Add subscriptionsRef and refactor XR handling (#56)

* Add subscriptionsRef capability

Signed-off-by: Yury Tsarev <[email protected]>

* Generate new subscriptionsRef field

Signed-off-by: Yury Tsarev <[email protected]>

* refactor XR handling, add subscriptionsRef render example

* Standardize XR status handling across operations.
* Always take DXR into account
* Add subscriptionsRef render/e2e example

Signed-off-by: Yury Tsarev <[email protected]>

* Consistent OXR/DXR handling

Signed-off-by: Yury Tsarev <[email protected]>

* Enable dot notation for subscriptionsRef status and context

Using crossplane-runtime fieldpath

Signed-off-by: Yury Tsarev <[email protected]>

* Add tests for nested and bracket subscriptionsRef from status

Signed-off-by: Yury Tsarev <[email protected]>

* Add dot notation and bracket tests for subscriptionsRef from context

Signed-off-by: Yury Tsarev <[email protected]>

* Extend README

Signed-off-by: Yury Tsarev <[email protected]>

---------

Signed-off-by: Yury Tsarev <[email protected]>

Author: ytsarev

README.md

@@ -125,6 +125,30 @@ using the optional `skipQueryWhenTargetHasData` flag:
 
 Use this option carefully, as it may lead to stale query results over time.
 
+## Explicit Subscriptions scope
+
+It is possible to specify explicit subscriptions scope and override the one that
+is coming from credentials
+
+```yaml
+      kind: Input
+      query: "Resources | project name, location, type, id| where type =~ 'Microsoft.Compute/virtualMachines' | order by name desc"
+      subscriptions:
+        - 00000000-0000-0000-0000-000000000001
+        - 00000000-0000-0000-0000-000000000002
+      target: "status.azResourceGraphQueryResult"
+```
+
+There is also possible to use references from status and context.
+
+
+```yaml
+subscriptionsRef: status.subscriptions
+```
+
+```yaml
+subscriptionsRef: "context.[apiextensions.crossplane.io/environment].subscriptions"
+```
 
 [azresourcegraph]: https://learn.microsoft.com/en-us/azure/governance/resource-graph/
 [azop]: https://marketplace.upbound.io/providers/upbound/provider-family-azure/latest

example/subscriptionsRef-from-environment/Makefile

@@ -0,0 +1,3 @@
+.PHONY: render
+render:
+	crossplane render ../xr.yaml composition.yaml ./functions.yaml --function-credentials=../secrets/azure-creds.yaml --extra-resources=envconfig.yaml  -rc

example/subscriptionsRef-from-environment/composition.yaml

@@ -0,0 +1,36 @@
+apiVersion: apiextensions.crossplane.io/v1
+kind: Composition
+metadata:
+  name: function-azresourcegraph
+spec:
+  compositeTypeRef:
+    apiVersion: example.crossplane.io/v1
+    kind: XR
+  mode: Pipeline
+  pipeline:
+  - step: environmentConfigs
+    functionRef:
+      name: crossplane-contrib-function-environment-configs
+    input:
+      apiVersion: environmentconfigs.fn.crossplane.io/v1beta1
+      kind: Input
+      spec:
+        environmentConfigs:
+          - type: Reference
+            ref:
+              name: example-config
+  - step: query-azresourcegraph
+    functionRef:
+      name: function-azresourcegraph
+    input:
+      apiVersion: azresourcegraph.fn.crossplane.io/v1beta1
+      kind: Input
+      queryRef: "context.[apiextensions.crossplane.io/environment].azResourceGraphQuery"
+      subscriptionsRef: "context.[apiextensions.crossplane.io/environment].subscriptions"
+      target: "status.azResourceGraphQueryResult"
+    credentials:
+      - name: azure-creds
+        source: Secret
+        secretRef:
+          namespace: upbound-system
+          name: azure-account-creds

example/subscriptionsRef-from-environment/definition.yaml

@@ -0,0 +1,43 @@
+apiVersion: apiextensions.crossplane.io/v1
+kind: CompositeResourceDefinition
+metadata:
+  name: xrs.example.crossplane.io
+spec:
+  group: example.crossplane.io
+  names:
+    categories:
+    - crossplane
+    kind: XR
+    plural: xrs
+  versions:
+  - name: v1
+    referenceable: true
+    schema:
+      openAPIV3Schema:
+        description: XR is the Schema for the XR API.
+        properties:
+          spec:
+            description: XRSpec defines the desired state of XR.
+            type: object
+          status:
+            description: XRStatus defines the observed state of XR.
+            type: object
+            properties:
+              azResourceGraphQueryResult:
+                description: Freeform field containing query results from function-azresourcegraph
+                type: array
+                items:
+                  type: object
+                x-kubernetes-preserve-unknown-fields: true
+        required:
+        - spec
+        type: object
+    served: true
+status:
+  controllers:
+    compositeResourceClaimType:
+      apiVersion: ""
+      kind: ""
+    compositeResourceType:
+      apiVersion: ""
+      kind: ""

