -24,4 +24,4 @@ version: 0.0.7 appVersion: "0.1.0" # A list of URLs to source code for this project (optional) sources: - - https://github.com/openmcp-project/blueprint-building-blocks \ No newline at end of file + - https://github.com/openmcp-project/blueprint-building-blocks diff --git a/helm/charts/mcp/crossplane-gardener-shoot-kubeconfigs/README.md b/helm/charts/mcp/crossplane-gardener-shoot-kubeconfigs/README.md index 9f57936..66b9732 100644 --- a/helm/charts/mcp/crossplane-gardener-shoot-kubeconfigs/README.md +++ b/helm/charts/mcp/crossplane-gardener-shoot-kubeconfigs/README.md @@ -2,17 +2,21 @@ # crossplane-gardener-shoot-kubeconfigs -![Version: 0.0.7](https://img.shields.io/badge/Version-0.0.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.0](https://img.shields.io/badge/AppVersion-0.1.0-informational?style=flat-square) +![Version: 0.0.8](https://img.shields.io/badge/Version-0.0.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.0](https://img.shields.io/badge/AppVersion-0.1.0-informational?style=flat-square) A Helm chart to template crossplane manifests to request kubeconfigs of existing Gardener Shoots. +## Source Code + +* + ## Values | Key | Type | Default | Description | |-----|------|---------|-------------| | shootClusters | list | - | shootClusters contains information and configuration of Gardener shoot clusters. | | shootClusters[0].gardenerOrchestrateCloudProviderConfigRefName | string | `""` | gardenerOrchestrateCloudProviderConfigRefName needs to match crossplane provider configuration reference name (identifier) of SAP garden cluster control plane! (.gardener.controlPlane.shootClusters[*].gardenerOrchestrateCloudProviderConfigRefName) | -| shootClusters[0].projectNamespace | string | `""` | gardener project name. Starts with "garden..." e.g. "garden-aas-dt" | +| shootClusters[0].projectnamespace | string | `"ns1"` | gardener project name. Starts with "garden..." e.g. "garden-aas-dt" | ---------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) \ No newline at end of file diff --git a/helm/charts/mcp/crossplane-gardener-shoot-kubeconfigs/values.yaml b/helm/charts/mcp/crossplane-gardener-shoot-kubeconfigs/values.yaml index 20d50ae..71ccd96 100644 --- a/helm/charts/mcp/crossplane-gardener-shoot-kubeconfigs/values.yaml +++ b/helm/charts/mcp/crossplane-gardener-shoot-kubeconfigs/values.yaml @@ -6,6 +6,6 @@ shootClusters: # gardener.controlPlane.shootClusters[0].name -- name defines technical gardener shoot cluster. Max length 15 and must only be lowercase letters, numbers and hyphens! - name: "" # -- gardener project name. Starts with "garden..." e.g. "garden-aas-dt" - projectNamespace: "" + projectnamespace: "ns1" # -- gardenerOrchestrateCloudProviderConfigRefName needs to match crossplane provider configuration reference name (identifier) of SAP garden cluster control plane! (.gardener.controlPlane.shootClusters[*].gardenerOrchestrateCloudProviderConfigRefName) gardenerOrchestrateCloudProviderConfigRefName: "" \ No newline at end of file diff --git a/helm/charts/mcp/crossplane-provider-apiextensions-composition/Chart.yaml b/helm/charts/mcp/crossplane-provider-apiextensions-composition/Chart.yaml index 527259f..d25c5a1 100644 --- a/helm/charts/mcp/crossplane-provider-apiextensions-composition/Chart.yaml +++ b/helm/charts/mcp/crossplane-provider-apiextensions-composition/Chart.yaml @@ -16,7 +16,7 @@ icon: "https://avatars.githubusercontent.com/u/45158470?s=48&v=4" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.8 +version: 0.0.9 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/helm/charts/mcp/crossplane-provider-apiextensions-composition/README.md b/helm/charts/mcp/crossplane-provider-apiextensions-composition/README.md index 7a0fa47..8d4cc2d 100644 --- a/helm/charts/mcp/crossplane-provider-apiextensions-composition/README.md +++ b/helm/charts/mcp/crossplane-provider-apiextensions-composition/README.md @@ -2,15 +2,15 @@ # crossplane-provider-apiextensions-composition -![Version: 0.0.8](https://img.shields.io/badge/Version-0.0.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) +![Version: 0.0.9](https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) A Helm Chart to template crossplane API extensions compositions. -**Homepage:** +**Homepage:** ## Source Code -* +* * ## Values @@ -28,7 +28,7 @@ A Helm Chart to template crossplane API extensions compositions. | compositions[0].spec.pipeline | list | `[]` | | | compositions[0].spec.resources | list | `[]` | | | compositions[0].spec.writeConnectionSecretToRef | list | `[]` | *optional* - When a Crossplane Provider creates a managed resource it may generate resource-specific details, like usernames, passwords or connection details like an IP address. Crossplane stores these details in a Kubernetes Secret object specified by the `writeConnectionSecretToRef` values. Learn more about Crossplane concept [Managed Resources Fields](https://docs.crossplane.io/latest/concepts/managed-resources/#writeconnectionsecrettoref)! | -| compositions[0].spec.writeConnectionSecretsToNamespace | string | `""` | | +| compositions[0].spec.writeConnectionSecretsTonamespace | string | `"ns1"` | | | defaults | list | `[]` | | ---------------------------------------------- diff --git a/helm/charts/mcp/crossplane-provider-apiextensions-composition/values.ci.yaml b/helm/charts/mcp/crossplane-provider-apiextensions-composition/values.ci.yaml index af99abd..2b5547b 100644 --- a/helm/charts/mcp/crossplane-provider-apiextensions-composition/values.ci.yaml +++ b/helm/charts/mcp/crossplane-provider-apiextensions-composition/values.ci.yaml @@ -3,8 +3,61 @@ ###! /!\ this file is only used in github pipeline to template a valid and NOT empty helm manifest! ##### ######################################################################################################################## compositions: +- name: "nosqls.aws.api.example" + spec: + compositeTypeRef: + apiVersion: aws.api.example/v1alpha1 + kind: NoSQL + resources: + - name: s3Bucket + base: + apiVersion: s3.aws.upbound.io/v1beta1 + kind: Bucket + metadata: + name: basic-bucket + spec: + forProvider: + region: us-east-2 + providerConfigRef: + name: default + patches: + - type: FromCompositeFieldPath + fromFieldPath: "spec.location" + toFieldPath: "spec.forProvider.region" + transforms: + - type: map + map: + EU: "eu-north-1" + US: "us-east-2" + - name: dynamoDB + base: + apiVersion: dynamodb.aws.upbound.io/v1beta1 + kind: Table + metadata: + name: nosql-database + spec: + forProvider: + region: "us-east-2" + writeCapacity: 1 + readCapacity: 1 + attribute: + - name: S3ID + type: S + hashKey: S3ID + patches: + - type: FromCompositeFieldPath + fromFieldPath: "spec.location" + toFieldPath: "spec.forProvider.region" + transforms: + - type: map + map: + EU: "eu-north-1" + US: "us-east-2" - name: "eks-cluster" spec: + compositeTypeRef: + apiVersion: api.example/v1alpha1 + kind: XEKSCluster mode: "Pipeline" writeConnectionSecretsToNamespace: "crossplane-system" pipeline: @@ -28,7 +81,7 @@ compositions: enableDnsHostnames: true enableDnsSupport: true providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws name: vpc patches: - patchSetName: common-parameters @@ -47,7 +100,7 @@ compositions: vpcIdSelector: matchControllerRef: true providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws name: internetgateway patches: - patchSetName: common-parameters @@ -65,7 +118,7 @@ compositions: vpcIdSelector: matchControllerRef: true providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws name: subnet-public-1 patches: - patchSetName: common-parameters @@ -92,7 +145,7 @@ compositions: vpcIdSelector: matchControllerRef: true providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws name: subnet-public-2 patches: - patchSetName: common-parameters @@ -119,7 +172,7 @@ compositions: vpcIdSelector: matchControllerRef: true providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws name: subnet-private-1 patches: - patchSetName: common-parameters @@ -146,7 +199,7 @@ compositions: vpcIdSelector: matchControllerRef: true providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws name: subnet-private-2 patches: - patchSetName: common-parameters @@ -170,7 +223,7 @@ compositions: forProvider: domain: vpc providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws name: elastic-ip-1 patches: - patchSetName: common-parameters @@ -185,7 +238,7 @@ compositions: forProvider: domain: vpc providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws name: elastic-ip-2 patches: - patchSetName: common-parameters @@ -206,7 +259,7 @@ compositions: type: subnet visibility: public providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws name: natgateway-1 patches: - patchSetName: common-parameters @@ -230,7 +283,7 @@ compositions: type: subnet visibility: public providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws name: natgateway-2 patches: - patchSetName: common-parameters @@ -247,7 +300,7 @@ compositions: vpcIdSelector: matchControllerRef: true providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws name: routetable-public patches: - patchSetName: common-parameters @@ -261,7 +314,7 @@ compositions: vpcIdSelector: matchControllerRef: true providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws name: routetable-private-1 patches: - patchSetName: common-parameters @@ -275,7 +328,7 @@ compositions: vpcIdSelector: matchControllerRef: true providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws name: routetable-private-2 patches: - patchSetName: common-parameters @@ -285,7 +338,7 @@ compositions: kind: Cluster spec: providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws forProvider: vpcConfig: - endpointPrivateAccess: false @@ -296,7 +349,7 @@ compositions: visibility: private writeConnectionSecretToRef: namespace: crossplane-system - name: clops-dev-us-connection-secret + name: dev-us-connection-secret connectionDetails: - fromConnectionSecretKey: kubeconfig name: kubeconfig-value @@ -338,7 +391,7 @@ compositions: ] } providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws name: role - base: apiVersion: iam.aws.upbound.io/v1beta1 @@ -349,7 +402,7 @@ compositions: matchControllerRef: true policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws name: rolePolicyAttachment - base: apiVersion: eks.aws.upbound.io/v1beta1 @@ -368,7 +421,7 @@ compositions: type: subnet visibility: private providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws name: eks-nodegroup patches: - patchSetName: common-parameters @@ -393,6 +446,9 @@ compositions: step: patch-and-transform - name: "vpc" spec: + compositeTypeRef: + apiVersion: api.example/v1alpha1 + kind: XVPC mode: "Pipeline" pipeline: - step: compose-resources @@ -425,6 +481,9 @@ compositions: name: {{ $tenantAwsProviderConfigRef }} - name: "rdsinstance" spec: + compositeTypeRef: + apiVersion: api.example/v1alpha1 + kind: XRDSInstance mode: "Pipeline" pipeline: - step: compose-resources @@ -474,5 +533,271 @@ compositions: namespace: {{ $claimNamespace }} providerConfigRef: name: {{ $tenantAwsProviderConfigRef }} - +- name: "eksnetwork.api.example" + spec: + compositeTypeRef: + apiVersion: api.example/v1alpha1 + kind: XEKSNetwork + mode: "Pipeline" + pipeline: + - step: compose-resources + functionRef: + name: go-templating + input: + apiVersion: gotemplating.fn.crossplane.io/v1beta1 + kind: GoTemplate + source: Inline + inline: + template: | + {{ $claimNamespace := index $.observed.composite.resource.metadata.labels "crossplane.io/claim-namespace" }} + {{ $tenantAwsProviderConfigRef := printf "%s-aws" $claimNamespace }} + {{ $params := get .observed.composite.resource.spec "parameters" | default dict }} + --- + {{ $vpcResourceName := "vpc" }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: VPC + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $vpcResourceName }} + spec: + forProvider: + cidrBlock: {{ $params.vpcCidrBlock | toYaml }} + enableDnsHostnames: true + enableDnsSupport: true + tags: + Name: {{ printf "%s-%s" $params.id $vpcResourceName | toYaml }} + region: {{ $params.region | toYaml }} + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + --- + {{ $igwResourceName := "internet-gateway" }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: InternetGateway + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $igwResourceName }} + spec: + forProvider: + region: {{ $params.region | toYaml }} + tags: + Name: {{ printf "%s-%s" $params.id $igwResourceName | toYaml }} + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + {{ $region := $params.region | toYaml }} + {{- range $i, $subnet := $params.subnets }} + --- + {{ $subnetResourceName := printf "subnet-%s-%s-%s" $subnet.availabilityZone $subnet.type (toString $i) }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: Subnet + metadata: + labels: + zone: {{ $subnet.availabilityZone }} + {{- if eq $subnet.type "private" }} + access: private + {{- else }} + access: public + {{- end }} + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $subnetResourceName }} + spec: + forProvider: + cidrBlock: {{ $subnet.cidrBlock | toYaml }} + {{ if eq $subnet.type "public" }} + mapPublicIpOnLaunch: true + {{ end }} + tags: + {{- if eq $subnet.type "private" }} + kubernetes.io/role/internal-elb: "1" + {{- else }} + kubernetes.io/role/elb: "1" + {{- end }} + Name: {{ printf "%s-%s" $params.id $subnetResourceName | toYaml }} + region: {{ $region }} + vpcIdSelector: + matchControllerRef: true + availabilityZone: {{ $subnet.availabilityZone | toYaml }} + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + {{- end }} + --- + {{ $routeTableResourceName := "route-table" }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: RouteTable + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $routeTableResourceName }} + spec: + forProvider: + vpcIdSelector: + matchControllerRef: true + region: {{ $params.region | toYaml }} + tags: + Name: {{ printf "%s-%s" $params.id $routeTableResourceName | toYaml }} + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + --- + {{ $publicRouteResourceName := "public-route" }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: Route + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $publicRouteResourceName }} + spec: + forProvider: + destinationCidrBlock: 0.0.0.0/0 + gatewayIdSelector: + matchControllerRef: true + routeTableIdSelector: + matchControllerRef: true + region: {{ $params.region | toYaml }} + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + --- + {{ $mainRouteTableAssociationResourceName := "main-route-table-association" }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: MainRouteTableAssociation + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $mainRouteTableAssociationResourceName }} + spec: + forProvider: + region: {{ $params.region | toYaml }} + routeTableIdSelector: + matchControllerRef: true + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + {{- range $i, $subnet := $params.subnets }} + --- + {{ $routeTableAssociationResourceName := printf "route-table-association-%s-%s-%s" $subnet.availabilityZone $subnet.type (toString $i) }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: RouteTableAssociation + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $routeTableAssociationResourceName }} + spec: + forProvider: + region: {{ $region }} + routeTableIdSelector: + matchControllerRef: true + subnetIdSelector: + matchControllerRef: true + matchLabels: + {{- if eq $subnet.type "private" }} + access: private + {{- else }} + access: public + {{- end }} + zone: {{ $subnet.availabilityZone | toYaml }} + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + {{- end }} + --- + {{ $sgResourceName := "security-group" }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: SecurityGroup + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $sgResourceName }} + spec: + forProvider: + description: Allow access to databases + name: {{ printf "%s-%s" $params.id $sgResourceName | toYaml }} + vpcIdSelector: + matchControllerRef: true + region: {{ $params.region | toYaml }} + tags: + Name: {{ printf "%s-%s" $params.id $sgResourceName | toYaml }} + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + --- + {{ $sgrpRulePostGresResourceName := "security-group-rule-postgres" }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: SecurityGroupRule + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $sgrpRulePostGresResourceName }} + spec: + forProvider: + cidrBlocks: + - 192.168.0.0/16 + description: Everywhere + fromPort: 5432 + protocol: tcp + securityGroupIdSelector: + matchControllerRef: true + toPort: 5432 + type: ingress + region: {{ $params.region | toYaml }} + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + --- + {{ $sgrpRuleMySQLResourceName := "security-group-rule-mysql" }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: SecurityGroupRule + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $sgrpRuleMySQLResourceName }} + spec: + forProvider: + cidrBlocks: + - 192.168.0.0/16 + description: Everywhere + fromPort: 3306 + protocol: tcp + securityGroupIdSelector: + matchControllerRef: true + toPort: 3306 + type: ingress + region: {{ $params.region | toYaml }} + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + - step: set-xr-status + functionRef: + name: go-templating + input: + apiVersion: gotemplating.fn.crossplane.io/v1beta1 + kind: GoTemplate + source: Inline + inline: + template: | + {{ $observedResources := get .observed "resources" | default dict }} + {{ $params := get .observed.composite.resource.spec "parameters" | default dict }} + {{ $vpcStatus := dig "vpc" "resource" "status" dict $observedResources }} + {{ $subnetsStatus := dict }} + {{ range $i, $subnet := $params.subnets }} + {{ $subnetResourceName := printf "subnet-%s-%s-%s" $subnet.availabilityZone $subnet.type (toString $i) }} + {{ $subnetStatuses := dig $subnetResourceName "resource" "status" dict $observedResources }} + {{ $subnetsStatus = merge $subnetsStatus (dict $subnetResourceName $subnetStatuses) }} + {{ end }} + apiVersion: api.example/v1alpha1 + kind: XEKSNetwork + status: + vpc: {{ $vpcStatus | toYaml | nindent 4 }} + subnets: {{ $subnetsStatus | toYaml | nindent 4 }} + - step: automatically-detect-ready-composed-resources + functionRef: + name: auto-ready ######################################################################################################################## diff --git a/helm/charts/mcp/crossplane-provider-apiextensions-composition/values.yaml b/helm/charts/mcp/crossplane-provider-apiextensions-composition/values.yaml index e3bbaea..c3b86aa 100644 --- a/helm/charts/mcp/crossplane-provider-apiextensions-composition/values.yaml +++ b/helm/charts/mcp/crossplane-provider-apiextensions-composition/values.yaml @@ -12,7 +12,7 @@ compositions: ownerReferences: [] spec: mode: "" - writeConnectionSecretsToNamespace: "" + writeConnectionSecretsTonamespace: "ns1" compositeTypeRef: [] environment: [] patchSets: [] diff --git a/helm/charts/mcp/crossplane-provider-apiextensions/Chart.yaml b/helm/charts/mcp/crossplane-provider-apiextensions/Chart.yaml index 3e02de8..bf7b965 100644 --- a/helm/charts/mcp/crossplane-provider-apiextensions/Chart.yaml +++ b/helm/charts/mcp/crossplane-provider-apiextensions/Chart.yaml @@ -16,17 +16,17 @@ icon: "https://avatars.githubusercontent.com/u/45158470?s=48&v=4" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.1 +version: 0.0.2 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. appVersion: "0.0.1" # The URL of this projects home page (optional) -home: "https://github.com/openmcp-project/blueprints" +home: "https://github.com/openmcp-project/blueprints" # A list of URLs to source code for this project (optional) sources: - - https://docs.crossplane.io/latest/api/ + - https://docs.crossplane.io/latest/api/ - https://github.com/openmcp-project/blueprint-building-blocks # Whether this chart is deprecated (optional, boolean) deprecated: false diff --git a/helm/charts/mcp/crossplane-provider-apiextensions/README.md b/helm/charts/mcp/crossplane-provider-apiextensions/README.md index d842cc3..1334cfe 100644 --- a/helm/charts/mcp/crossplane-provider-apiextensions/README.md +++ b/helm/charts/mcp/crossplane-provider-apiextensions/README.md @@ -2,16 +2,16 @@ # crossplane-provider-apiextensions -![Version: 0.0.1](https://img.shields.io/badge/Version-0.