projects / osm / devops.git / blob
? search:


18c739dfed965acc0b0f627ae44d562e21a79aa0
[osm/devops.git] /
1 #######################################################################################
2 # Copyright ETSI Contributors and Others.
3 #
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
7 #
8 #    http://www.apache.org/licenses/LICENSE-2.0
9 #
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
13 # implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
16 #######################################################################################
17
18 apiVersion: argoproj.io/v1alpha1
19 kind: WorkflowTemplate
20 metadata:
21   name: cloud-accounts-wft
22   namespace: osm-workflows
23 spec:
24   templates:
25
26   # Create a `ProviderConfig` for CrossPlane
27   - name: create-crossplane-providerconfig
28     inputs:
29       parameters:
30       # Volumes with cloned repos
31       - name: fleet_volume_name
32       - name: fleet_mount_path
33         value: "/fleet"
34       - name: sw_catalogs_volume_name
35       - name: sw_catalogs_mount_path
36         value: "/sw-catalogs"
37
38       # Specific parameters
39       - name: providerconfig_name
40       ## As of today, one among `azure`, `aws` or `gcp`
41       - name: provider_type
42       ## Final secret to reference from the `ProviderConfig`
43       - name: cred_secret_name
44       ## Temporary secret with secret contents for the workflow
45       ## - If `temp_cred_secret_name` is empty, assumes that the final secret already exists
46       - name: temp_cred_secret_name
47         value: ""
48       - name: temp_cred_secret_key
49         value: "creds"
50       - name: age_public_key_mgmt
51       - name: osm_project_name
52         value: "osm_admin"
53       ## Specific parameters - GCP only
54       - name: target_gcp_project
55         value: ""
56       # Debug?
57       - name: debug
58         value: "false"
59
60       # Other parameters - Do not touch
61       - name: cred_secret_key
62         value: "creds"
63       - name: mgmt_cluster_name
64         value: "_management"
65       - name: cred_secret_ns
66         value: "crossplane-system"
67       - name: base_templates_path
68         value: "infra-configs/crossplane/providers"
69       - name: cloned_fleet_folder_name
70         value: "fleet-osm"
71       - name: cloned_sw_catalogs_folder_name
72         value: "sw-catalogs-osm"
73
74     container:
75       image: ttl.sh/osm-krm-functions:24h
76       # imagePullPolicy: Always
77       env:
78       - name: CRED_SECRET_CONTENT
79         valueFrom:
80           secretKeyRef:
81             name: "{{inputs.parameters.temp_cred_secret_name}}"
82             key: "{{inputs.parameters.temp_cred_secret_key}}"
83           default: ""
84       - name: DEBUG
85         value: "{{inputs.parameters.debug}}"
86       command: ["/app/scripts/entrypoint.sh"]
87       args:
88       - create_crossplane_providerconfig
89       - "{{inputs.parameters.providerconfig_name}}"
90       - "{{inputs.parameters.provider_type}}"
91       - "{{inputs.parameters.cred_secret_name}}"
92       - "{{inputs.parameters.cred_secret_key}}"
93       - "{{inputs.parameters.cred_secret_ns}}"
94       - ''
95       - "{{inputs.parameters.age_public_key_mgmt}}"
96       - "{{inputs.parameters.fleet_mount_path}}/{{inputs.parameters.cloned_fleet_folder_name}}"
97       - "{{inputs.parameters.sw_catalogs_mount_path}}/{{inputs.parameters.cloned_sw_catalogs_folder_name}}"
98       - "{{inputs.parameters.target_gcp_project}}"
99       - "{{inputs.parameters.base_templates_path}}"
100       - "{{inputs.parameters.osm_project_name}}"
101       - "{{inputs.parameters.mgmt_cluster_name}}"
102       volumeMounts:
103       - name: fleet-repo-volume
104         mountPath: '{{inputs.parameters.fleet_mount_path}}'
105       - name: sw-catalogs-repo-volume
106         mountPath: '{{inputs.parameters.sw_catalogs_mount_path}}'
107     volumes:
108       - name: fleet-repo-volume
109         persistentVolumeClaim:
110           claimName: '{{inputs.parameters.fleet_volume_name}}'
111       - name: sw-catalogs-repo-volume
112         persistentVolumeClaim:
113           claimName: '{{inputs.parameters.sw_catalogs_volume_name}}'
114     securityContext:
115       fsGroup: 10000
116     #   runAsUser: 10000
117     #   runAsGroup: 10000
118
119
120   # Update a `ProviderConfig` for CrossPlane
121   - name: update-crossplane-providerconfig
122     inputs:
123       parameters:
124       # Volumes with cloned repos
125       - name: fleet_volume_name
126       - name: fleet_mount_path
127         value: "/fleet"
128       - name: sw_catalogs_volume_name
129       - name: sw_catalogs_mount_path
130         value: "/sw-catalogs"
131
132       # Specific parameters
133       - name: providerconfig_name
134       ## As of today, one among `azure`, `aws` or `gcp`
135       - name: provider_type
136       ## Final secret to reference from the `ProviderConfig`
137       - name: cred_secret_name
138       ## Temporary secret with secret contents for the workflow
139       ## - If `temp_cred_secret_name` is empty, assumes that the final secret already exists
140       - name: temp_cred_secret_name
141         value: ""
142       - name: temp_cred_secret_key
143         value: "creds"
144       - name: age_public_key_mgmt
145       - name: osm_project_name
146         value: "osm_admin"
147       ## Specific parameters - GCP only
148       - name: target_gcp_project
149         value: ""
150       # Debug?