example/subscriptionsRef-from-environment/envconfig.yaml

@@ -0,0 +1,9 @@
+apiVersion: apiextensions.crossplane.io/v1alpha1
+kind: EnvironmentConfig
+metadata:
+  name: example-config
+data:
+  azResourceGraphQuery: "Resources|count"
+  subscriptions:
+    - 00000000-0000-0000-0000-000000000001
+    - 00000000-0000-0000-0000-000000000002

example/subscriptionsRef-from-environment/functions.yaml

@@ -0,0 +1,17 @@
+---
+apiVersion: pkg.crossplane.io/v1beta1
+kind: Function
+metadata:
+  name: function-azresourcegraph
+  annotations:
+    # This tells crossplane beta render to connect to the function locally.
+    render.crossplane.io/runtime: Development
+spec:
+  package: xpkg.upbound.io/upbound/function-azresourcegraph:v0.7.0
+---
+apiVersion: pkg.crossplane.io/v1beta1
+kind: Function
+metadata:
+  name: crossplane-contrib-function-environment-configs
+spec:
+  package: xpkg.upbound.io/crossplane-contrib/function-environment-configs:v0.2.0

example/subscriptionsRef-from-xr-status/Makefile

@@ -0,0 +1,3 @@
+.PHONY: render
+render:
+	crossplane render ./xr.yaml composition.yaml ./functions.yaml --function-credentials=../secrets/azure-creds.yaml  -rc

example/subscriptionsRef-from-xr-status/composition.yaml

@@ -0,0 +1,40 @@
+apiVersion: apiextensions.crossplane.io/v1
+kind: Composition
+metadata:
+  name: function-azresourcegraph
+spec:
+  compositeTypeRef:
+    apiVersion: example.crossplane.io/v1
+    kind: XR
+  mode: Pipeline
+  pipeline:
+    - step: query-to-status
+      functionRef:
+        name: function-go-templating
+      input:
+        apiVersion: gotemplating.fn.crossplane.io/v1beta1
+        kind: GoTemplate
+        source: Inline
+        inline:
+          template: |
+            apiVersion: example.crossplane.io/v1
+            kind: XR
+            status:
+              subscriptions:
+                - 00000000-0000-0000-0000-000000000001
+                - 00000000-0000-0000-0000-000000000002
+    - step: query-azresourcegraph
+      functionRef:
+        name: function-azresourcegraph
+      input:
+        apiVersion: azresourcegraph.fn.crossplane.io/v1beta1
+        kind: Input
+        query: "Resources | project name, location, type, id| where type =~ 'Microsoft.Compute/virtualMachines' | order by name desc"
+        target: "status.azResourceGraphQueryResult"
+        subscriptionsRef: status.subscriptions
+      credentials:
+        - name: azure-creds
+          source: Secret
+          secretRef:
+            namespace: upbound-system
+            name: azure-account-creds

example/subscriptionsRef-from-xr-status/definition.yaml

@@ -0,0 +1,55 @@
+apiVersion: apiextensions.crossplane.io/v1
+kind: CompositeResourceDefinition
+metadata:
+  name: xrs.example.crossplane.io
+spec:
+  group: example.crossplane.io
+  names:
+    categories:
+    - crossplane
+    kind: XR
+    plural: xrs
+  versions:
+  - name: v1
+    referenceable: true
+    schema:
+      openAPIV3Schema:
+        description: XR is the Schema for the XR API.
+        properties:
+          spec:
+            description: XRSpec defines the desired state of XR.
+            type: object
+            properties:
+              queryResourceType:
+                description: resource type for az resource query construction
+                type: string
+          status:
+            description: XRStatus defines the observed state of XR.
+            type: object
+            properties:
+              azResourceGraphQueryResult:
+                description: Freeform field containing query results from function-azresourcegraph
+                type: array
+                items:
+                  type: object
+                x-kubernetes-preserve-unknown-fields: true
+              azResourceGraphQuery:
+                description: Freeform field containing query results from function-azresourcegraph
+                type: string
+              subscriptions:
+                description: Field to dynamically propagate subscriptions IDs
+                type: array
+                items:
+                  type: string
+        required:
+        - spec
+        type: object
+    served: true
+status:
+  controllers:
+    compositeResourceClaimType:
+      apiVersion: ""
+      kind: ""
+    compositeResourceType:
+      apiVersion: ""
+      kind: ""

example/subscriptionsRef-from-xr-status/functions.yaml

@@ -0,0 +1,17 @@
+---
+apiVersion: pkg.crossplane.io/v1beta1
+kind: Function
+metadata:
+  name: function-azresourcegraph
+  annotations:
+    # This tells crossplane beta render to connect to the function locally.
+    render.crossplane.io/runtime: Development
+spec:
+  package: xpkg.upbound.io/upbound/function-azresourcegraph:v0.6.0
+---
+apiVersion: pkg.crossplane.io/v1beta1
+kind: Function
+metadata:
+  name: function-go-templating
+spec:
+  package: xpkg.upbound.io/crossplane-contrib/function-go-templating:v0.9.2