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) +![Version: 0.0.2](https://img.shields.io/badge/Version-0.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) A Helm Chart to template crossplane API extensions compositions. -**Homepage:** +**Homepage:** ## Source Code * -* +* ## Values diff --git a/helm/charts/mcp/crossplane-provider-aws-ec2/Chart.yaml b/helm/charts/mcp/crossplane-provider-aws-ec2/Chart.yaml index 880b625..4d4e0e3 100644 --- a/helm/charts/mcp/crossplane-provider-aws-ec2/Chart.yaml +++ b/helm/charts/mcp/crossplane-provider-aws-ec2/Chart.yaml @@ -16,7 +16,7 @@ icon: "https://avatars.githubusercontent.com/u/45158470?s=48&v=4" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.9 +version: 0.0.10 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/helm/charts/mcp/crossplane-provider-aws-ec2/README.md b/helm/charts/mcp/crossplane-provider-aws-ec2/README.md index 38637fd..4a766a9 100644 --- a/helm/charts/mcp/crossplane-provider-aws-ec2/README.md +++ b/helm/charts/mcp/crossplane-provider-aws-ec2/README.md @@ -2,15 +2,15 @@ # crossplane-provider-aws-ec2 -![Version: 0.0.9](https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) +![Version: 0.0.10](https://img.shields.io/badge/Version-0.0.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) A Helm Chart to template AWS EC2 manifests for its crossplane provider. -**Homepage:** +**Homepage:** ## Source Code -* +* * * * diff --git a/helm/charts/mcp/crossplane-provider-aws-ec2/values.ci.yaml b/helm/charts/mcp/crossplane-provider-aws-ec2/values.ci.yaml index d61fa4a..32c5966 100644 --- a/helm/charts/mcp/crossplane-provider-aws-ec2/values.ci.yaml +++ b/helm/charts/mcp/crossplane-provider-aws-ec2/values.ci.yaml @@ -3,7 +3,7 @@ ###! /!\ this file is only used in github pipeline to template a valid and NOT empty helm manifest! ##### ######################################################################################################################## eips: - - name: "clops-dev-us-ekscluster" + - name: "dev-us-ekscluster" labels: {} annotations: {} ownerReferences: {} @@ -13,8 +13,8 @@ eips: omain: vpc region: us-west-2 providerConfigRef: - name: clops-dev-us-aws - - name: "clops-dev-us-ekscluster-2" + name: dev-us-aws + - name: "dev-us-ekscluster-2" labels: {} annotations: {} ownerReferences: {} @@ -24,10 +24,10 @@ eips: omain: vpc region: us-west-2 providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws # -- https://marketplace.upbound.io/providers/upbound/provider-aws-ec2/v1.11.0/resources/ec2.aws.upbound.io/InternetGateway/v1beta1 internetGateways: - - name: "clops-dev-us-ekscluster" + - name: "dev-us-ekscluster" labels: {} annotations: {} ownerReferences: {} @@ -38,10 +38,10 @@ internetGateways: vpcIdSelector: matchControllerRef: true providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws # -- https://marketplace.upbound.io/providers/upbound/provider-aws-ec2/v1.11.0/resources/ec2.aws.upbound.io/NATGateway/v1beta1 natGateways: - - name: "clops-dev-us-ekscluster" + - name: "dev-us-ekscluster" labels: {} annotations: {} ownerReferences: {} @@ -58,10 +58,10 @@ natGateways: visibility: public zone: us-west-2a providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws # -- https://marketplace.upbound.io/providers/upbound/provider-aws-ec2/v1.11.0/resources/ec2.aws.upbound.io/RouteTable/v1beta1 routeTables: - - name: "clops-dev-us-ekscluster" + - name: "dev-us-ekscluster" labels: {} annotations: {} ownerReferences: {} @@ -72,10 +72,10 @@ routeTables: vpcIdSelector: matchControllerRef: true providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws # -- https://marketplace.upbound.io/providers/upbound/provider-aws-ec2/v1.11.0/resources/ec2.aws.upbound.io/Subnet/v1beta1 subnets: - - name: "clops-dev-us-ekscluster" + - name: "dev-us-ekscluster" labels: {} annotations: {} ownerReferences: {} @@ -89,10 +89,10 @@ subnets: vpcIdSelector: matchControllerRef: true providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws # -- https://marketplace.upbound.io/providers/upbound/provider-aws-ec2/v1.11.0/resources/ec2.aws.upbound.io/VPC/v1beta1 vpcs: - - name: "clops-dev-us-ekscluster" + - name: "dev-us-ekscluster" labels: {} annotations: {} ownerReferences: {} @@ -104,6 +104,6 @@ vpcs: enableDnsSupport: true region: us-west-2 providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws ######################################################################################################################## diff --git a/helm/charts/mcp/crossplane-provider-aws-eks/Chart.yaml b/helm/charts/mcp/crossplane-provider-aws-eks/Chart.yaml index e40df12..2dbdd02 100644 --- a/helm/charts/mcp/crossplane-provider-aws-eks/Chart.yaml +++ b/helm/charts/mcp/crossplane-provider-aws-eks/Chart.yaml @@ -16,7 +16,7 @@ icon: "https://avatars.githubusercontent.com/u/45158470?s=48&v=4" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.9 +version: 0.0.10 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/helm/charts/mcp/crossplane-provider-aws-eks/README.md b/helm/charts/mcp/crossplane-provider-aws-eks/README.md index b36aca1..a17c9c1 100644 --- a/helm/charts/mcp/crossplane-provider-aws-eks/README.md +++ b/helm/charts/mcp/crossplane-provider-aws-eks/README.md @@ -2,18 +2,18 @@ # crossplane-provider-aws-eks -![Version: 0.0.9](https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) +![Version: 0.0.10](https://img.shields.io/badge/Version-0.0.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) A Helm Chart to template AWS EKS manifests for its crossplane provider. -**Homepage:** +**Homepage:** ## Source Code * * * -* +* ## Values diff --git a/helm/charts/mcp/crossplane-provider-aws-eks/values.ci.yaml b/helm/charts/mcp/crossplane-provider-aws-eks/values.ci.yaml index 69082fa..f033115 100644 --- a/helm/charts/mcp/crossplane-provider-aws-eks/values.ci.yaml +++ b/helm/charts/mcp/crossplane-provider-aws-eks/values.ci.yaml @@ -3,18 +3,25 @@ ###! /!\ this file is only used in github pipeline to template a valid and NOT empty helm manifest! ##### ######################################################################################################################## clusters: - - name: "clops-dev-us-ekscluster" + - name: "dev-us-ekscluster" labels: - crossplane.io/composite: clops-dev-us-ekscluster - crossplane.io/claim-namespace: clops-dev-us + crossplane.io/composite: dev-us-ekscluster + crossplane.io/claim-namespace: dev-us annotations: crossplane.io/composition-resource-name: eks-cluster + ownerReferences: + - apiVersion: api.example/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: XEKSCluster + name: dev-us-ekscluster + uid: "" spec: deletionPolicy: "" forProvider: region: us-west-2 - roleArn: arn:aws:iam::XXXX:role/CLOPS-EKS-Cluster-Role - version: "1.29" + roleArn: arn:aws:iam::XXXX:role/DEV-EKS-Cluster-Role + version: "1.30" vpcConfig: - endpointPrivateAccess: false endpointPublicAccess: true @@ -23,18 +30,25 @@ clusters: type: subnet visibility: private providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws writeConnectionSecretToRef: - name: clops-dev-us-connection-secret + name: dev-us-connection-secret namespace: crossplane-system publishConnectionDetailsTo: {} nodeGroups: - - name: "clops-dev-us-ekscluster" + - name: "dev-us-ekscluster" labels: - crossplane.io/composite: clops-dev-us-ekscluster - crossplane.io/claim-namespace: clops-dev-us + crossplane.io/composite: dev-us-ekscluster + crossplane.io/claim-namespace: dev-us annotations: crossplane.io/composition-resource-name: eks-nodegroup + ownerReferences: + - apiVersion: api.example/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: XEKSCluster + name: dev-us-ekscluster + uid: "" spec: deletionPolicy: "" forProvider: @@ -43,7 +57,7 @@ nodeGroups: matchControllerRef: true instanceTypes: - t3.medium - nodeRoleArn: arn:aws:iam::XXXX:role/CLOPS-EKS-WorkerNode-Role + nodeRoleArn: arn:aws:iam::XXXX:role/DEV-EKS-WorkerNode-Role region: us-west-2 scalingConfig: - desiredSize: 2 @@ -55,7 +69,7 @@ nodeGroups: type: subnet visibility: private providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws publishConnectionDetailsTo: {} writeConnectionSecretToRef: {} ######################################################################################################################## diff --git a/helm/charts/mcp/crossplane-provider-aws-iam/Chart.yaml b/helm/charts/mcp/crossplane-provider-aws-iam/Chart.yaml index 29f6920..27a73eb 100644 --- a/helm/charts/mcp/crossplane-provider-aws-iam/Chart.yaml +++ b/helm/charts/mcp/crossplane-provider-aws-iam/Chart.yaml @@ -16,7 +16,7 @@ icon: "https://avatars.githubusercontent.com/u/45158470?s=48&v=4" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.10 +version: 0.0.11 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/helm/charts/mcp/crossplane-provider-aws-iam/README.md b/helm/charts/mcp/crossplane-provider-aws-iam/README.md index baa357b..e0b0352 100644 --- a/helm/charts/mcp/crossplane-provider-aws-iam/README.md +++ b/helm/charts/mcp/crossplane-provider-aws-iam/README.md @@ -2,15 +2,13 @@ # crossplane-provider-aws-iam -![Version: 0.0.10](https://img.shields.io/badge/Version-0.0.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) +![Version: 0.0.11](https://img.shields.io/badge/Version-0.0.11-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) A Helm Chart to template AWS IAM manifests for its crossplane provider. -**Homepage:** - ## Source Code -* +* * * * diff --git a/helm/charts/mcp/crossplane-provider-aws-iam/values.ci.yaml b/helm/charts/mcp/crossplane-provider-aws-iam/values.ci.yaml index 5d32166..6c8214b 100644 --- a/helm/charts/mcp/crossplane-provider-aws-iam/values.ci.yaml +++ b/helm/charts/mcp/crossplane-provider-aws-iam/values.ci.yaml @@ -3,12 +3,19 @@ ###! /!\ this file is only used in github pipeline to template a valid and NOT empty helm manifest! ##### ######################################################################################################################## roles: -- name: "clops-dev-us-ekscluster" +- name: "dev-us-ekscluster" labels: - crossplane.io/composite: clops-dev-us-ekscluster - crossplane.io/claim-namespace: clops-dev-us + crossplane.io/composite: dev-us-ekscluster + crossplane.io/claim-namespace: dev-us annotations: - crossplane.io/composition-resource-name: role + crossplane.io/composition-resource-name: role + ownerReferences: + - apiVersion: api.example/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: XEKSCluster + name: dev-us-ekscluster + uid: "" spec: deletionPolicy: "" forProvider: @@ -26,16 +33,23 @@ roles: ] } providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws publishConnectionDetailsTo: {} writeConnectionSecretToRef: {} rolePolicyAttachments: -- name: "clops-dev-us-ekscluster" +- name: "dev-us-ekscluster" labels: - crossplane.io/composite: clops-dev-us-ekscluster - crossplane.io/claim-namespace: clops-dev-us + crossplane.io/composite: dev-us-ekscluster + crossplane.io/claim-namespace: dev-us annotations: crossplane.io/composition-resource-name: rolePolicyAttachment + ownerReferences: + - apiVersion: api.example/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: XEKSCluster + name: dev-us-ekscluster + uid: "" spec: deletionPolicy: "" forProvider: @@ -43,7 +57,7 @@ rolePolicyAttachments: roleSelector: matchControllerRef: true providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws publishConnectionDetailsTo: {} writeConnectionSecretToRef: {} policies: diff --git a/helm/charts/mcp/crossplane-provider-aws-rdr/Chart.yaml b/helm/charts/mcp/crossplane-provider-aws-rdr/Chart.yaml index 4ee3ee8..932159a 100644 --- a/helm/charts/mcp/crossplane-provider-aws-rdr/Chart.yaml +++ b/helm/charts/mcp/crossplane-provider-aws-rdr/Chart.yaml @@ -16,7 +16,7 @@ icon: "https://avatars.githubusercontent.com/u/45158470?s=48&v=4" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.8 +version: 0.0.9 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/helm/charts/mcp/crossplane-provider-aws-rdr/README.md b/helm/charts/mcp/crossplane-provider-aws-rdr/README.md index d69491b..f0fd902 100644 --- a/helm/charts/mcp/crossplane-provider-aws-rdr/README.md +++ b/helm/charts/mcp/crossplane-provider-aws-rdr/README.md @@ -2,15 +2,15 @@ # crossplane-provider-aws-rdr -![Version: 0.0.8](https://img.shields.io/badge/Version-0.0.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) +![Version: 0.0.9](https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) A Helm Chart to template AWS RDR manifests for its crossplane provider. -**Homepage:** +**Homepage:** ## Source Code -* +* * * * diff --git a/helm/charts/mcp/crossplane-provider-aws-rdr/values.ci.yaml b/helm/charts/mcp/crossplane-provider-aws-rdr/values.ci.yaml index e3b5d88..aec4af6 100644 --- a/helm/charts/mcp/crossplane-provider-aws-rdr/values.ci.yaml +++ b/helm/charts/mcp/crossplane-provider-aws-rdr/values.ci.yaml @@ -14,15 +14,15 @@ instances: autoMinorVersionUpgrade: true backupRetentionPeriod: 14 backupWindow: 09:46-10:16 - dbName: clopsdevusdb + dbName: devusdb engine: postgres engineVersion: "16.1" instanceClass: db.t3.micro maintenanceWindow: Mon:00:00-Mon:03:00 passwordSecretRef: key: password - name: clops-dev-us-rds-admin-pw - namespace: clops-dev-us + name: dev-us-rds-admin-pw + namespace: dev-us publiclyAccessible: false region: us-east-1 skipFinalSnapshot: true @@ -30,8 +30,8 @@ instances: storageType: gp2 username: adminuser providerConfigRef: - name: clops-dev-us-aws + name: dev-us-aws writeConnectionSecretToRef: - name: clops-dev-us-rds-connection-details - namespace: clops-dev-us + name: dev-us-rds-connection-details + namespace: dev-us ######################################################################################################################## diff --git a/helm/charts/mcp/crossplane-provider-btp-security/Chart.yaml b/helm/charts/mcp/crossplane-provider-btp-security/Chart.yaml index 82d4609..2acd92a 100644 --- a/helm/charts/mcp/crossplane-provider-btp-security/Chart.yaml +++ b/helm/charts/mcp/crossplane-provider-btp-security/Chart.yaml @@ -17,7 +17,7 @@ icon: "https://avatars.githubusercontent.com/u/45158470?s=48&v=4" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.10 +version: 0.0.11 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/helm/charts/mcp/crossplane-provider-btp-security/README.md b/helm/charts/mcp/crossplane-provider-btp-security/README.md index a23d7f3..d4fb47e 100644 --- a/helm/charts/mcp/crossplane-provider-btp-security/README.md +++ b/helm/charts/mcp/crossplane-provider-btp-security/README.md @@ -2,15 +2,15 @@ # crossplane-provider-btp-security -![Version: 0.0.10](https://img.shields.io/badge/Version-0.0.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) +![Version: 0.0.11](https://img.shields.io/badge/Version-0.0.11-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) A Helm Chart to template crossplane manifests to manage BTP resources such as Directory, TrustConfiguration and RoleCollection Assignment on BTP. -**Homepage:** +**Homepage:** ## Source Code -* +* * ## Values diff --git a/helm/charts/mcp/crossplane-provider-configs/Chart.yaml b/helm/charts/mcp/crossplane-provider-configs/Chart.yaml index d23908a..344fb29 100644 --- a/helm/charts/mcp/crossplane-provider-configs/Chart.yaml +++ b/helm/charts/mcp/crossplane-provider-configs/Chart.yaml @@ -16,11 +16,11 @@ icon: "https://avatars.githubusercontent.com/u/45158470?s=48&v=4" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.15 +version: 0.0.16 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. appVersion: "0.1.0" sources: - - https://github.com/openmcp-project/blueprint-building-blocks \ No newline at end of file + - https://github.com/openmcp-project/blueprint-building-blocks diff --git a/helm/charts/mcp/crossplane-provider-configs/README.md b/helm/charts/mcp/crossplane-provider-configs/README.md index 3054df5..2f106ed 100644 --- a/helm/charts/mcp/crossplane-provider-configs/README.md +++ b/helm/charts/mcp/crossplane-provider-configs/README.md @@ -2,26 +2,18 @@ # crossplane-provider-configs -![Version: 0.0.15](https://img.shields.io/badge/Version-0.0.15-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.0](https://img.shields.io/badge/AppVersion-0.1.0-informational?style=flat-square) +![Version: 0.0.16](https://img.shields.io/badge/Version-0.