151       - name: debug
152         value: "false"
153
154       # Other parameters - Do not touch
155       - name: cred_secret_key
156         value: "creds"
157       - name: mgmt_cluster_name
158         value: "_management"
159       - name: cred_secret_ns
160         value: "crossplane-system"
161       - name: base_templates_path
162         value: "infra-configs/crossplane/providers"
163       - name: cloned_fleet_folder_name
164         value: "fleet-osm"
165       - name: cloned_sw_catalogs_folder_name
166         value: "sw-catalogs-osm"
167
168     container:
169       image: ttl.sh/osm-krm-functions:24h
170       # imagePullPolicy: Always
171       env:
172       - name: CRED_SECRET_CONTENT
173         valueFrom:
174           secretKeyRef:
175             name: "{{inputs.parameters.temp_cred_secret_name}}"
176             key: "{{inputs.parameters.temp_cred_secret_key}}"
177           default: ""
178       - name: DEBUG
179         value: "{{inputs.parameters.debug}}"
180       command: ["/app/scripts/entrypoint.sh"]
181       args:
182       - update_crossplane_providerconfig
183       - "{{inputs.parameters.providerconfig_name}}"
184       - "{{inputs.parameters.provider_type}}"
185       - "{{inputs.parameters.cred_secret_name}}"
186       - "{{inputs.parameters.cred_secret_key}}"
187       - "{{inputs.parameters.cred_secret_ns}}"
188       - ''
189       - "{{inputs.parameters.age_public_key_mgmt}}"
190       - "{{inputs.parameters.fleet_mount_path}}/{{inputs.parameters.cloned_fleet_folder_name}}"
191       - "{{inputs.parameters.sw_catalogs_mount_path}}/{{inputs.parameters.cloned_sw_catalogs_folder_name}}"
192       - "{{inputs.parameters.target_gcp_project}}"
193       - "{{inputs.parameters.base_templates_path}}"
194       - "{{inputs.parameters.osm_project_name}}"
195       - "{{inputs.parameters.mgmt_cluster_name}}"
196       volumeMounts:
197       - name: fleet-repo-volume
198         mountPath: '{{inputs.parameters.fleet_mount_path}}'
199       - name: sw-catalogs-repo-volume
200         mountPath: '{{inputs.parameters.sw_catalogs_mount_path}}'
201     volumes:
202       - name: fleet-repo-volume
203         persistentVolumeClaim:
204           claimName: '{{inputs.parameters.fleet_volume_name}}'
205       - name: sw-catalogs-repo-volume
206         persistentVolumeClaim:
207           claimName: '{{inputs.parameters.sw_catalogs_volume_name}}'
208     securityContext:
209       fsGroup: 10000
210     #   runAsUser: 10000
211     #   runAsGroup: 10000
212
213
214
215   # Delete a `ProviderConfig` for CrossPlane
216   - name: delete-crossplane-providerconfig
217     inputs:
218       parameters:
219       # Volumes with cloned repos
220       - name: fleet_volume_name
221       - name: fleet_mount_path
222         value: "/fleet"
223       - name: sw_catalogs_volume_name
224       - name: sw_catalogs_mount_path
225         value: "/sw-catalogs"
226
227       # Specific parameters
228       - name: providerconfig_name
229       ## As of today, one among `azure`, `aws` or `gcp`
230       - name: provider_type
231       - name: osm_project_name
232         value: "osm_admin"
233       # Debug?
234       - name: debug
235         value: "false"
236
237       # Other parameters - Do not touch
238       - name: mgmt_cluster_name
239         value: "_management"
240       - name: cloned_fleet_folder_name
241         value: "fleet-osm"
242
243     container:
244       image: ttl.sh/osm-krm-functions:24h
245       # imagePullPolicy: Always
246       env:
247       - name: DEBUG
248         value: "{{inputs.parameters.debug}}"
249       command: ["/app/scripts/entrypoint.sh"]
250       args:
251       - delete_crossplane_providerconfig
252       - "{{inputs.parameters.providerconfig_name}}"
253       - "{{inputs.parameters.provider_type}}"
254       - "{{inputs.parameters.fleet_mount_path}}/{{inputs.parameters.cloned_fleet_folder_name}}"
255       - "{{inputs.parameters.osm_project_name}}"
256       - "{{inputs.parameters.mgmt_cluster_name}}"
257       volumeMounts:
258       - name: fleet-repo-volume
259         mountPath: '{{inputs.parameters.fleet_mount_path}}'
260     volumes:
261       - name: fleet-repo-volume
262         persistentVolumeClaim:
263           claimName: '{{inputs.parameters.fleet_volume_name}}'
264     securityContext:
265       fsGroup: 10000
266     #   runAsUser: 10000
267     #   runAsGroup: 10000