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.0](https://img.shields.io/badge/AppVersion-0.1.0-informational?style=flat-square) A Helm chart to template crossplane provider config manifests to orchestrate resources. -**Homepage:** - ## Source Code -* +* ## Values | Key | Type | Default | Description | |-----|------|---------|-------------| -| providerConfigs.accountBtpOrchestrateCloud | list | [] | creates k8s manifest `kind: ProviderConfig` of `apiVersion: account.btp.orchestrate.cloud.sap/v1alpha1` This `ProviderConfig` typically points to k8s secret in which the json credentials of a BTP's [Cloud Management Service](https://pages.github.tools.sap/cloud-orchestration/docs/sap-services/btp-services/account-managment/provider#setup-btp-cloud-management-service) Binding is in order to manage [BTP Cloud Resources](https://pages.github.tools.sap/cloud-orchestration/docs/sap-services/btp-services/account-managment/provider#configure-providerconfig) such as [BTP Sub-Accounts](https://pages.github.tools.sap/cloud-orchestration/docs/sap-services/btp-services/account-managment/accounts), [Entitlements](https://pages.github.tools.sap/cloud-orchestration/docs/sap-services/btp-services/account-managment/entitlements), ect... | -| providerConfigs.accountBtpOrchestrateCloud[0].cisCredentials | object | [] | Secret which contains credentials required to authenticate to this provider. Reference to a secret containing the CIS Accounts service credentials. The Cloud Management (CIS) instance must be of plan central. The Service Binding should be created with the following parameters {"grantType": "clientCredentials"} See [Setup](https://pages.github.tools.sap/cloud-orchestration/docs/sap-services/btp-services/account-managment/provider) and [CRD browser](https://pages.github.tools.sap/cloud-orchestration/browser/Providers/provider-btp-account/account.btp.orchestrate.cloud.sap/providerconfig/v1alpha1?path=spec-cisCredentials) for more details. | -| providerConfigs.accountBtpOrchestrateCloud[0].cisCredentials.secretRef | object | [] | A SecretRef is a reference to a secret key that contains the credentials that must be used to connect to the provider. | -| providerConfigs.accountBtpOrchestrateCloud[0].cliServerUrl | string | `""` | contains BTP CLI server url. E.g. https://cli.btp.cloud.sap or canary: https://canary.cli.btp.int.sap/ . More landscapes see [here](https://wiki.one.int.sap/wiki/pages/viewpage.action?spaceKey=CPCLI&title=Landscapes) | -| providerConfigs.accountBtpOrchestrateCloud[0].globalAccountSubDomain | string | `""` | contains the [Global Account Subdomain](https://pages.github.tools.sap/cloud-orchestration/browser/Providers/provider-btp-account/account.btp.orchestrate.cloud.sap/providerconfig/v1alpha1?path=spec-globalAccount). | -| providerConfigs.accountBtpOrchestrateCloud[0].serviceAccountSecret.secretRef | object | [] | A SecretRef is a reference to a secret key that contains the credentials that must be used to connect to the provider. | | providerConfigs.awsUpbound | list | [] | creates k8s manifest [`kind: ProviderConfig`](https://marketplace.upbound.io/providers/upbound/provider-family-aws/v1.15.0/resources/aws.upbound.io/ProviderConfig/v1beta1) of `aws.upbound.io/v1beta1`. Additional information see [AWS Quickstart](https://docs.crossplane.io/latest/getting-started/provider-aws/#create-a-providerconfig). | | providerConfigs.awsUpbound[0].credentials.secretRef | object | [] | A SecretRef is a reference to a secret key that contains the credentials that must be used to connect to the provider. | | providerConfigs.azureUpbound | list | [] | creates k8s manifest [`kind: ProviderConfig`](https://marketplace.upbound.io/providers/upbound/provider-family-azure/v1.7.0/resources/azure.upbound.io/ProviderConfig/v1beta1) of `azure.upbound.io/v1beta1`. Additional information see [Azure Quickstart](https://docs.crossplane.io/latest/getting-started/provider-azure/). | @@ -33,21 +25,12 @@ A Helm chart to template crossplane provider config manifests to orchestrate res | providerConfigs.btpSapCrossplane[0].globalAccountSubDomain | string | `""` | contains the [Global Account Subdomain](https://pages.github.tools.sap/cloud-orchestration/browser/Providers/provider-btp-account/account.btp.orchestrate.cloud.sap/providerconfig/v1alpha1?path=spec-globalAccount). | | providerConfigs.btpSapCrossplane[0].serviceAccountSecret | object | [] | A user available in BTP. The Credentials in the ServiceAccountSecret are relevant for two reasons (1) On environment creation (Kyma & CloudFoundry) the APIs require a users email address (2) For updating the managers of a CloudFoundry Environment it is required to have a user and a password The structure is pretty basic, a json object with email, username and password. Username & Password must not be filled if there is no need for CloudFoundry Environments. Example: { "email": "", "username": "PUserID", "password": "--" } | | providerConfigs.btpSapCrossplane[0].serviceAccountSecret.secretRef | object | [] | A SecretRef is a reference to a secret key that contains the credentials that must be used to connect to the provider. | -| providerConfigs.cloudfoundryBtpOrchestrateCloud | list | [] | creates k8s manifest `kind: ProviderConfig` of `apiVersion: cloudfoundry.btp.orchestrate.cloud.sap/v1beta1` This [`ProviderConfig`](https://pages.github.tools.sap/cloud-orchestration/browser/Providers/provider-cloudfoundry/cloudfoundry.btp.orchestrate.cloud.sap/providerconfig/v1beta1) typically points to k8s secret in which the credentials required for the [BTP Cloud Foundry](https://pages.github.tools.sap/cloud-orchestration/docs/sap-services/btp-services/cloudfoundry/provider) provider to communicate with the Cloud Foundry Environment on BTP. | -| providerConfigs.cloudfoundryBtpOrchestrateCloud[0].credentials.secretRef | object | [] | A SecretRef is a reference to a secret key that contains the credentials that must be used to connect to the provider. | -| providerConfigs.cloudfoundryBtpOrchestrateCloud[0].endpoint.secretRef | object | [] | A SecretRef is a reference to a secret key that contains the credentials that must be used to connect to the provider. | -| providerConfigs.dynatraceOrchestrateCloud | list | [] | creates k8s manifest `kind: ProviderConfig` of `apiVersion: dynatrace.orchestrate.cloud.sap/v1beta1` | -| providerConfigs.dynatraceOrchestrateCloud[0].credentials.secretRef | object | [] | A SecretRef is a reference to a secret key that contains the credentials that must be used to connect to the provider. | -| providerConfigs.gardenerOrchestrateCloud | list | [] | creates k8s manifest `kind: ProviderConfig` of `apiVersion: gardener.orchestrate.cloud.sap/v1alpha1` This `ProviderConfig` typically points to k8s secret in which a `kubeconfig` of SAP Garden k8s Service Account is located in order to create a SAP Gardener Shoot Cluster Admin Kubeconfig Request `kind: AdminKubeconfigRequest` of `apiVersion: gardener.orchestrate.cloud.sap/v1alpha1` on SAP Garden cluster to pull `kubeconfig` of a SAP Gardener Shoot Clusters into your CO MCP cluster as a k8s secret. | +| providerConfigs.gardenerOrchestrateCloud | list | [] | creates k8s manifest `kind: ProviderConfig` of `apiVersion: gardener.orchestrate.cloud.sap/v1alpha1` This `ProviderConfig` typically points to k8s secret in which a `kubeconfig` of SAP Garden k8s Service Account is located in order to create a SAP Gardener Shoot Cluster Admin Kubeconfig Request `kind: AdminKubeconfigRequest` of `apiVersion: gardener.orchestrate.cloud.sap/v1alpha1` on SAP Garden cluster to pull `kubeconfig` of a SAP Gardener Shoot Clusters into your OpenMCP cluster as a k8s secret. | | providerConfigs.gardenerOrchestrateCloud[0].credentials.secretRef | object | [] | A SecretRef is a reference to a secret key that contains the credentials that must be used to connect to the provider. | | providerConfigs.gcpUpbound | list | [] | creates k8s manifest [`kind: ProviderConfig`](https://marketplace.upbound.io/providers/crossplane-contrib/provider-gcp/v0.22.0/resources/gcp.crossplane.io/ProviderConfig/v1beta1) of `gcp.upbound.io/v1beta1`. Additional information see [GCP Quickstart](https://docs.crossplane.io/latest/getting-started/provider-gcp/#create-a-providerconfig). | | providerConfigs.gcpUpbound[0].credentials.secretRef | object | [] | A SecretRef is a reference to a secret key that contains the credentials that must be used to connect to the provider. | | providerConfigs.helmCrossplane | list | [] | creates k8s manifest `kind: ProviderConfig` of `apiVersion: helm.crossplane.io/v1beta1` This `ProviderConfig` typically points to k8s secret in which a `kubeconfig` of K8s Service Account or SAP Gardener Shoot Cluster Admin Kubeconfig Request `kind: AdminKubeconfigRequest` of `apiVersion: gardener.orchestrate.cloud.sap/v1alpha1` is stored. The `ProviderConfig` is required to manage `Helm Charts` installations on a k8s cluster such as [`kind: ProviderConfig`](../crossplane-provider-helm/templates/helm-release.yaml) of `apiVersion: helm.crossplane.io/v1beta1` . | | providerConfigs.helmCrossplane[0].credentials.secretRef | object | [] | A SecretRef is a reference to a secret key that contains the credentials that must be used to connect to the provider. | -| providerConfigs.hyperscalerOrchestrateCloud | list | [] | creates k8s manifest `kind: ProviderConfig` of `apiVersion: hyperscaler.orchestrate.cloud.sap/v1alpha1` | -| providerConfigs.hyperscalerOrchestrateCloud[0].credentials.secretRef | object | [] | A SecretRef is a reference to a secret key that contains the credentials that must be used to connect to the provider. | -| providerConfigs.iasBtpOrchestrateCloud | list | [] | creates k8s manifest `kind: ProviderConfig` of [`ias.btp.orchestrate.cloud.sap/v1alpha1`](https://pages.github.tools.sap/cloud-orchestration/browser/Providers/provider-ias) | -| providerConfigs.iasBtpOrchestrateCloud[0].credentials.secretRef | object | [] | A SecretRef is a reference to a secret key that contains the credentials that must be used to connect to the provider. | | providerConfigs.kubernetesCrossplane | list | [] | creates k8s manifest `kind: ProviderConfig` of `apiVersion: kubernetes.crossplane.io/v1alpha1` This `ProviderConfig` typically points to k8s secret in which a `kubeconfig` of K8s Service Account or SAP Gardener Shoot Cluster Admin Kubeconfig Request `kind: AdminKubeconfigRequest` of `apiVersion: gardener.orchestrate.cloud.sap/v1alpha1` is stored. The `ProviderConfig` is required to orchestrate SAP Gardener Shoot Clusters such as [`kind: Shoot`](../crossplane-gardener-shoot-clusters/templates/garden-manifests/gardener-shoot-cluster.yaml) of `apiVersion: core.gardener.cloud/v1beta1` or manage plain k8s `manifests` (e.g. ConfigMap...) on a k8s cluster (e.g. SAP Gardern Shoot Cluster) [`kind: Object`](../crossplane-provider-kubernetes/templates/kubernetes.yaml) of `apiVersion: kubernetes.crossplane.io/v1alpha1` directly. See Cloud Orchestrator [SAP Gardener Setup](https://pages.github.tools.sap/cloud-orchestration/docs/sap-services/gardener/provider#gardener-providerconfig). | | providerConfigs.kubernetesCrossplane[0].credentials.secretRef | object | [] | A SecretRef is a reference to a secret key that contains the credentials that must be used to connect to the provider. | | providerConfigs.vaultUpbound | list | [] | creates k8s manifest [`kind: ProviderConfig`](https://marketplace.upbound.io/providers/upbound/provider-vault/v1.0.0/resources/vault.upbound.io/ProviderConfig/v1beta1) of `vault.upbound.io/v1beta1`. Additional information see [GCP Quickstart](https://docs.crossplane.io/latest/getting-started/provider-gcp/#create-a-providerconfig). | @@ -55,11 +38,11 @@ A Helm chart to template crossplane provider config manifests to orchestrate res | providerConfigs.vaultUpbound[0].spec.address | string | `""` | Required origin URL of the Vault server. This is a URL with a scheme, a hostname and a port but with no path. | | providerConfigs.vaultUpbound[0].spec.credentials | object | [] | Credentials required to authenticate to this provider. There are many options to authenticate. They include - token - (Optional) Vault token that will be used by Terraform to authenticate. May be set via the VAULT_TOKEN environment variable. If none is otherwise supplied, Terraform will attempt to read it from ~/.vault-token (where the vault command stores its current token). Terraform will issue itself a new token that is a child of the one given, with a short TTL to limit the exposure of any requested secrets, unless skip_child_token is set to true (see below). Note that the given token must have the update capability on the auth/token/create path in Vault in order to create child tokens. A token is required for the provider. A token can explicitly set via token argument, alternatively a token can be dynamically set via an auth_login* block. | | providerConfigs.vaultUpbound[0].spec.credentials.secretRef | object | [] | A SecretRef is a reference to a secret key that contains the credentials that must be used to connect to the provider. | -| providerConfigs.vaultUpbound[0].spec.namespace | string | `""` | Set the namespace to use. | +| providerConfigs.vaultUpbound[0].spec.namespace | string | `"ns1"` | Set the namespace to use. | | providerConfigs.vaultUpbound[0].spec.skip_child_token | string | `nil` | Set this to true to disable creation of an intermediate ephemeral Vault token for Terraform to use. Enabling this is strongly discouraged since it increases the potential for a renewable Vault token being exposed in clear text. Only change this setting when the provided token cannot be permitted to create child tokens and there is no risk of exposure from the output of Terraform. | | secrets[0].data | list | [] | *(optional)* [data](https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/secret-v1/) *(map[string][]byte)* Data contains the secret data. Each key must consist of alphanumeric characters, '-', '_' or '.'. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4 | | secrets[0].name | string | `""` | defines k8s `metadata.name` value of `kind: Secret` | -| secrets[0].namespace | string | `""` | *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Secret` | +| secrets[0].namespace | string | `"ns1"` | *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Secret` | | secrets[0].stringData | list | [] | *(optional)* [stringData](https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/secret-v1/) *(map[string]string)* allows specifying non-binary secret data in string form. It is provided as a write-only input field for convenience. All keys and values are merged into the data field on write, overwriting any existing values. The stringData field is never output when reading from the API. | ---------------------------------------------- diff --git a/helm/charts/mcp/crossplane-provider-configs/values.ci.yaml b/helm/charts/mcp/crossplane-provider-configs/values.ci.yaml index 3eb4c06..7128444 100644 --- a/helm/charts/mcp/crossplane-provider-configs/values.ci.yaml +++ b/helm/charts/mcp/crossplane-provider-configs/values.ci.yaml @@ -3,11 +3,11 @@ ######################################################################################################################## providerConfigs: kubernetesCrossplane: - - providerConfigRefName: "garden-ketos-co-sa-mcp-test" + - providerConfigRefName: "openmcp-test" credentials: source: "Secret" secretRef: - name: "garden-ketos-co-sa-mcp-test" + name: "openmcp-test" namespace: default key: kubeconfig helmCrossplane: @@ -19,12 +19,12 @@ providerConfigs: name: "gardener-shoot-kubeconfig-steffen-test" key: kubeconfig gardenerOrchestrateCloud: - - providerConfigRefName: "garden-ketos-co-sa-mcp-test" + - providerConfigRefName: "openmcp-test" credentials: source: "Secret" secretRef: namespace: default - name: "garden-ketos-co-sa-mcp-test" + name: "openmcp-test" key: kubeconfig dynatraceOrchestrateCloud: - providerConfigRefName: "providerConfigRefName" @@ -67,36 +67,36 @@ providerConfigs: name: "name" key: kubeconfig accountBtpOrchestrateCloud: - - providerConfigRefName: "ketos-kita-test" + - providerConfigRefName: "openmcp-test" cliServerUrl: "cliServerUrl" globalAccountSubDomain: "globalAccountSubDomain" cisCredentials: source: "Secret" secretRef: namespace: default - name: "btp-account-ketos-kita-test" + name: "btp-account-openmcp-test" key: btp-cis-provider-credentials serviceAccountSecret: source: "Secret" secretRef: namespace: default - name: "btp-account-ketos-kita-test" + name: "btp-account-openmcp-test" key: btp-service-account-provider-credentials btpSapCrossplane: - - providerConfigRefName: "ketos-kita-test" + - providerConfigRefName: "openmcp-test" cliServerUrl: "cliServerUrl" globalAccountSubDomain: "globalAccountSubDomain" cisCredentials: source: "Secret" secretRef: namespace: default - name: "btp-account-ketos-kita-test" + name: "btp-account-openmcp-test" key: btp-cis-provider-credentials serviceAccountSecret: source: "Secret" secretRef: namespace: default - name: "btp-account-ketos-kita-test" + name: "btp-account-openmcp-test" key: btp-service-account-provider-credentials cloudfoundryBtpOrchestrateCloud: - providerConfigRefName: "cloudfoundryBtpOrchestrateCloud" diff --git a/helm/charts/mcp/crossplane-provider-configs/values.yaml b/helm/charts/mcp/crossplane-provider-configs/values.yaml index 705a887..7657973 100644 --- a/helm/charts/mcp/crossplane-provider-configs/values.yaml +++ b/helm/charts/mcp/crossplane-provider-configs/values.yaml @@ -38,7 +38,7 @@ providerConfigs: # -- creates k8s manifest `kind: ProviderConfig` of `apiVersion: gardener.orchestrate.cloud.sap/v1alpha1` # This `ProviderConfig` typically points to k8s secret in which a `kubeconfig` of SAP Garden k8s Service Account # is located in order to create a SAP Gardener Shoot Cluster Admin Kubeconfig Request `kind: AdminKubeconfigRequest` of `apiVersion: gardener.orchestrate.cloud.sap/v1alpha1` - # on SAP Garden cluster to pull `kubeconfig` of a SAP Gardener Shoot Clusters into your CO MCP cluster as a k8s secret. + # on SAP Garden cluster to pull `kubeconfig` of a SAP Gardener Shoot Clusters into your OpenMCP cluster as a k8s secret. # @default -- [] gardenerOrchestrateCloud: - providerConfigRefName: "" @@ -104,7 +104,7 @@ providerConfigs: # -- Required origin URL of the Vault server. This is a URL with a scheme, a hostname and a port but with no path. address: "" # -- Set the namespace to use. - namespace: "" + namespace: "ns1" # -- Set this to true to disable creation of an intermediate ephemeral Vault token for Terraform to use. Enabling this is strongly discouraged since it increases the potential for a renewable Vault token being exposed in clear text. Only change this setting when the provided token cannot be permitted to create child tokens and there is no risk of exposure from the output of Terraform. skip_child_token: # -- Credentials required to authenticate to this provider. There are many options to authenticate. They include - token - (Optional) Vault token that will be used by Terraform to authenticate. May be set via the VAULT_TOKEN environment variable. If none is otherwise supplied, Terraform will attempt to read it from ~/.vault-token (where the vault command stores its current token). Terraform will issue itself a new token that is a child of the one given, with a short TTL to limit the exposure of any requested secrets, unless skip_child_token is set to true (see below). Note that the given token must have the update capability on the auth/token/create path in Vault in order to create child tokens. A token is required for the provider. A token can explicitly set via token argument, alternatively a token can be dynamically set via an auth_login* block. @@ -115,7 +115,7 @@ providerConfigs: # @default -- [] secretRef: name: "" - namespace: "" + namespace: "ns1" key: "" ######################################################################################################################## # -- creates k8s manifest `kind: ProviderConfig` of `apiVersion: btp.sap.crossplane.io` @@ -159,7 +159,7 @@ secrets: # secrets[0].name -- defines k8s `metadata.name` value of `kind: Secret` - name: "" # -- *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Secret` - namespace: "" + namespace: "ns1" # -- *(optional)* [stringData](https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/secret-v1/) *(map[string]string)* allows specifying non-binary secret data in string form. It is provided as a write-only input field for convenience. All keys and values are merged into the data field on write, overwriting any existing values. The stringData field is never output when reading from the API. # @default -- [] stringData: [] diff --git a/helm/charts/mcp/crossplane-provider-gcp/Chart.yaml b/helm/charts/mcp/crossplane-provider-gcp/Chart.yaml index fda8814..697e9b7 100644 --- a/helm/charts/mcp/crossplane-provider-gcp/Chart.yaml +++ b/helm/charts/mcp/crossplane-provider-gcp/Chart.yaml @@ -16,7 +16,7 @@ icon: "" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.9 +version: 0.0.10 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/helm/charts/mcp/crossplane-provider-gcp/README.md b/helm/charts/mcp/crossplane-provider-gcp/README.md index dd56c49..407a6bf 100644 --- a/helm/charts/mcp/crossplane-provider-gcp/README.md +++ b/helm/charts/mcp/crossplane-provider-gcp/README.md @@ -2,15 +2,15 @@ # crossplane-provider-gcp -![Version: 0.0.9](https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) +![Version: 0.0.10](https://img.shields.io/badge/Version-0.0.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) A Helm Chart to template GCP manifests for its crossplane provider. -**Homepage:** +**Homepage:** ## Source Code -* +* * * * diff --git a/helm/charts/mcp/crossplane-provider-helm/Chart.yaml b/helm/charts/mcp/crossplane-provider-helm/Chart.yaml index 651298a..961e169 100644 --- a/helm/charts/mcp/crossplane-provider-helm/Chart.yaml +++ b/helm/charts/mcp/crossplane-provider-helm/Chart.yaml @@ -17,7 +17,7 @@ icon: "https://avatars.githubusercontent.com/u/45158470?s=48&v=4" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.8 +version: 0.0.9 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/helm/charts/mcp/crossplane-provider-helm/README.md b/helm/charts/mcp/crossplane-provider-helm/README.md index 0ef0edc..4f06c1f 100644 --- a/helm/charts/mcp/crossplane-provider-helm/README.md +++ b/helm/charts/mcp/crossplane-provider-helm/README.md @@ -2,15 +2,15 @@ # crossplane-provider-helm -![Version: 0.0.8](https://img.shields.io/badge/Version-0.0.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.19.0](https://img.shields.io/badge/AppVersion-0.19.0-informational?style=flat-square) +![Version: 0.0.9](https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.19.0](https://img.shields.io/badge/AppVersion-0.19.0-informational?style=flat-square) A Helm Chart to template crossplane provider "helm" manifests to manage k8s cluster stack on a k8s Gardener/Kyma clusters. -**Homepage:** +**Homepage:** ## Source Code -* +* * * @@ -26,7 +26,7 @@ A Helm Chart to template crossplane provider "helm" manifests to manage k8s clus | helmReleases.helmRelease.connectionDetails | list | `[{"apiVersion":"v1","fieldPath":"spec.clusterIP","kind":"Service","name":"wordpress-example","namespace":"wordpress","toConnectionSecretKey":"ip"}]` | [Crossplane connection details](https://docs.crossplane.io/v1.12/concepts/composition/#connection-details) and [FAQ](https://blog.crossplane.io/faq-2-claim-connection-details/) | | helmReleases.helmRelease.helmCrossplaneProviderConfigRefName | string | `""` | defines [crossplane provider config reference name](https://docs.crossplane.io/latest/concepts/providers/) reference configuration name. :exclamation::exclamation: Must match `providerConfigs.helmCrossplane[].providerConfigRefName` of `/helm/charts/mcp/crossplane-provider-configs/values.yaml` :exclamation::exclamation: | | helmReleases.helmRelease.name | string | `""` | helm chart release name | -| helmReleases.helmRelease.namespace | string | `""` | [Namespace]() to install the release into. | +| helmReleases.helmRelease.namespace | string | `"ns1"` | [Namespace]() to install the release into. | | helmReleases.helmRelease.setValues | list | `[{"name":"param1","value":"value2"}]` | define [value overrides](https://github.com/crossplane/crossplane/blob/master/design/one-pager-helm-provider.md#value-overrides). [example](https://github.com/crossplane-contrib/provider-helm/blob/master/examples/sample/release.yaml). | | helmReleases.helmRelease.values | list | `[]` | define [value overrides](https://github.com/crossplane/crossplane/blob/master/design/one-pager-helm-provider.md#value-overrides). [example](https://github.com/crossplane-contrib/provider-helm/blob/master/examples/sample/release.yaml). | | helmReleases.helmRelease.valuesFrom | list | `[{"configMapKeyRef":null,"key":"values.yaml","name":"default-vals","namespace":"wordpress","optional":false},{"key":"svalues.yaml","name":"svals","namespace":"wordpress","optional":false,"secretKeyRef":null}]` | define value overrides via k8s [downward api](https://kubernetes.io/docs/concepts/workloads/pods/downward-api/). [example](https://github.com/crossplane-contrib/provider-helm/blob/master/examples/sample/release.yaml). | diff --git a/helm/charts/mcp/crossplane-provider-helm/values.yaml b/helm/charts/mcp/crossplane-provider-helm/values.yaml index e423049..a6a750c 100644 --- a/helm/charts/mcp/crossplane-provider-helm/values.yaml +++ b/helm/charts/mcp/crossplane-provider-helm/values.yaml @@ -18,7 +18,7 @@ helmReleases: # -- [Version](https://github.com/crossplane-contrib/provider-helm/blob/master/apis/release/v1beta1/types.go) of Helm chart, late initialized with latest version if not set version: "" # -- [Namespace]() to install the release into. - namespace: "" + namespace: "ns1" # -- define [value overrides](https://github.com/crossplane/crossplane/blob/master/design/one-pager-helm-provider.md#value-overrides). [example](https://github.com/crossplane-contrib/provider-helm/blob/master/examples/sample/release.yaml). values: [] # -- define [value overrides](https://github.com/crossplane/crossplane/blob/master/design/one-pager-helm-provider.md#value-overrides). [example](https://github.com/crossplane-contrib/provider-helm/blob/master/examples/sample/release.yaml). diff --git a/helm/charts/mcp/crossplane-provider-kubernetes/Chart.yaml b/helm/charts/mcp/crossplane-provider-kubernetes/Chart.yaml index abf7ab8..8258fe7 100644 --- a/helm/charts/mcp/crossplane-provider-kubernetes/Chart.yaml +++ b/helm/charts/mcp/crossplane-provider-kubernetes/Chart.yaml @@ -17,7 +17,7 @@ icon: "https://avatars.githubusercontent.com/u/45158470?s=48&v=4" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.9 +version: 0.0.10 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/helm/charts/mcp/crossplane-provider-kubernetes/README.md b/helm/charts/mcp/crossplane-provider-kubernetes/README.md index 1e9cdbf..b4dff66 100644 --- a/helm/charts/mcp/crossplane-provider-kubernetes/README.md +++ b/helm/charts/mcp/crossplane-provider-kubernetes/README.md @@ -2,15 +2,15 @@ # crossplane-provider-kubernetes -![Version: 0.0.9](https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.14.1](https://img.shields.io/badge/AppVersion-0.14.1-informational?style=flat-square) +![Version: 0.0.10](https://img.shields.io/badge/Version-0.0.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.14.1](https://img.shields.io/badge/AppVersion-0.14.1-informational?style=flat-square) A Helm Chart to template crossplane provider "kubernetes" manifests to manage k8s cluster stack on a k8s Gardener/Kyma clusters. -**Homepage:** +**Homepage:** ## Source Code -* +* * ## Values diff --git a/helm/charts/mcp/crossplane-provider-pkgs/Chart.yaml b/helm/charts/mcp/crossplane-provider-pkgs/Chart.yaml index 53342bb..d20ca85 100644 --- a/helm/charts/mcp/crossplane-provider-pkgs/Chart.yaml +++ b/helm/charts/mcp/crossplane-provider-pkgs/Chart.yaml @@ -16,7 +16,7 @@ icon: "https://avatars.githubusercontent.com/u/45158470?s=48&v=4" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.10 +version: 0.0.11 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/helm/charts/mcp/crossplane-provider-pkgs/README.md b/helm/charts/mcp/crossplane-provider-pkgs/README.md index 41ab97f..ea9e2d4 100644 --- a/helm/charts/mcp/crossplane-provider-pkgs/README.md +++ b/helm/charts/mcp/crossplane-provider-pkgs/README.md @@ -2,15 +2,15 @@ # crossplane-provider-pkgs -![Version: 0.0.10](https://img.shields.io/badge/Version-0.0.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) +![Version: 0.0.11](https://img.shields.io/badge/Version-0.0.11-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) A Helm Chart to template crossplane provider "kind Provider" manifests to install crossplane family providers. -**Homepage:** +**Homepage:** ## Source Code -* +* * * diff --git a/helm/charts/mcp/crossplane-provider-sap-btp-account/Chart.yaml b/helm/charts/mcp/crossplane-provider-sap-btp-account/Chart.yaml index 52d3277..6364b7c 100644 --- a/helm/charts/mcp/crossplane-provider-sap-btp-account/Chart.yaml +++ b/helm/charts/mcp/crossplane-provider-sap-btp-account/Chart.yaml @@ -16,7 +16,7 @@ icon: "https://avatars.githubusercontent.com/u/45158470?s=48&v=4" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.6 +version: 0.0.7 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/helm/charts/mcp/crossplane-provider-sap-btp-account/README.md b/helm/charts/mcp/crossplane-provider-sap-btp-account/README.md index 8d554a9..b843975 100644 --- a/helm/charts/mcp/crossplane-provider-sap-btp-account/README.md +++ b/helm/charts/mcp/crossplane-provider-sap-btp-account/README.md @@ -2,7 +2,7 @@ # crossplane-provider-sap-btp-account -![Version: 0.0.6](https://img.shields.io/badge/Version-0.0.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.0](https://img.shields.io/badge/AppVersion-0.1.0-informational?style=flat-square) +![Version: 0.0.7](https://img.shields.io/badge/Version-0.0.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.0](https://img.shields.io/badge/AppVersion-0.1.0-informational?style=flat-square) A Helm chart to template crossplane manifests to manage SAP BTP resources. @@ -10,14 +10,14 @@ A Helm chart to template crossplane manifests to manage SAP BTP resources. ## Source Code -* +* ## Values | Key | Type | Default | Description | |-----|------|---------|-------------| | accounts | list | {} | accounts contains information and configuration about a specifig [BTP Global Account](https://help.sap.com/docs/btp/sap-business-technology-platform/getting-global-account). :exclamation::exclamation: Managing BTP Global Accounts is [NOT possible](https://pages.github.tools.sap/cloud-orchestration/docs/sap-services/btp-services/account-managment/accounts#use-existing-global-account) at the moment :exclamation::exclamation: | -| accounts[0] | object | `{"btpSapCrossplaneProviderConfigRefName":"","subAccounts":[{"entitlements":[{"amount":0,"name":"","permitNumericQuota":false,"serviceName":"","servicePlanName":""}],"forProvider":{"betaEnabled":null,"description":"","displayName":"","region":"","subaccountAdmins":["your.name@sap.com"],"subdomain":"","usedForProduction":"NOT_USED_FOR_PRODUCTION"},"metadata":{"annotations":{"CloudManagement":{"crossplane.io/external-name":"..."},"ServiceManager":{"crossplane.io/external-name":"..."}}},"name":"","services":{"cloudManagement":false,"serviceManager":false},"subscriptions":[{"appName":"","name":"","planName":"","writeConnectionSecretToRef":{"name":"","namespace":""}}]}]}` | btpSapCrossplaneProviderConfigRefName defines crossplane provider configuration reference name (identifier) of a [BTP Global Account](https://help.sap.com/docs/btp/sap-business-technology-platform/getting-global-account)! | +| accounts[0] | object | `{"btpSapCrossplaneProviderConfigRefName":"","subAccounts":[{"entitlements":[{"amount":0,"name":"","permitNumericQuota":false,"serviceName":"","servicePlanName":""}],"forProvider":{"betaEnabled":null,"description":"","displayName":"","region":"eu01","subaccountAdmins":["your.name@sap.com"],"subdomain":"dev-eu01","usedForProduction":"NOT_USED_FOR_PRODUCTION"},"metadata":{"annotations":{"CloudManagement":{"crossplane.io/external-name":"..."},"ServiceManager":{"crossplane.io/external-name":"..."}}},"name":"","services":{"cloudManagement":false,"serviceManager":false},"subscriptions":[{"appName":"","name":"","planName":"","writeConnectionSecretToRef":{"name":"","namespace":"ns1"}}]}]}` | btpSapCrossplaneProviderConfigRefName defines crossplane provider configuration reference name (identifier) of a [BTP Global Account](https://help.sap.com/docs/btp/sap-business-technology-platform/getting-global-account)! | | accounts[0].subAccounts | list | {} | subAccounts contains information and configuration about [BTP Sub-Accounts](https://help.sap.com/docs/btp/sap-business-technology-platform/account-model#loio8d6e3a0fa4ab43e4a421d3ed08128afa). | | accounts[0].subAccounts[0].entitlements | list | {} | entitlements defines [BTP Entitlements](https://help.sap.com/docs/btp/sap-business-technology-platform/entitlements-and-quotas) for this [BTP Sub-Account](https://help.sap.com/docs/btp/sap-business-technology-platform/account-model#loio8d6e3a0fa4ab43e4a421d3ed08128afa). Learn more about managing BTP Entitlement with crossplane [here](https://pages.github.tools.sap/cloud-orchestration/docs/sap-services/btp-services/account-managment/entitlements). | | accounts[0].subAccounts[0].entitlements[0].amount | int | `0` | Used when permitNumericQuota=true. Only set amount for multitenant applications and services that do not permit a numeric quota assignment! | @@ -27,9 +27,9 @@ A Helm chart to template crossplane manifests to manage SAP BTP resources. | accounts[0].subAccounts[0].forProvider.betaEnabled | string | `nil` | enable beta services and applications? | | accounts[0].subAccounts[0].forProvider.description | string | `""` | description defines the description of the [BTP Sub-Account](https://help.sap.com/docs/btp/sap-business-technology-platform/account-model#loio8d6e3a0fa4ab43e4a421d3ed08128afa). | | accounts[0].subAccounts[0].forProvider.displayName | string | `""` | defines the display name of the [BTP Sub-Accounts](https://help.sap.com/docs/btp/sap-business-technology-platform/account-model#loio8d6e3a0fa4ab43e4a421d3ed08128afa). | -| accounts[0].subAccounts[0].forProvider.region | string | `""` | [region](https://help.sap.com/docs/btp/sap-business-technology-platform/regions) contains the assigned region of this [BTP Sub-Account](https://help.sap.com/docs/btp/sap-business-technology-platform/account-model#loio8d6e3a0fa4ab43e4a421d3ed08128afa). Each region represents a geographical location (for example, Europe, US East) where applications, data, or services are hosted. Value without "cf-" prefix! e.g. "eu10-canary" | +| accounts[0].subAccounts[0].forProvider.region | string | `"eu01"` | [region](https://help.sap.com/docs/btp/sap-business-technology-platform/regions) contains the assigned region of this [BTP Sub-Account](https://help.sap.com/docs/btp/sap-business-technology-platform/account-model#loio8d6e3a0fa4ab43e4a421d3ed08128afa). Each region represents a geographical location (for example, Europe, US East) where applications, data, or services are hosted. Value without "cf-" prefix! e.g. "eu10-canary" | | accounts[0].subAccounts[0].forProvider.subaccountAdmins | list | `["your.name@sap.com"]` | subaccountAdmins defines a list of Users (identified via Email Adress) with Admin Permission to this [BTP Sub-Account](https://help.sap.com/docs/btp/sap-business-technology-platform/account-model#loio8d6e3a0fa4ab43e4a421d3ed08128afa). Learn more about [BTP User and Member Management](https://help.sap.com/docs/btp/sap-business-technology-platform/user-and-member-management?locale=en-US). | -| accounts[0].subAccounts[0].forProvider.subdomain | string | `""` | This value must be unique across all BTP subaccounts | +| accounts[0].subAccounts[0].forProvider.subdomain | string | `"dev-eu01"` | This value must be unique across all BTP subaccounts | | accounts[0].subAccounts[0].forProvider.usedForProduction | string | `"NOT_USED_FOR_PRODUCTION"` | Available options: NOT_USED_FOR_PRODUCTION, USED_FOR_PRODUCTION, UNSET | | accounts[0].subAccounts[0].metadata | object | [] | *optional* adding custom k8s metadata to manifests | | accounts[0].subAccounts[0].metadata.annotations | object | [] | *optional* adding custom k8s [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) | diff --git a/helm/charts/mcp/crossplane-provider-sap-btp-account/values.yaml b/helm/charts/mcp/crossplane-provider-sap-btp-account/values.yaml index fd75370..5a23b5e 100644 --- a/helm/charts/mcp/crossplane-provider-sap-btp-account/values.yaml +++ b/helm/charts/mcp/crossplane-provider-sap-btp-account/values.yaml @@ -33,9 +33,9 @@ accounts: # -- enable beta services and applications? betaEnabled: # -- [region](https://help.sap.com/docs/btp/sap-business-technology-platform/regions) contains the assigned region of this [BTP Sub-Account](https://help.sap.com/docs/btp/sap-business-technology-platform/account-model#loio8d6e3a0fa4ab43e4a421d3ed08128afa). Each region represents a geographical location (for example, Europe, US East) where applications, data, or services are hosted. Value without "cf-" prefix! e.g. "eu10-canary" - region: "" + region: "eu01" # -- This value must be unique across all BTP subaccounts - subdomain: "" + subdomain: "dev-eu01" # -- Available options: NOT_USED_FOR_PRODUCTION, USED_FOR_PRODUCTION, UNSET usedForProduction: "NOT_USED_FOR_PRODUCTION" # -- subaccountAdmins defines a list of Users (identified via Email Adress) with Admin Permission to this [BTP Sub-Account](https://help.sap.com/docs/btp/sap-business-technology-platform/account-model#loio8d6e3a0fa4ab43e4a421d3ed08128afa). Learn more about [BTP User and Member Management](https://help.sap.com/docs/btp/sap-business-technology-platform/user-and-member-management?locale=en-US). @@ -55,7 +55,7 @@ accounts: # @default -- [] writeConnectionSecretToRef: name: "" - namespace: "" + namespace: "ns1" # -- contains special [BTP Services](https://help.sap.com/docs/btp/sap-business-technology-platform/solutions-and-services?locale=en-US&q=Subscription#services) (e.g. BTP Service Manager) for this [BTP Sub-Account](https://help.sap.com/docs/btp/sap-business-technology-platform/account-model#loio8d6e3a0fa4ab43e4a421d3ed08128afa). # @default -- [] services: diff --git a/helm/charts/mcp/crossplane-provider-sap-btp-environment/Chart.yaml b/helm/charts/mcp/crossplane-provider-sap-btp-environment/Chart.yaml index 403640d..3c0b343 100644 --- a/helm/charts/mcp/crossplane-provider-sap-btp-environment/Chart.yaml +++ b/helm/charts/mcp/crossplane-provider-sap-btp-environment/Chart.yaml @@ -17,7 +17,7 @@ icon: "https://avatars.githubusercontent.com/u/45158470?s=48&v=4" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.12 +version: 0.0.13 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/helm/charts/mcp/crossplane-provider-sap-btp-environment/README.md b/helm/charts/mcp/crossplane-provider-sap-btp-environment/README.md index 6e870a7..4bc5983 100644 --- a/helm/charts/mcp/crossplane-provider-sap-btp-environment/README.md +++ b/helm/charts/mcp/crossplane-provider-sap-btp-environment/README.md @@ -2,15 +2,15 @@ # crossplane-provider-sap-btp-environment -![Version: 0.0.12](https://img.shields.io/badge/Version-0.0.12-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) +![Version: 0.0.13](https://img.shields.io/badge/Version-0.0.13-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) A Helm Chart to template crossplane manifests to manage Cloud Foundry or BTP Kyma environments on BTP. -**Homepage:** +**Homepage:** ## Source Code -* +* * * @@ -19,9 +19,25 @@ A Helm Chart to template crossplane manifests to manage Cloud Foundry or BTP Kym | Key | Type | Default | Description | |-----|------|---------|-------------| | cloudFoundryEnvironments | list | object | cloudFoundryEnvironments contains configuration of [cloudfoundry Environments](https://pages.github.tools.sap/cloud-orchestration/browser/Providers/provider-btp-account/environment.btp.sap.crossplane.io/cloudfoundryenvironment/v1alpha1). | -| cloudFoundryEnvironments[0] | object | `{"btpSapCrossplaneProviderConfigRefName":"","cloudManagementRef":{"name":""},"forProvider":{"initialOrgManagers":["steffen.brunner@sap.com"],"landscape":""},"name":"","subaccountRef":{"name":""},"writeConnectionSecretToRef":[]}` | btpSapCrossplaneProviderConfigRefName defines crossplane provider configuration reference name (identifier) of a ...! | +| cloudFoundryEnvironments[0] | object | `{"btpSapCrossplaneProviderConfigRefName":"","cloudManagementRef":{"name":"dev-eu01"},"forProvider":{"initialOrgManagers":[""],"landscape":""},"name":"","subaccountRef":{"name":"dev-eu01"},"writeConnectionSecretToRef":[]}` | btpSapCrossplaneProviderConfigRefName defines crossplane provider configuration reference name (identifier) of a ...! | | cloudFoundryEnvironments[0].writeConnectionSecretToRef | list | `[]` | *optional* - When a Crossplane Provider creates a managed resource it may generate resource-specific details, like usernames, passwords or connection details like an IP address. Crossplane stores these details in a Kubernetes Secret object specified by the `writeConnectionSecretToRef` values. Learn more about Crossplane concept [Managed Resources Fields](https://docs.crossplane.io/latest/concepts/managed-resources/#writeconnectionsecrettoref)! | -| kymaEnvironments | list | `[{"btpSapCrossplaneProviderConfigRefName":"","cloudManagementRef":{"name":""},"forProvider":{"administrators":["...@sap.com"],"autoScalerMax":3,"autoScalerMin":3,"machineType":"m5.xlarge","oidc":{"clientID":"","groupsClaim":"groups","issuerURL":"https://.accounts400.ondemand.com","signingAlgs":["RS256"],"usernameClaim":"email","usernamePrefix":"-"},"parameters":null,"region":"eu-west-2"},"name":"","planName":"aws","subaccountRef":{"name":""},"writeConnectionSecretToRef":{"name":"demo-kyma-kubeconfig-local","namespace":"default"}}]` | https://pages.github.tools.sap/cloud-orchestration/docs/use-cases/workload_to_kyma | +| kymaEnvironments[0].btpSapCrossplaneProviderConfigRefName | string | `""` | | +| kymaEnvironments[0].cloudManagementRef.name | string | `"dev-eu01"` | | +| kymaEnvironments[0].forProvider.administrators[0] | string | `"...@sap.com"` | | +| kymaEnvironments[0].forProvider.autoScalerMax | int | `3` | | +| kymaEnvironments[0].forProvider.autoScalerMin | int | `3` | | +| kymaEnvironments[0].forProvider.machineType | string | `"m5.xlarge"` | | +| kymaEnvironments[0].forProvider.oidc.clientID | string | `""` | | +| kymaEnvironments[0].forProvider.oidc.groupsClaim | string | `"groups"` | | +| kymaEnvironments[0].forProvider.oidc.issuerURL | string | `"https://.accounts400.ondemand.com"` | | +| kymaEnvironments[0].forProvider.oidc.signingAlgs[0] | string | `"RS256"` | | +| kymaEnvironments[0].forProvider.oidc.usernameClaim | string | `"email"` | | +| kymaEnvironments[0].forProvider.oidc.usernamePrefix | string | `"-"` | | +| kymaEnvironments[0].forProvider.parameters | string | `nil` | | +| kymaEnvironments[0].forProvider.region | string | `"eu-west-2"` | | +| kymaEnvironments[0].name | string | `""` | | +| kymaEnvironments[0].planName | string | `"aws"` | | +| kymaEnvironments[0].subaccountRef.name | string | `"dev-eu01"` | | | kymaEnvironments[0].writeConnectionSecretToRef | object | `{"name":"demo-kyma-kubeconfig-local","namespace":"default"}` | *optional* - When a Crossplane Provider creates a managed resource it may generate resource-specific details, like usernames, passwords or connection details like an IP address. Crossplane stores these details in a Kubernetes Secret object specified by the `writeConnectionSecretToRef` values. Learn more about Crossplane concept [Managed Resources Fields](https://docs.crossplane.io/latest/concepts/managed-resources/#writeconnectionsecrettoref)! | ---------------------------------------------- diff --git a/helm/charts/mcp/crossplane-provider-sap-btp-environment/values.yaml b/helm/charts/mcp/crossplane-provider-sap-btp-environment/values.yaml index a0f6edf..2e8d63f 100644 --- a/helm/charts/mcp/crossplane-provider-sap-btp-environment/values.yaml +++ b/helm/charts/mcp/crossplane-provider-sap-btp-environment/values.yaml @@ -11,9 +11,9 @@ cloudFoundryEnvironments: - "" landscape: "" cloudManagementRef: - name: "" + name: "dev-eu01" subaccountRef: - name: "" + name: "dev-eu01" # -- *optional* - When a Crossplane Provider creates a managed resource it may generate resource-specific details, like usernames, passwords or connection details like an IP address. # Crossplane stores these details in a Kubernetes Secret object specified by the `writeConnectionSecretToRef` values. Learn more about Crossplane concept [Managed Resources Fields](https://docs.crossplane.io/latest/concepts/managed-resources/#writeconnectionsecrettoref)! writeConnectionSecretToRef: [] @@ -39,9 +39,9 @@ kymaEnvironments: region: "eu-west-2" planName: "aws" cloudManagementRef: - name: "" + name: "dev-eu01" subaccountRef: - name: "" + name: "dev-eu01" # -- *optional* - When a Crossplane Provider creates a managed resource it may generate resource-specific details, like usernames, passwords or connection details like an IP address. # Crossplane stores these details in a Kubernetes Secret object specified by the `writeConnectionSecretToRef` values. Learn more about Crossplane concept [Managed Resources Fields](https://docs.crossplane.io/latest/concepts/managed-resources/#writeconnectionsecrettoref)! writeConnectionSecretToRef: diff --git a/helm/charts/mcp/external-secrets-config/Chart.yaml b/helm/charts/mcp/external-secrets-config/Chart.yaml index d5cfbf6..f975bee 100644 --- a/helm/charts/mcp/external-secrets-config/Chart.yaml +++ b/helm/charts/mcp/external-secrets-config/Chart.yaml @@ -16,7 +16,7 @@ icon: "https://github.com/external-secrets/external-secrets/raw/main/assets/eso- # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.7 +version: 0.1.8 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/helm/charts/mcp/external-secrets-config/README.md b/helm/charts/mcp/external-secrets-config/README.md index d3660a3..12b3026 100644 --- a/helm/charts/mcp/external-secrets-config/README.md +++ b/helm/charts/mcp/external-secrets-config/README.md @@ -2,15 +2,15 @@ # external-secrets-config -![Version: 0.1.7](https://img.shields.io/badge/Version-0.1.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.10.0](https://img.shields.io/badge/AppVersion-0.10.0-informational?style=flat-square) +![Version: 0.1.8](https://img.shields.io/badge/Version-0.1.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.10.0](https://img.shields.io/badge/AppVersion-0.10.0-informational?style=flat-square) A Helm Chart to template external-secrets.io manifests to sync credentials from remote vault (e.g. SAP HashiCorp Vault). -**Homepage:** +**Homepage:** ## Source Code -* +* * ## Values @@ -38,13 +38,13 @@ A Helm Chart to template external-secrets.io manifests to sync credentials from | clusterSecretStores[0].provider.vault.auth.appRole.roleId | string | `""` | *(optional)* [roleId](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultAppRole) configured in the App Role authentication backend when setting up the authentication backend in Vault. | | clusterSecretStores[0].provider.vault.auth.appRole.secretRef.key | string | `""` | [`type SecretKeySelector `](https://pkg.go.dev/github.com/external-secrets/external-secrets/apis/meta/v1#SecretKeySelector) | | clusterSecretStores[0].provider.vault.auth.appRole.secretRef.name | string | `""` | [`type SecretKeySelector `](https://pkg.go.dev/github.com/external-secrets/external-secrets/apis/meta/v1#SecretKeySelector) | -| clusterSecretStores[0].provider.vault.namespace | string | `""` | *(optional)* Name of the [vault namespace](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider). Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: “ns1”. More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces. E.g. s4/ketos | +| clusterSecretStores[0].provider.vault.namespace | string | `"ns1"` | *(optional)* Name of the [vault namespace](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider). Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: “ns1”. More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces. E.g. "ns1" | | clusterSecretStores[0].provider.vault.path | string | `""` | *(optional)* [Path](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider) is the mount path of the Vault KV backend endpoint, e.g: “secret”. The v2 KV secret engine version specific “/data” path suffix for fetching secrets from Vault is optional and will be appended if not present in specified path. | -| clusterSecretStores[0].provider.vault.server | string | `""` | [Server](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider) is the connection address for the Vault server, e.g: "https://vault.tools.sap/". | +| clusterSecretStores[0].provider.vault.server | string | `"https://vault.example/"` | [Server](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider) is the connection address for the Vault server, e.g: "https://vault.example/". | | clusterSecretStores[0].provider.vault.version | string | `"v2"` | [Version](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider) is the Vault KV secret engine version. This can be either “v1” or “v2”. Version defaults to “v2”. | | credentials[0].data | list | `[]` | *(optional)* [data](https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/secret-v1/) *(map[string][]byte)* Data contains the secret data. Each key must consist of alphanumeric characters, '-', '_' or '.'. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4 | | credentials[0].name | string | `""` | defines k8s `metadata.name` value of `kind: Secret` | -| credentials[0].namespace | string | `""` | *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Secret` | +| credentials[0].namespace | string | `"ns1"` | *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Secret` | | credentials[0].stringData | list | `[]` | *(optional)* [stringData](https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/secret-v1/) *(map[string]string)* allows specifying non-binary secret data in string form. It is provided as a write-only input field for convenience. All keys and values are merged into the data field on write, overwriting any existing values. The stringData field is never output when reading from the API. | | defaults.externalSecret.secretStoreRef.kind | string | `"SecretStore"` | | | defaults.namespace | string | `"default"` | default namespace value for optional `namespace` fields. | @@ -52,12 +52,12 @@ A Helm Chart to template external-secrets.io manifests to sync credentials from | externalSecret[0].creationPolicy | string | `""` | *(optional)* CreationPolicy defines rules on how to create the resulting Secret Defaults to ‘Owner’ | | externalSecret[0].data | list | [] | *(optional)* [Data](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.ExternalSecret) defines the connection between the Kubernetes Secret keys and the Provider data | | externalSecret[0].data[0].remoteRef | object | `{"key":"","property":""}` | [RemoteRef](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.ExternalSecretData) points to the remote secret and defines which secret (version/property/..) to fetch. | -| externalSecret[0].data[0].remoteRef.key | string | `""` | [Key](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.ExternalSecretDataRemoteRef) is the key used in the Provider, mandatory. E.g. "j4azdfnld24bts5.laasds.shoot.live.k8s-hana.ondemand.com/garden-ketos-co-sa-mcp-test" | +| externalSecret[0].data[0].remoteRef.key | string | `""` | [Key](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.ExternalSecretDataRemoteRef) is the key used in the Provider, mandatory. E.g. "btp-endpoint.example/btp-account" | | externalSecret[0].data[0].remoteRef.property | string | `""` | *(optional)* Used to select a [specific property](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.ExternalSecretDataRemoteRef) of the Provider value (if a map), if supported. E.g. "kubeconfig" | | externalSecret[0].deletionPolicy | string | `""` | *(optional)* DeletionPolicy defines rules on how to delete the resulting Secret Defaults to ‘Retain’ | | externalSecret[0].immutable | bool | `false` | *(optional)* Immutable defines if the final secret will be immutable | | externalSecret[0].name | string | `""` | defines k8s [`metadata.name`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: ExternalSecret` | -| externalSecret[0].namespace | string | `""` | *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: ExternalSecret` | +| externalSecret[0].namespace | string | `"ns1"` | *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: ExternalSecret` | | externalSecret[0].refreshInterval | string | `""` | [RefreshInterval](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.ExternalSecret) is the amount of time before the values are read again from the SecretStore provider Valid time units are “ns”, “us” (or “µs”), “ms”, “s”, “m”, “h” May be set to zero to fetch and create it once. Defaults to 1h. | | externalSecret[0].secretStore | object | `{"kind":"","name":""}` | [SecretStoreRef](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.SecretStoreRef) defines which SecretStore to fetch the ExternalSecret data. | | externalSecret[0].secretStore.kind | string | `""` | *(optional)* Kind of the SecretStore resource (`SecretStore` or `ClusterSecretStore`) Defaults to `.Values.defaults.externalSecret.secretStoreRef.kind` | @@ -73,7 +73,7 @@ A Helm Chart to template external-secrets.io manifests to sync credentials from | pushSecrets[0].spec.template | list | `[]` | *optional* Template defines a blueprint for the created Secret resource. | | pushSecrets[0].spec.updatePolicy | string | `""` | *optional* Policy to overwrite existing secrets in the provider on sync. E.g. Replace | | secretStores[0].name | string | `""` | defines k8s [`metadata.name`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: SecretStore` | -| secretStores[0].namespace | string | `""` | *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: SecretStore` | +| secretStores[0].namespace | string | `"ns1"` | *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: SecretStore` | | secretStores[0].provider | object | [] | Used to configure the [provider](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.SecretStoreSpec). Only one provider may be set. | | secretStores[0].provider.vault | object | [] | *(optional)* [Vault](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.SecretStoreProvider) configures this store to sync secrets using Hashi provider | | secretStores[0].provider.vault.auth | object | [] | [Auth](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider) configures how secret-manager authenticates with the Vault server. | @@ -82,9 +82,9 @@ A Helm Chart to template external-secrets.io manifests to sync credentials from | secretStores[0].provider.vault.auth.appRole.roleId | string | `""` | *(optional)* [roleId](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultAppRole) configured in the App Role authentication backend when setting up the authentication backend in Vault. | | secretStores[0].provider.vault.auth.appRole.secretRef.key | string | `""` | [`type SecretKeySelector `](https://pkg.go.dev/github.com/external-secrets/external-secrets/apis/meta/v1#SecretKeySelector) | | secretStores[0].provider.vault.auth.appRole.secretRef.name | string | `""` | [`type SecretKeySelector `](https://pkg.go.dev/github.com/external-secrets/external-secrets/apis/meta/v1#SecretKeySelector) | -| secretStores[0].provider.vault.namespace | string | `""` | *(optional)* Name of the [vault namespace](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider). Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: “ns1”. More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces. E.g. s4/ketos | +| secretStores[0].provider.vault.namespace | string | `"ns1"` | *(optional)* Name of the [vault namespace](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider). Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: “ns1”. More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces. E.g. "ns1" | | secretStores[0].provider.vault.path | string | `""` | *(optional)* [Path](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider) is the mount path of the Vault KV backend endpoint, e.g: “secret”. The v2 KV secret engine version specific “/data” path suffix for fetching secrets from Vault is optional and will be appended if not present in specified path. | -| secretStores[0].provider.vault.server | string | `""` | [Server](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider) is the connection address for the Vault server, e.g: "https://vault.tools.sap/". | +| secretStores[0].provider.vault.server | string | `""` | [Server](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider) is the connection address for the Vault server, e.g: "https://vault.example/". | | secretStores[0].provider.vault.version | string | `"v2"` | [Version](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider) is the Vault KV secret engine version. This can be either “v1” or “v2”. Version defaults to “v2”. | ---------------------------------------------- diff --git a/helm/charts/mcp/external-secrets-config/values.ci.yaml b/helm/charts/mcp/external-secrets-config/values.ci.yaml index f6fb0ff..d8f69e4 100644 --- a/helm/charts/mcp/external-secrets-config/values.ci.yaml +++ b/helm/charts/mcp/external-secrets-config/values.ci.yaml @@ -3,12 +3,12 @@ ###! /!\ this file is only used in github pipeline to template a valid and NOT empty helm manifest! ##### ######################################################################################################################## clusterSecretStores: - - name: "sap-hashicorp-vault-cluster-store" + - name: "hashicorp-vault-cluster-store" controller: "controller" provider: vault: - server: "https://vault.tools.sap/" - namespace: "s4/ketos" + server: "https://vault.example/" + namespace: "ns1" path: "k8s-clusters" version: "v2" auth: @@ -16,11 +16,11 @@ clusterSecretStores: path: "approle" roleId: "cf33bb15" secretRef: - name: "sap-hashicorp-vault-token" + name: "hashicorp-vault-token" key: "token" ######################################################################################################################## clusterExternalSecret: -- name: "garden-ketos-co-sa-mcp-test" +- name: "openmcp-test" externalSecretName: "externalSecretName" refreshTime: "1m" namespaceSelectors: @@ -60,12 +60,12 @@ clusterExternalSecret: property: provider-key-property ######################################################################################################################## secretStores: -- name: "sap-hashicorp-vault" +- name: "hashicorp-vault" namespace: "default" provider: vault: - server: "https://vault.tools.sap/" - namespace: "s4/ketos" + server: "https://vault.example/" + namespace: "ns1" path: "k8s-clusters" version: "v2" auth: @@ -73,51 +73,51 @@ secretStores: path: "approle" roleId: "cf33bb15" secretRef: - name: "sap-hashicorp-vault-token" + name: "hashicorp-vault-token" key: "token" ######################################################################################################################## externalSecret: - - name: "garden-ketos-co-sa-mcp-test" + - name: "openmcp-test" namespace: "default" refreshInterval: "15m" - targetSecretName: garden-ketos-co-sa-mcp-test + targetSecretName: "openmcp-test" secretStore: - name: "sap-hashicorp-vault" + name: "hashicorp-vault" data: - secretKey: kubeconfig remoteRef: - key: "j4azdf.laasds.shoot.live.k8s-hana.ondemand.com/garden-ketos-co-sa-mcp-test" + key: "j4azdf.laasds.shoot.live.k8s-hana.ondemand.com/garden-openmcp-test" property: kubeconfig - - name: "garden-ketos-co-sa-mcp-test-2" + - name: "garden-openmcp-test-2" namespace: "default" refreshInterval: "15m" - targetSecretName: garden-ketos-co-sa-mcp-test-2 + targetSecretName: garden-openmcp-test-2 secretStore: - name: "sap-hashicorp-vault" + name: "hashicorp-vault" data: - secretKey: kubeconfig remoteRef: - key: "j4azdf.laasds.shoot.live.k8s-hana.ondemand.com/garden-ketos-co-sa-mcp-test" + key: "j4azdf.laasds.shoot.live.k8s-hana.ondemand.com/garden-openmcp-test" property: kubeconfig - - name: "btp-account-ketos-kita-test" + - name: "btp-account-openmcp-test" namespace: "default" refreshInterval: "15m" - targetSecretName: btp-account-ketos-kita-test + targetSecretName: btp-account-openmcp-test secretStore: - name: "sap-hashicorp-vault-cluster-store" + name: "hashicorp-vault-cluster-store" kind: "ClusterSecretStore" data: - secretKey: btp-cis-provider-credentials remoteRef: - key: "j4azdf.laasds.shoot.live.k8s-hana.ondemand.com/btp-accounts-ketos-kita-test" + key: "j4azdf.laasds.shoot.live.k8s-hana.ondemand.com/btp-accounts-openmcp-test" property: btp-cis-provider-credentials - secretKey: btp-service-account-provider-credentials remoteRef: - key: "j4azdf.laasds.shoot.live.k8s-hana.ondemand.com/btp-accounts-ketos-kita-test" + key: "j4azdf.laasds.shoot.live.k8s-hana.ondemand.com/btp-accounts-openmcp-test" property: btp-service-account-provider-credentials ######################################################################################################################## pushSecrets: - - name: "garden-ketos-co-sa-mcp-test" + - name: "openmcp-test" namespace: "default" spec: updatePolicy: Replace # Policy to overwrite existing secrets in the provider on sync diff --git a/helm/charts/mcp/external-secrets-config/values.yaml b/helm/charts/mcp/external-secrets-config/values.yaml index 100b9bd..34717ad 100644 --- a/helm/charts/mcp/external-secrets-config/values.yaml +++ b/helm/charts/mcp/external-secrets-config/values.yaml @@ -13,17 +13,17 @@ secretStores: # secretStores[0].name -- defines k8s [`metadata.name`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: SecretStore` - name: "" # -- *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: SecretStore` - namespace: "" + namespace: "ns1" # -- Used to configure the [provider](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.SecretStoreSpec). Only one provider may be set. # @default -- [] provider: # -- *(optional)* [Vault](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.SecretStoreProvider) configures this store to sync secrets using Hashi provider # @default -- [] vault: - # -- [Server](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider) is the connection address for the Vault server, e.g: "https://vault.tools.sap/". + # -- [Server](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider) is the connection address for the Vault server, e.g: "https://vault.example/". server: "" - # -- *(optional)* Name of the [vault namespace](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider). Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: “ns1”. More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces. E.g. s4/ketos - namespace: "" + # -- *(optional)* Name of the [vault namespace](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider). Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: “ns1”. More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces. E.g. "ns1" + namespace: "ns1" # -- *(optional)* [Path](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider) is the mount path of the Vault KV backend endpoint, e.g: “secret”. The v2 KV secret engine version specific “/data” path suffix for fetching secrets from Vault is optional and will be appended if not present in specified path. path: "" # -- [Version](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider) is the Vault KV secret engine version. This can be either “v1” or “v2”. Version defaults to “v2”. @@ -51,7 +51,7 @@ externalSecret: # externalSecret[0].name -- defines k8s [`metadata.name`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: ExternalSecret` - name: "" # -- *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: ExternalSecret` - namespace: "" + namespace: "ns1" # -- [SecretStoreRef](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.SecretStoreRef) defines which SecretStore to fetch the ExternalSecret data. secretStore: # -- Name of the SecretStore resource @@ -77,7 +77,7 @@ externalSecret: - secretKey: "" # -- [RemoteRef](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.ExternalSecretData) points to the remote secret and defines which secret (version/property/..) to fetch. remoteRef: - # -- [Key](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.ExternalSecretDataRemoteRef) is the key used in the Provider, mandatory. E.g. "j4azdfnld24bts5.laasds.shoot.live.k8s-hana.ondemand.com/garden-ketos-co-sa-mcp-test" + # -- [Key](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.ExternalSecretDataRemoteRef) is the key used in the Provider, mandatory. E.g. "btp-endpoint.example/btp-account" key: "" # -- *(optional)* Used to select a [specific property](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.ExternalSecretDataRemoteRef) of the Provider value (if a map), if supported. E.g. "kubeconfig" property: "" @@ -95,10 +95,10 @@ clusterSecretStores: # -- *(optional)* [Vault](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.SecretStoreProvider) configures this store to sync secrets using Hashi provider # @default -- [] vault: - # -- [Server](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider) is the connection address for the Vault server, e.g: "https://vault.tools.sap/". - server: "" - # -- *(optional)* Name of the [vault namespace](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider). Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: “ns1”. More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces. E.g. s4/ketos - namespace: "" + # -- [Server](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider) is the connection address for the Vault server, e.g: "https://vault.example/". + server: "https://vault.example/" + # -- *(optional)* Name of the [vault namespace](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider). Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: “ns1”. More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces. E.g. "ns1" + namespace: "ns1" # -- *(optional)* [Path](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider) is the mount path of the Vault KV backend endpoint, e.g: “secret”. The v2 KV secret engine version specific “/data” path suffix for fetching secrets from Vault is optional and will be appended if not present in specified path. path: "" # -- [Version](https://external-secrets.io/latest/api/spec/#external-secrets.io/v1beta1.VaultProvider) is the Vault KV secret engine version. This can be either “v1” or “v2”. Version defaults to “v2”. @@ -152,7 +152,7 @@ clusterExternalSecret: # @default -- {} pushSecrets: - name: "" - namespace: "" + namespace: "ns1" # @default -- [] spec: # -- *optional* Policy to overwrite existing secrets in the provider on sync. E.g. Replace @@ -176,7 +176,7 @@ credentials: # credentials[0].name -- defines k8s `metadata.name` value of `kind: Secret` - name: "" # -- *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Secret` - namespace: "" + namespace: "ns1" # -- *(optional)* [stringData](https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/secret-v1/) *(map[string]string)* allows specifying non-binary secret data in string form. It is provided as a write-only input field for convenience. All keys and values are merged into the data field on write, overwriting any existing values. The stringData field is never output when reading from the API. stringData: [] # -- *(optional)* [data](https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/secret-v1/) *(map[string][]byte)* Data contains the secret data. Each key must consist of alphanumeric characters, '-', '_' or '.'. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4 diff --git a/helm/charts/mcp/flux-config/Chart.yaml b/helm/charts/mcp/flux-config/Chart.yaml index f39b136..9cc076f 100644 --- a/helm/charts/mcp/flux-config/Chart.yaml +++ b/helm/charts/mcp/flux-config/Chart.yaml @@ -2,7 +2,7 @@ # The Chart.yaml file is required for a chart. See all avaiable fields: https://helm.sh/docs/topics/charts/#the-chartyaml-file apiVersion: v2 name: flux-config -description: A Helm Chart to template flux manifests to leverage GitOps on a CO MCP cluster. +description: A Helm Chart to template flux manifests to leverage GitOps on a OpenMCP cluster. # A chart can be either an 'application' or a 'library' chart. # # Application charts are a collection of templates that can be packaged into versioned archives @@ -17,7 +17,7 @@ icon: "https://avatars.githubusercontent.com/u/52158677?s=200&v=4" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.14 +version: 0.0.15 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/helm/charts/mcp/flux-config/README.md b/helm/charts/mcp/flux-config/README.md index 9871f15..864d190 100644 --- a/helm/charts/mcp/flux-config/README.md +++ b/helm/charts/mcp/flux-config/README.md @@ -2,15 +2,15 @@ # flux-config -![Version: 0.0.14](https://img.shields.io/badge/Version-0.0.14-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.3.0](https://img.shields.io/badge/AppVersion-2.3.0-informational?style=flat-square) +![Version: 0.0.15](https://img.shields.io/badge/Version-0.0.15-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.3.0](https://img.shields.io/badge/AppVersion-2.3.0-informational?style=flat-square) -A Helm Chart to template flux manifests to leverage GitOps on a CO MCP cluster. +A Helm Chart to template flux manifests to leverage GitOps on a OpenMCP cluster. -**Homepage:** +**Homepage:** ## Source Code -* +* * ## Values @@ -19,7 +19,7 @@ A Helm Chart to template flux manifests to leverage GitOps on a CO MCP cluster. |-----|------|---------|-------------| | credentials[0].data | list | `[]` | *(optional)* [data](https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/secret-v1/) *(map[string][]byte)* Data contains the secret data. Each key must consist of alphanumeric characters, '-', '_' or '.'. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4 | | credentials[0].name | string | `""` | defines k8s `metadata.name` value of `kind: Secret` | -| credentials[0].namespace | string | `""` | *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Secret` | +| credentials[0].namespace | string | `"ns1"` | *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Secret` | | credentials[0].stringData | list | `[]` | *(optional)* [stringData](https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/secret-v1/) *(map[string]string)* allows specifying non-binary secret data in string form. It is provided as a write-only input field for convenience. All keys and values are merged into the data field on write, overwriting any existing values. The stringData field is never output when reading from the API. | | defaults.namespace | string | `"default"` | default namespace value for *(optional)*`namespace` fields. | | defaults.targetNamespace | string | `"default"` | targetNamespace sets or overrides the default namespace in the `kind: Kustomization` manifests. | @@ -35,7 +35,7 @@ A Helm Chart to template flux manifests to leverage GitOps on a CO MCP cluster. | gitRepositorys[0].kustomizations[0].name | string | `""` | defines k8s [`metadata.name`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Kustomization` e.g. "co-helm-charts-blueprint" | | gitRepositorys[0].kustomizations[0].namePrefix | string | `nil` | [namePrefix](https://fluxcd.io/flux/components/kustomize/kustomizations/#name-prefix-and-suffix) are *(optional)*fields used to specify a prefix and suffix to be added to the names of all the resources in the Kustomization. | | gitRepositorys[0].kustomizations[0].nameSuffix | string | `nil` | [nameSuffix](https://fluxcd.io/flux/components/kustomize/kustomizations/#name-prefix-and-suffix) are *(optional)*fields used to specify a prefix and suffix to be added to the names of all the resources in the Kustomization. | -| gitRepositorys[0].kustomizations[0].namespace | string | `""` | *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Kustomization` | +| gitRepositorys[0].kustomizations[0].namespace | string | `"ns1"` | *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Kustomization` | | gitRepositorys[0].kustomizations[0].patches | string | `nil` | [patches](https://fluxcd.io/flux/components/kustomize/kustomizations/#patches) is an *(optional)*list used to specify Kustomize patches as inline YAML objects. | | gitRepositorys[0].kustomizations[0].path | string | `""` | *(optional)* [Path](https://fluxcd.io/flux/components/kustomize/api/v1/#kustomize.toolkit.fluxcd.io/v1.KustomizationSpec) to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml should be generated for. Defaults to ‘None’, which translates to the root path of the SourceRef. e.g. "./manifests/mcps/j4azdfnld24bts5.laasds.shoot.live.k8s-hana.ondemand.com" | | gitRepositorys[0].kustomizations[0].postBuild | list | `[]` | [postBuild](https://fluxcd.io/flux/components/kustomize/kustomizations/#post-build-variable-substitution) Post build variable substitution | @@ -43,18 +43,18 @@ A Helm Chart to template flux manifests to leverage GitOps on a CO MCP cluster. | gitRepositorys[0].kustomizations[0].retryInterval | string | `nil` | [retryInterval](https://fluxcd.io/flux/components/kustomize/kustomizations/#retry-interval) is an *(optional)*field to specify the interval at which to retry a failed reconciliation. | | gitRepositorys[0].kustomizations[0].serviceAccountName | string | `nil` | [serviceAccountName](https://fluxcd.io/flux/components/kustomize/kustomizations/#service-account-reference) is an *(optional)*field used to specify the ServiceAccount to be impersonated while reconciling the Kustomization. | | gitRepositorys[0].kustomizations[0].suspend | string | `nil` | [suspend](https://fluxcd.io/flux/components/kustomize/kustomizations/#suspend) is an *(optional)*boolean field to suspend the reconciliation of the Kustomization. When a Kustomization is suspended, new Source revisions are not applied to the cluster and drift detection/correction is paused. To resume normal reconciliation, set it back to false or remove the field. | -| gitRepositorys[0].kustomizations[0].targetNamespace | string | `""` | *(optional)* targetNamespace defines the namespace in the `kind: Kustomization` manifests. | +| gitRepositorys[0].kustomizations[0].targetnamespace | string | `"ns1"` | *(optional)* targetNamespace defines the namespace in the `kind: Kustomization` manifests. | | gitRepositorys[0].kustomizations[0].timeout | string | `nil` | *(optional)* [Timeout](https://fluxcd.io/flux/components/kustomize/api/v1/#kustomize.toolkit.fluxcd.io/v1.KustomizationSpec) for validation, apply and health checking operations. Defaults to ‘Interval’ duration. e.g. 1m | | gitRepositorys[0].kustomizations[0].wait | string | `nil` | [wait](https://fluxcd.io/flux/components/kustomize/kustomizations/#wait) is an *(optional)*boolean field to perform health checks for all reconciled resources as part of the Kustomization. If set to true, .spec.healthChecks is ignored. | | gitRepositorys[0].name | string | `""` | defines k8s [`metadata.name`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: GitRepository` | -| gitRepositorys[0].namespace | string | `""` | *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: GitRepository` | +| gitRepositorys[0].namespace | string | `"ns1"` | *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: GitRepository` | | gitRepositorys[0].spec.interval | string | `"1m"` | [Interval](https://fluxcd.io/flux/components/source/api/v1/#source.toolkit.fluxcd.io/v1.GitRepositorySpec) at which the GitRepository URL is checked for updates. This interval is approximate and may be subject to jitter to ensure efficient use of resources. | | gitRepositorys[0].spec.ref | object | `{"branch":""}` | *(optional)* Reference specifies the Git reference to resolve and monitor for changes, defaults to the ‘master’ branch. | | gitRepositorys[0].spec.ref.branch | string | `""` | *(optional)* [branch](https://fluxcd.io/flux/components/source/api/v1/#source.toolkit.fluxcd.io/v1.GitRepositoryRef) Branch to check out, defaults to ‘master’ if no other field is defined. e.g. "main" | | gitRepositorys[0].spec.secretRef | object | `{"name":""}` | *(optional)* [SecretRef](https://fluxcd.io/flux/components/source/api/v1/#source.toolkit.fluxcd.io/v1.GitRepositorySpec) specifies the Secret containing authentication credentials for the GitRepository. For HTTPS repositories the Secret must contain ‘username’ and ‘password’ fields for basic auth or ‘bearerToken’ field for token auth. For SSH repositories the Secret must contain ‘identity’ and ‘known_hosts’ fields. | | gitRepositorys[0].spec.secretRef.name | string | `""` | [`type SecretKeySelector `](https://pkg.go.dev/github.com/external-secrets/external-secrets/apis/meta/v1#SecretKeySelector) | -| gitRepositorys[0].spec.url | string | `""` | [URL]() specifies the Git repository URL, it can be an HTTP/S or SSH address. E.g. https://github.tools.sap/.../... | -| kustomizations | list | `[{"commonMetadata":[],"components":{},"decryption":[],"dependsOn":{},"force":null,"healthChecks":{},"images":{},"interval":null,"kubeConfig":[],"name":"","namePrefix":null,"nameSuffix":null,"namespace":"","patches":null,"path":"","postBuild":[],"prune":null,"retryInterval":null,"serviceAccountName":null,"sourceRef":{"apiVersion":"","kind":"GitRepository","name":"","namespace":""},"suspend":null,"targetNamespace":"","timeout":null,"wait":null}]` | defines independent [`kind: Kustomization`](https://fluxcd.io/flux/components/kustomize/api/v1/#kustomize.toolkit.fluxcd.io/v1.Kustomization) manifest without the generation of `kind: GitRepository`. | +| gitRepositorys[0].spec.url | string | `""` | [URL]() specifies the Git repository URL, it can be an HTTP/S or SSH address. | +| kustomizations | list | `[{"commonMetadata":[],"components":{},"decryption":[],"dependsOn":{},"force":null,"healthChecks":{},"images":{},"interval":null,"kubeConfig":[],"name":"","namePrefix":null,"nameSuffix":null,"namespace":"ns1","patches":null,"path":"","postBuild":[],"prune":null,"retryInterval":null,"serviceAccountName":null,"sourceRef":{"apiVersion":"","kind":"GitRepository","name":"","namespace":"ns1"},"suspend":null,"targetnamespace":"ns1","timeout":null,"wait":null}]` | defines independent [`kind: Kustomization`](https://fluxcd.io/flux/components/kustomize/api/v1/#kustomize.toolkit.fluxcd.io/v1.Kustomization) manifest without the generation of `kind: GitRepository`. | | kustomizations[0].commonMetadata | list | `[]` | [commonMetadata](https://fluxcd.io/flux/components/kustomize/kustomizations/#common-metadata) is an *(optional)*field used to specify any metadata that should be applied to all the Kustomization’s resources. | | kustomizations[0].components | object | `{}` | [components](https://fluxcd.io/flux/components/kustomize/kustomizations/#components) is an *(optional)*list used to specify Kustomize components. This allows using reusable pieces of configuration logic that can be included from multiple overlays. | | kustomizations[0].decryption | list | `[]` | [decryption](https://fluxcd.io/flux/components/kustomize/kustomizations/#decryption) is an *(optional)*field to specify the configuration to decrypt Secrets that are a part of the Kustomization. | @@ -67,20 +67,20 @@ A Helm Chart to template flux manifests to leverage GitOps on a CO MCP cluster. | kustomizations[0].name | string | `""` | defines k8s [`metadata.name`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Kustomization` e.g. "co-helm-charts-blueprint" | | kustomizations[0].namePrefix | string | `nil` | [namePrefix](https://fluxcd.io/flux/components/kustomize/kustomizations/#name-prefix-and-suffix) are *(optional)*fields used to specify a prefix and suffix to be added to the names of all the resources in the Kustomization. | | kustomizations[0].nameSuffix | string | `nil` | [nameSuffix](https://fluxcd.io/flux/components/kustomize/kustomizations/#name-prefix-and-suffix) are *(optional)*fields used to specify a prefix and suffix to be added to the names of all the resources in the Kustomization. | -| kustomizations[0].namespace | string | `""` | *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Kustomization` | +| kustomizations[0].namespace | string | `"ns1"` | *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Kustomization` | | kustomizations[0].patches | string | `nil` | [patches](https://fluxcd.io/flux/components/kustomize/kustomizations/#patches) is an *(optional)*list used to specify Kustomize patches as inline YAML objects. | | kustomizations[0].path | string | `""` | *(optional)* [Path](https://fluxcd.io/flux/components/kustomize/api/v1/#kustomize.toolkit.fluxcd.io/v1.KustomizationSpec) to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml should be generated for. Defaults to ‘None’, which translates to the root path of the SourceRef. e.g. "./manifests/mcps/j4azdfnld24bts5.laasds.shoot.live.k8s-hana.ondemand.com" | | kustomizations[0].postBuild | list | `[]` | [postBuild](https://fluxcd.io/flux/components/kustomize/kustomizations/#post-build-variable-substitution) Post build variable substitution | | kustomizations[0].prune | string | `nil` | [Prune](https://fluxcd.io/flux/components/kustomize/api/v1/#kustomize.toolkit.fluxcd.io/v1.KustomizationSpec) enables garbage collection. e.g. true/false | | kustomizations[0].retryInterval | string | `nil` | [retryInterval](https://fluxcd.io/flux/components/kustomize/kustomizations/#retry-interval) is an *(optional)*field to specify the interval at which to retry a failed reconciliation. | | kustomizations[0].serviceAccountName | string | `nil` | [serviceAccountName](https://fluxcd.io/flux/components/kustomize/kustomizations/#service-account-reference) is an *(optional)*field used to specify the ServiceAccount to be impersonated while reconciling the Kustomization. | -| kustomizations[0].sourceRef | object | `{"apiVersion":"","kind":"GitRepository","name":"","namespace":""}` | [Reference](https://fluxcd.io/flux/components/kustomize/api/v1/#kustomize.toolkit.fluxcd.io/v1.CrossNamespaceSourceReference) of the source where the kustomization file is. | +| kustomizations[0].sourceRef | object | `{"apiVersion":"","kind":"GitRepository","name":"","namespace":"ns1"}` | [Reference](https://fluxcd.io/flux/components/kustomize/api/v1/#kustomize.toolkit.fluxcd.io/v1.CrossNamespaceSourceReference) of the source where the kustomization file is. | | kustomizations[0].sourceRef.apiVersion | string | `""` | string (Optional) API version of the referent. | | kustomizations[0].sourceRef.kind | string | `"GitRepository"` | string Kind of the referent. | | kustomizations[0].sourceRef.name | string | `""` | string Name of the referent. | -| kustomizations[0].sourceRef.namespace | string | `""` | string (Optional) Namespace of the referent, defaults to the namespace of the Kubernetes resource object that contains the reference. | +| kustomizations[0].sourceRef.namespace | string | `"ns1"` | string (Optional) Namespace of the referent, defaults to the namespace of the Kubernetes resource object that contains the reference. | | kustomizations[0].suspend | string | `nil` | [suspend](https://fluxcd.io/flux/components/kustomize/kustomizations/#suspend) is an *(optional)*boolean field to suspend the reconciliation of the Kustomization. When a Kustomization is suspended, new Source revisions are not applied to the cluster and drift detection/correction is paused. To resume normal reconciliation, set it back to false or remove the field. | -| kustomizations[0].targetNamespace | string | `""` | *(optional)* targetNamespace defines the namespace in the `kind: Kustomization` manifests. | +| kustomizations[0].targetnamespace | string | `"ns1"` | *(optional)* targetNamespace defines the namespace in the `kind: Kustomization` manifests. | | kustomizations[0].timeout | string | `nil` | *(optional)* [Timeout](https://fluxcd.io/flux/components/kustomize/api/v1/#kustomize.toolkit.fluxcd.io/v1.KustomizationSpec) for validation, apply and health checking operations. Defaults to ‘Interval’ duration. e.g. 1m | | kustomizations[0].wait | string | `nil` | [wait](https://fluxcd.io/flux/components/kustomize/kustomizations/#wait) is an *(optional)*boolean field to perform health checks for all reconciled resources as part of the Kustomization. If set to true, .spec.healthChecks is ignored. | diff --git a/helm/charts/mcp/flux-config/values.ci.yaml b/helm/charts/mcp/flux-config/values.ci.yaml index eb63c8b..af2fcf2 100644 --- a/helm/charts/mcp/flux-config/values.ci.yaml +++ b/helm/charts/mcp/flux-config/values.ci.yaml @@ -2,7 +2,7 @@ ###! /!\ this file is only used in github pipeline to template a valid and NOT empty helm manifest! ##### ######################################################################################################################## kustomizations: - - name: nexus-cobalt-root-app + - name: chrome-hub-root-app namespace: "default" interval: "10s" path: "manifests/application/root" @@ -106,7 +106,7 @@ kustomizations: kind: "GitRepository" name: "mcp-blueprint-building-blocks" dependsOn: - - name: nexus-cobalt-root-app + - name: chrome-hub-root-app ######################################################################################################################## gitRepositorys: - name: "mcp-blueprint-building-blocks" diff --git a/helm/charts/mcp/flux-config/values.yaml b/helm/charts/mcp/flux-config/values.yaml index 56d17a7..b8a271c 100644 --- a/helm/charts/mcp/flux-config/values.yaml +++ b/helm/charts/mcp/flux-config/values.yaml @@ -10,7 +10,7 @@ gitRepositorys: # gitRepositorys[0].name -- defines k8s [`metadata.name`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: GitRepository` - name: "" # -- *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: GitRepository` - namespace: "" + namespace: "ns1" # spec -- defines k8s `spec` structured value of `kind: GitRepository`. See [API broswer](https://fluxcd.io/flux/components/source/api/v1/#source.toolkit.fluxcd.io/v1.GitRepositorySpec) spec: # -- [Interval](https://fluxcd.io/flux/components/source/api/v1/#source.toolkit.fluxcd.io/v1.GitRepositorySpec) at which the GitRepository URL is checked for updates. This interval is approximate and may be subject to jitter to ensure efficient use of resources. @@ -29,9 +29,9 @@ gitRepositorys: # gitRepositorys[0].kustomizations[0].name -- defines k8s [`metadata.name`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Kustomization` e.g. "co-helm-charts-blueprint" - name: "" # -- *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Kustomization` - namespace: "" + namespace: "ns1" # -- *(optional)* targetNamespace defines the namespace in the `kind: Kustomization` manifests. - targetNamespace: "" + targetnamespace: "ns1" # -- The [interval](https://fluxcd.io/flux/components/kustomize/api/v1/#kustomize.toolkit.fluxcd.io/v1.KustomizationSpec) at which to reconcile the Kustomization. This interval is approximate and may be subject to jitter to ensure efficient use of resources. E.g. 10s interval: # -- *(optional)* [Path](https://fluxcd.io/flux/components/kustomize/api/v1/#kustomize.toolkit.fluxcd.io/v1.KustomizationSpec) to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml should be generated for. Defaults to ‘None’, which translates to the root path of the SourceRef. e.g. "./manifests/mcps/j4azdfnld24bts5.laasds.shoot.live.k8s-hana.ondemand.com" @@ -78,9 +78,9 @@ kustomizations: # kustomizations[0].name -- defines k8s [`metadata.name`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Kustomization` e.g. "co-helm-charts-blueprint" - name: "" # -- *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Kustomization` - namespace: "" + namespace: "ns1" # -- *(optional)* targetNamespace defines the namespace in the `kind: Kustomization` manifests. - targetNamespace: "" + targetnamespace: "ns1" # -- The [interval](https://fluxcd.io/flux/components/kustomize/api/v1/#kustomize.toolkit.fluxcd.io/v1.KustomizationSpec) at which to reconcile the Kustomization. This interval is approximate and may be subject to jitter to ensure efficient use of resources. E.g. 10s interval: # -- *(optional)* [Path](https://fluxcd.io/flux/components/kustomize/api/v1/#kustomize.toolkit.fluxcd.io/v1.KustomizationSpec) to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml should be generated for. Defaults to ‘None’, which translates to the root path of the SourceRef. e.g. "./manifests/mcps/j4azdfnld24bts5.laasds.shoot.live.k8s-hana.ondemand.com" @@ -98,7 +98,7 @@ kustomizations: # -- string Name of the referent. name: "" # -- string (Optional) Namespace of the referent, defaults to the namespace of the Kubernetes resource object that contains the reference. - namespace: "" + namespace: "ns1" # -- [dependsOn](https://fluxcd.io/flux/components/kustomize/kustomizations/#dependencies) is an *(optional)*list used to refer to other Kustomization objects that the Kustomization depends on. If specified, then the Kustomization is only applied after the referred Kustomizations are ready, i.e. have the Ready condition marked as True. The readiness state of a Kustomization is determined by its last applied status condition. dependsOn: {} # -- [healthChecks](https://fluxcd.io/flux/components/kustomize/kustomizations/#health-checks) is an *(optional)*list used to refer to resources for which the controller will perform health checks used to determine the rollout status of deployed workloads and the Ready status of custom resources. @@ -137,7 +137,7 @@ credentials: # credentials[0].name -- defines k8s `metadata.name` value of `kind: Secret` - name: "" # -- *(optional)* defines k8s [`metadata.namespace`](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/#ObjectMeta) value of `kind: Secret` - namespace: "" + namespace: "ns1" # -- *(optional)* [stringData](https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/secret-v1/) *(map[string]string)* allows specifying non-binary secret data in string form. It is provided as a write-only input field for convenience. All keys and values are merged into the data field on write, overwriting any existing values. The stringData field is never output when reading from the API. stringData: [] # -- *(optional)* [data](https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/secret-v1/) *(map[string][]byte)* Data contains the secret data. Each key must consist of alphanumeric characters, '-', '_' or '.'. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4 diff --git a/helm/charts/mcp/k8s-validating-admission-policy/Chart.yaml b/helm/charts/mcp/k8s-validating-admission-policy/Chart.yaml index d418602..36ef619 100644 --- a/helm/charts/mcp/k8s-validating-admission-policy/Chart.yaml +++ b/helm/charts/mcp/k8s-validating-admission-policy/Chart.yaml @@ -14,7 +14,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.2 +version: 0.0.3 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/helm/charts/mcp/k8s-validating-admission-policy/README.md b/helm/charts/mcp/k8s-validating-admission-policy/README.md index e2ad841..db928b7 100644 --- a/helm/charts/mcp/k8s-validating-admission-policy/README.md +++ b/helm/charts/mcp/k8s-validating-admission-policy/README.md @@ -2,12 +2,13 @@ # k8s-validating-admission-policy -![Version: 0.0.2](https://img.shields.io/badge/Version-0.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) +![Version: 0.0.3](https://img.shields.io/badge/Version-0.0.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) A Helm Chart to orchestrate k8s ValidatingAdmissionPolicy & ValidatingAdmissionPolicyBinding ## Source Code +* * ## Requirements diff --git a/helm/charts/mcp/sap-btp-services/Chart.yaml b/helm/charts/mcp/sap-btp-services/Chart.yaml index 1c6b046..b0e0076 100644 --- a/helm/charts/mcp/sap-btp-services/Chart.yaml +++ b/helm/charts/mcp/sap-btp-services/Chart.yaml @@ -14,7 +14,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.9 +version: 0.0.10 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/helm/charts/mcp/sap-btp-services/README.md b/helm/charts/mcp/sap-btp-services/README.md index 1fee52c..09608c2 100644 --- a/helm/charts/mcp/sap-btp-services/README.md +++ b/helm/charts/mcp/sap-btp-services/README.md @@ -2,15 +2,13 @@ # sap-btp-services -![Version: 0.0.9](https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.2.0](https://img.shields.io/badge/AppVersion-0.2.0-informational?style=flat-square) +![Version: 0.0.10](https://img.shields.io/badge/Version-0.0.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.2.0](https://img.shields.io/badge/AppVersion-0.2.0-informational?style=flat-square) A Helm Chart to create dynamically SAP BTP Services instances and bindings. -**Homepage:** - ## Source Code -* +* * ## Requirements diff --git a/helm/charts/mcp/sap-btp-services/values.ci.yaml b/helm/charts/mcp/sap-btp-services/values.ci.yaml index 5f132ea..1e4fce0 100644 --- a/helm/charts/mcp/sap-btp-services/values.ci.yaml +++ b/helm/charts/mcp/sap-btp-services/values.ci.yaml @@ -5,7 +5,7 @@ services: - name: "identityApplication" namespace: "default" instance: - name: "ketos-op-cluster-ias" + name: "openmcp-op-cluster-ias" serviceOfferingName: "identity" servicePlanName: "application" parameters: @@ -19,7 +19,7 @@ services: multi-tenant: true xsuaa-cross-consumption: true bindings: - - name: "ketos-op-cluster-ias" + - name: "openmcp-op-cluster-ias" secretName: "btp-ias" parameters: credential-type: SECRET @@ -189,7 +189,7 @@ services: - name: "cloudLoggingStandardOperationCluster" namespace: "default" instance: - name: "ketos-op-cluster-cls" + name: "openmcp-op-cluster-cls" serviceOfferingName: "cloud-logging" servicePlanName: "standard" # -- cloud logging service config: list of parameter: https://pages.github.tools.sap/perfx/cloud-logging-service/consumption/service-configuration-parameters/ @@ -200,7 +200,7 @@ services: ingest_otlp: enabled: true bindings: - - name: "ketos-op-cluster-cls" + - name: "openmcp-op-cluster-cls" secretName: "btp-cls" parameters: {} credentialsRotationPolicy: @@ -211,7 +211,7 @@ services: - name: "dynatraceEnvironmentOperationCluster" namespace: "default" instance: - name: "ketos-op-cluster-dynatrace" + name: "openmcp-op-cluster-dynatrace" serviceOfferingName: "dynatrace" servicePlanName: "environment" parameters: @@ -232,8 +232,8 @@ services: service_parameters: skiperrors: 'true' bindings: - - name: "ketos-op-cluster-dynatrace-provider" - secretName: "ketos-op-cluster-dynatrace-provider" + - name: "openmcp-op-cluster-dynatrace-provider" + secretName: "openmcp-op-cluster-dynatrace-provider" parameters: tokens: - name: apiToken @@ -285,8 +285,8 @@ services: rotationFrequency: 2160h #90 days rotatedBindingTTL: 48h - enable: true - name: "ketos-op-cluster-dynatrace-operator" - secretName: "ketos-op-cluster-dynatrace-operator" + name: "openmcp-op-cluster-dynatrace-operator" + secretName: "openmcp-op-cluster-dynatrace-operator" parameters: tokens: - name: apiToken diff --git a/helm/charts/test-custom-chart/Chart.yaml b/helm/charts/test-custom-chart/Chart.yaml index c5081d4..14d3496 100644 --- a/helm/charts/test-custom-chart/Chart.yaml +++ b/helm/charts/test-custom-chart/Chart.yaml @@ -13,7 +13,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.8 +version: 0.0.9 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. diff --git a/helm/charts/test-custom-chart/README.md b/helm/charts/test-custom-chart/README.md index f7dee73..a3c09d3 100644 --- a/helm/charts/test-custom-chart/README.md +++ b/helm/charts/test-custom-chart/README.md @@ -1,6 +1,8 @@ + + # test-custom-chart -![Version: 0.0.8](https://img.shields.io/badge/Version-0.0.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.16.0](https://img.shields.io/badge/AppVersion-1.16.0-informational?style=flat-square) +![Version: 0.0.9](https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.16.0](https://img.shields.io/badge/AppVersion-1.16.0-informational?style=flat-square) A Helm chart to test github action and workflows. NOTHING MORE! @@ -20,60 +22,62 @@ A Helm chart to test github action and workflows. NOTHING MORE! | Key | Type | Default | Description | |-----|------|---------|-------------| -| affinity | object | `{}` | | -| autoscaling.enabled | bool | `false` | | -| autoscaling.maxReplicas | int | `100` | | -| autoscaling.minReplicas | int | `1` | | -| autoscaling.targetCPUUtilizationPercentage | int | `80` | | -| fullnameOverride | string | `""` | full name override | -| image.pullPolicy | string | `"IfNotPresent"` | | +| sap-btp-services.services[0].name | string | `"identityApplication"` | | +| sap-btp-services.services[0].namespace | string | `"default"` | | +| sap-btp-services.services[0].instance.name | string | `"openmcp-op-cluster-ias"` | | +| sap-btp-services.services[0].instance.serviceOfferingName | string | `"identity"` | | +| sap-btp-services.services[0].instance.servicePlanName | string | `"application"` | | +| sap-btp-services.services[0].instance.parameters.oauth2-configuration.redirect-uris[0] | string | `"https://*.../oauth2/callback"` | | +| sap-btp-services.services[0].instance.parameters.oauth2-configuration.redirect-uris[1] | string | `"https://*.../callback"` | | +| sap-btp-services.services[0].instance.parameters.oauth2-configuration.redirect-uris[2] | string | `"https://*.../*"` | | +| sap-btp-services.services[0].instance.parameters.consumed-apis | list | `[]` | | +| sap-btp-services.services[0].instance.parameters.display-name | string | `""` | | +| sap-btp-services.services[0].instance.parameters.multi-tenant | bool | `true` | | +| sap-btp-services.services[0].instance.parameters.xsuaa-cross-consumption | bool | `true` | | +| sap-btp-services.services[0].bindings[0].name | string | `"openmcp-op-cluster-ias"` | | +| sap-btp-services.services[0].bindings[0].secretName | string | `"btp-ias"` | | +| sap-btp-services.services[0].bindings[0].parameters.credential-type | string | `"SECRET"` | | +| sap-btp-services.services[0].bindings[0].credentialsRotationPolicy.enabled | bool | `true` | | +| sap-btp-services.services[0].bindings[0].credentialsRotationPolicy.rotationFrequency | string | `"480h"` | | +| sap-btp-services.services[0].bindings[0].credentialsRotationPolicy.rotatedBindingTTL | string | `"2h"` | | +| replicaCount | int | `1` | replication count | | image.repository | string | `"nginx"` | | +| image.pullPolicy | string | `"IfNotPresent"` | | | image.tag | string | `""` | | | imagePullSecrets | list | `[]` | | -| ingress.annotations | object | `{}` | | -| ingress.className | string | `""` | | +| nameOverride | string | `""` | name override | +| fullnameOverride | string | `""` | full name override | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.automount | bool | `true` | Automatically mount a ServiceAccount's API credentials? | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.name | string | `""` | | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| securityContext | object | `{}` | | +| service.type | string | `"ClusterIP"` | | +| service.port | int | `80` | | | ingress.enabled | bool | `false` | | +| ingress.className | string | `""` | | +| ingress.annotations | object | `{}` | | | ingress.hosts[0].host | string | `"chart-example.local"` | | | ingress.hosts[0].paths[0].path | string | `"/"` | | | ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | | ingress.tls | list | `[]` | | +| resources | object | `{}` | | | livenessProbe.httpGet.path | string | `"/"` | | | livenessProbe.httpGet.port | string | `"http"` | | -| nameOverride | string | `""` | name override | -| nodeSelector | object | `{}` | | -| podAnnotations | object | `{}` | | -| podLabels | object | `{}` | | -| podSecurityContext | object | `{}` | | | readinessProbe.httpGet.path | string | `"/"` | | | readinessProbe.httpGet.port | string | `"http"` | | -| replicaCount | int | `1` | replication count | -| resources | object | `{}` | | -| sap-btp-services.services[0].bindings[0].credentialsRotationPolicy.enabled | bool | `true` | | -| sap-btp-services.services[0].bindings[0].credentialsRotationPolicy.rotatedBindingTTL | string | `"2h"` | | -| sap-btp-services.services[0].bindings[0].credentialsRotationPolicy.rotationFrequency | string | `"480h"` | | -| sap-btp-services.services[0].bindings[0].name | string | `"ketos-op-cluster-ias"` | | -| sap-btp-services.services[0].bindings[0].parameters.credential-type | string | `"SECRET"` | | -| sap-btp-services.services[0].bindings[0].secretName | string | `"btp-ias"` | | -| sap-btp-services.services[0].instance.name | string | `"ketos-op-cluster-ias"` | | -| sap-btp-services.services[0].instance.parameters.consumed-apis | list | `[]` | | -| sap-btp-services.services[0].instance.parameters.display-name | string | `""` | | -| sap-btp-services.services[0].instance.parameters.multi-tenant | bool | `true` | | -| sap-btp-services.services[0].instance.parameters.oauth2-configuration.redirect-uris[0] | string | `"https://*.../oauth2/callback"` | | -| sap-btp-services.services[0].instance.parameters.oauth2-configuration.redirect-uris[1] | string | `"https://*.../callback"` | | -| sap-btp-services.services[0].instance.parameters.oauth2-configuration.redirect-uris[2] | string | `"https://*.../*"` | | -| sap-btp-services.services[0].instance.parameters.xsuaa-cross-consumption | bool | `true` | | -| sap-btp-services.services[0].instance.serviceOfferingName | string | `"identity"` | | -| sap-btp-services.services[0].instance.servicePlanName | string | `"application"` | | -| sap-btp-services.services[0].name | string | `"identityApplication"` | | -| sap-btp-services.services[0].namespace | string | `"default"` | | -| securityContext | object | `{}` | | -| service.port | int | `80` | | -| service.type | string | `"ClusterIP"` | | -| serviceAccount.annotations | object | `{}` | | -| serviceAccount.automount | bool | `true` | Automatically mount a ServiceAccount's API credentials? | -| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | -| serviceAccount.name | string | `""` | | -| tolerations | list | `[]` | | -| volumeMounts | list | `[]` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | | volumes | list | `[]` | | +| volumeMounts | list | `[]` | | +| nodeSelector | object | `{}` | | +| tolerations | list | `[]` | | +| affinity | object | `{}` | | +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) \ No newline at end of file diff --git a/helm/charts/test-custom-chart/values.yaml b/helm/charts/test-custom-chart/values.yaml index d20daa7..58c351c 100644 --- a/helm/charts/test-custom-chart/values.yaml +++ b/helm/charts/test-custom-chart/values.yaml @@ -6,7 +6,7 @@ sap-btp-services: - name: "identityApplication" namespace: "default" instance: - name: "ketos-op-cluster-ias" + name: "openmcp-op-cluster-ias" serviceOfferingName: "identity" servicePlanName: "application" parameters: @@ -20,7 +20,7 @@ sap-btp-services: multi-tenant: true xsuaa-cross-consumption: true bindings: - - name: "ketos-op-cluster-ias" + - name: "openmcp-op-cluster-ias" secretName: "btp-ias" parameters: credential-type: SECRET diff --git a/manifests/helm/charts/test-custom-chart/test-custom-chart/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml b/manifests/helm/charts/test-custom-chart/test-custom-chart/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml index d8a7b1e..3611690 100644 --- a/manifests/helm/charts/test-custom-chart/test-custom-chart/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml +++ b/manifests/helm/charts/test-custom-chart/test-custom-chart/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml @@ -3,13 +3,13 @@ apiVersion: services.cloud.sap.com/v1alpha1 kind: ServiceBinding metadata: - name: ketos-op-cluster-ias + name: openmcp-op-cluster-ias namespace: default labels: openmcp.cloud/blueprint-building-block: "sap-btp-services" - openmcp.cloud/blueprint-building-block-version: "0.0.9" + openmcp.cloud/blueprint-building-block-version: "0.0.10" spec: - serviceInstanceName: ketos-op-cluster-ias + serviceInstanceName: openmcp-op-cluster-ias secretName: btp-ias parameters: credential-type: SECRET diff --git a/manifests/helm/charts/test-custom-chart/test-custom-chart/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml b/manifests/helm/charts/test-custom-chart/test-custom-chart/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml index b3fd306..5118db8 100644 --- a/manifests/helm/charts/test-custom-chart/test-custom-chart/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml +++ b/manifests/helm/charts/test-custom-chart/test-custom-chart/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml @@ -3,11 +3,11 @@ apiVersion: services.cloud.sap.com/v1alpha1 kind: ServiceInstance metadata: - name: ketos-op-cluster-ias + name: openmcp-op-cluster-ias namespace: default labels: openmcp.cloud/blueprint-building-block: "sap-btp-services" - openmcp.cloud/blueprint-building-block-version: "0.0.9" + openmcp.cloud/blueprint-building-block-version: "0.0.10" spec: serviceOfferingName: identity servicePlanName: application diff --git a/manifests/helm/charts/test-custom-chart/test-custom-chart/templates/deployment.yaml b/manifests/helm/charts/test-custom-chart/test-custom-chart/templates/deployment.yaml index 47476eb..030ece4 100644 --- a/manifests/helm/charts/test-custom-chart/test-custom-chart/templates/deployment.yaml +++ b/manifests/helm/charts/test-custom-chart/test-custom-chart/templates/deployment.yaml @@ -6,8 +6,8 @@ metadata: name: helm-release-name-test-custom-chart labels: openmcp.cloud/blueprint-building-block: "test-custom-chart" - openmcp.cloud/blueprint-building-block-version: "0.0.8" - helm.sh/chart: test-custom-chart-0.0.8 + openmcp.cloud/blueprint-building-block-version: "0.0.9" + helm.sh/chart: test-custom-chart-0.0.9 app.kubernetes.io/name: test-custom-chart app.kubernetes.io/instance: helm-release-name app.kubernetes.io/version: "1.16.0" @@ -21,7 +21,7 @@ spec: template: metadata: labels: - helm.sh/chart: test-custom-chart-0.0.8 + helm.sh/chart: test-custom-chart-0.0.9 app.kubernetes.io/name: test-custom-chart app.kubernetes.io/instance: helm-release-name app.kubernetes.io/version: "1.16.0" diff --git a/manifests/helm/charts/test-custom-chart/test-custom-chart/templates/service.yaml b/manifests/helm/charts/test-custom-chart/test-custom-chart/templates/service.yaml index 175bd22..258fc8b 100644 --- a/manifests/helm/charts/test-custom-chart/test-custom-chart/templates/service.yaml +++ b/manifests/helm/charts/test-custom-chart/test-custom-chart/templates/service.yaml @@ -6,8 +6,8 @@ metadata: name: helm-release-name-test-custom-chart labels: openmcp.cloud/blueprint-building-block: "test-custom-chart" - openmcp.cloud/blueprint-building-block-version: "0.0.8" - helm.sh/chart: test-custom-chart-0.0.8 + openmcp.cloud/blueprint-building-block-version: "0.0.9" + helm.sh/chart: test-custom-chart-0.0.9 app.kubernetes.io/name: test-custom-chart app.kubernetes.io/instance: helm-release-name app.kubernetes.io/version: "1.16.0" diff --git a/manifests/helm/charts/test-custom-chart/test-custom-chart/templates/serviceaccount.yaml b/manifests/helm/charts/test-custom-chart/test-custom-chart/templates/serviceaccount.yaml index e385714..8e4af5b 100644 --- a/manifests/helm/charts/test-custom-chart/test-custom-chart/templates/serviceaccount.yaml +++ b/manifests/helm/charts/test-custom-chart/test-custom-chart/templates/serviceaccount.yaml @@ -6,8 +6,8 @@ metadata: name: helm-release-name-test-custom-chart labels: openmcp.cloud/blueprint-building-block: "test-custom-chart" - openmcp.cloud/blueprint-building-block-version: "0.0.8" - helm.sh/chart: test-custom-chart-0.0.8 + openmcp.cloud/blueprint-building-block-version: "0.0.9" + helm.sh/chart: test-custom-chart-0.0.9 app.kubernetes.io/name: test-custom-chart app.kubernetes.io/instance: helm-release-name app.kubernetes.io/version: "1.16.0" diff --git a/manifests/helm/charts/test-custom-chart/test-custom-chart/templates/tests/test-connection.yaml b/manifests/helm/charts/test-custom-chart/test-custom-chart/templates/tests/test-connection.yaml index d002308..954c6fd 100644 --- a/manifests/helm/charts/test-custom-chart/test-custom-chart/templates/tests/test-connection.yaml +++ b/manifests/helm/charts/test-custom-chart/test-custom-chart/templates/tests/test-connection.yaml @@ -6,8 +6,8 @@ metadata: name: "helm-release-name-test-custom-chart-test-connection" labels: openmcp.cloud/blueprint-building-block: "test-custom-chart" - openmcp.cloud/blueprint-building-block-version: "0.0.8" - helm.sh/chart: test-custom-chart-0.0.8 + openmcp.cloud/blueprint-building-block-version: "0.0.9" + helm.sh/chart: test-custom-chart-0.0.9 app.kubernetes.io/name: test-custom-chart app.kubernetes.io/instance: helm-release-name app.kubernetes.io/version: "1.16.0" diff --git a/reuse.spdx b/reuse.spdx deleted file mode 100644 index 1a88664..0000000 --- a/reuse.spdx +++ /dev/null @@ -1,28 +0,0 @@ -SPDXVersion: SPDX-2.1 -DataLicense: CC0-1.0 -SPDXID: SPDXRef-DOCUMENT -DocumentName: blueprint-building-blocks -DocumentNamespace: http://spdx.org/spdxdocs/spdx-v2.1-d8ff899e-62fa-42dd-a1aa-fcd06c45b1db -Creator: Person: Anonymous () -Creator: Organization: Anonymous () -Creator: Tool: reuse-5.0.2 -Created: 2025-03-13T13:04:04Z -CreatorComment: This document was created automatically using available reuse information consistent with REUSE. -Relationship: SPDXRef-DOCUMENT DESCRIBES SPDXRef-4838f7c16598a2da436b28259c93e38b -Relationship: SPDXRef-DOCUMENT DESCRIBES SPDXRef-828bf8e1370ac6feaed9d6ebb8aa3737 - -FileName: ./CONTRIBUTING.md -SPDXID: SPDXRef-4838f7c16598a2da436b28259c93e38b -FileChecksum: SHA1: 517f021cf975adeb467e195b785b775ab133a1e7 -LicenseConcluded: NOASSERTION -LicenseInfoInFile: Apache-2.0 -FileCopyrightText: 2025 SAP SE or an SAP affiliate company and blueprint-building-blocks contributors - -FileName: ./README.md -SPDXID: SPDXRef-828bf8e1370ac6feaed9d6ebb8aa3737 -FileChecksum: SHA1: 9f9ce2dc7f6cf67abda08a0eec169e933a00aa59 -LicenseConcluded: NOASSERTION -LicenseInfoInFile: Apache-2.0 -FileCopyrightText: 2025 SAP SE or an SAP affiliate company and blueprint-building-blocks contributors -Copyright 2025 SAP SE or an SAP affiliate company and blueprint-building-blocks contributors. Please see our [LICENSE](LICENSE) for copyright and license information. Detailed information including third-party components and their licensing/copyright information is available [via the REUSE tool](https://api.reuse.software/info/github.com/openmcp-project/blueprint-building-blocks). -