forked from vfarcic/crossplane-tutorial
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
10 changed files
with
313 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
project: dot | ||
providers: | ||
google_secretmanager: | ||
env: | ||
AWS_ACCESS_KEY_ID: | ||
path: projects/vfarcic/secrets/aws-access-key-id/versions/3 | ||
AWS_SECRET_ACCESS_KEY: | ||
path: projects/vfarcic/secrets/aws-secret-access-key/versions/3 | ||
AWS_ACCOUNT_ID: | ||
path: projects/vfarcic/secrets/aws-account-id/versions/1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
[default] | ||
aws_access_key_id = AKIAQRAT2ESBU3WLKJCF | ||
aws_secret_access_key = 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 | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
#!/bin/sh | ||
set -e | ||
|
||
gum style \ | ||
--foreground 212 --border-foreground 212 --border double \ | ||
--margin "1 2" --padding "2 4" \ | ||
'Destruction of the Managed Resources chapter. | ||
This script assumes that you jumped straight into this chapter. | ||
If that is not the case (if you are continuing from the previous | ||
chapter), please answer with "No" when asked whether you are | ||
ready to start.' | ||
|
||
gum confirm ' | ||
Are you ready to start? | ||
Select "Yes" only if you did NOT follow the story from the start (if you jumped straight into this chapter). | ||
Feel free to say "No" and inspect the script if you prefer setting up resources manually. | ||
' || exit 0 | ||
|
||
echo " | ||
## You will need following tools installed: | ||
|Name |Required |More info | | ||
|----------------|---------------------|---------------------------------------------------| | ||
|Linux Shell |Yes |Use WSL if you are running Windows | | ||
|Docker |Yes |'https://docs.docker.com/engine/install' | | ||
|kind CLI |Yes |'https://kind.sigs.k8s.io/docs/user/quick-start/#installation'| | ||
" | gum format | ||
|
||
gum confirm " | ||
Do you have those tools installed? | ||
" || exit 0 | ||
|
||
######################### | ||
# Control Plane Cluster # | ||
######################### | ||
|
||
kind delete cluster |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
--- | ||
apiVersion: ec2.aws.upbound.io/v1beta1 | ||
kind: Instance | ||
metadata: | ||
name: my-vm | ||
spec: | ||
forProvider: | ||
ami: ami-052efd3df9dad4825 | ||
region: us-east-1 | ||
instanceType: t2.micro | ||
subnetIdRef: | ||
name: my-vm | ||
tags: | ||
Name: my-vm | ||
--- | ||
apiVersion: ec2.aws.upbound.io/v1beta1 | ||
kind: InstanceState | ||
metadata: | ||
name: my-vm | ||
spec: | ||
forProvider: | ||
region: us-east-1 | ||
instanceIdRef: | ||
name: my-vm | ||
state: running | ||
--- | ||
apiVersion: ec2.aws.upbound.io/v1beta1 | ||
kind: VPC | ||
metadata: | ||
name: my-vm | ||
spec: | ||
forProvider: | ||
region: us-east-1 | ||
cidrBlock: 10.0.0.0/16 | ||
enableDnsSupport: true | ||
--- | ||
apiVersion: ec2.aws.upbound.io/v1beta1 | ||
kind: Subnet | ||
metadata: | ||
name: my-vm | ||
spec: | ||
forProvider: | ||
region: us-east-1 | ||
availabilityZone: us-east-1a | ||
cidrBlock: 10.0.0.0/24 | ||
vpcIdRef: | ||
name: my-vm | ||
mapPublicIpOnLaunch: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
--- | ||
apiVersion: ec2.aws.upbound.io/v1beta1 | ||
kind: Instance | ||
metadata: | ||
name: my-vm | ||
spec: | ||
forProvider: | ||
ami: ami-052efd3df9dad4825 | ||
region: us-east-1 | ||
instanceType: t2.nano | ||
subnetIdRef: | ||
name: my-vm | ||
tags: | ||
Name: my-vm | ||
--- | ||
apiVersion: ec2.aws.upbound.io/v1beta1 | ||
kind: InstanceState | ||
metadata: | ||
name: my-vm | ||
spec: | ||
forProvider: | ||
region: us-east-1 | ||
instanceIdRef: | ||
name: my-vm | ||
state: running | ||
--- | ||
apiVersion: ec2.aws.upbound.io/v1beta1 | ||
kind: VPC | ||
metadata: | ||
name: my-vm | ||
spec: | ||
forProvider: | ||
region: us-east-1 | ||
cidrBlock: 10.0.0.0/16 | ||
enableDnsSupport: true | ||
--- | ||
apiVersion: ec2.aws.upbound.io/v1beta1 | ||
kind: Subnet | ||
metadata: | ||
name: my-vm | ||
spec: | ||
forProvider: | ||
region: us-east-1 | ||
availabilityZone: us-east-1a | ||
cidrBlock: 10.0.0.0/24 | ||
vpcIdRef: | ||
name: my-vm | ||
mapPublicIpOnLaunch: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
--- | ||
apiVersion: aws.upbound.io/v1beta1 | ||
kind: ProviderConfig | ||
metadata: | ||
name: default | ||
spec: | ||
credentials: | ||
source: Secret | ||
secretRef: | ||
namespace: crossplane-system | ||
name: aws-creds | ||
key: creds |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
--- | ||
apiVersion: pkg.crossplane.io/v1 | ||
kind: Provider | ||
metadata: | ||
name: provider-aws-ec2 | ||
spec: | ||
package: xpkg.upbound.io/upbound/provider-aws-ec2:v0.46.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,131 @@ | ||
#!/bin/sh | ||
set -e | ||
|
||
gum style \ | ||
--foreground 212 --border-foreground 212 --border double \ | ||
--margin "1 2" --padding "2 4" \ | ||
'Setup for the Managed Resources chapter. | ||
This script assumes that you jumped straight into this chapter. | ||
If that is not the case (if you are continuing from the previous | ||
chapter), please answer with "No" when asked whether you are | ||
ready to start.' | ||
|
||
gum confirm ' | ||
Are you ready to start? | ||
Select "Yes" only if you did NOT follow the story from the start (if you jumped straight into this chapter). | ||
Feel free to say "No" and inspect the script if you prefer setting up resources manually. | ||
' || exit 0 | ||
|
||
echo " | ||
## You will need following tools installed: | ||
|Name |Required |More info | | ||
|----------------|---------------------|---------------------------------------------------| | ||
|Linux Shell |Yes |Use WSL if you are running Windows | | ||
|Docker |Yes |'https://docs.docker.com/engine/install' | | ||
|kind CLI |Yes |'https://kind.sigs.k8s.io/docs/user/quick-start/#installation'| | ||
|kubectl CLI |Yes |'https://kubernetes.io/docs/tasks/tools/#kubectl' | | ||
|Google Cloud account with admin permissions|If using Google Cloud|'https://cloud.google.com'| | ||
|Google Cloud CLI|If using Google Cloud|'https://cloud.google.com/sdk/docs/install' | | ||
|AWS account with admin permissions|If using AWS|'https://aws.amazon.com' | | ||
|AWS CLI |If using AWS |'https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html'| | ||
|eksctl CLI |If using AWS |'https://eksctl.io/installation/' | | ||
|Azure account with admin permissions|If using Azure|'https://azure.microsoft.com' | | ||
|az CLI |If using Azure |'https://learn.microsoft.com/cli/azure/install-azure-cli'| | ||
" | gum format | ||
|
||
gum confirm " | ||
Do you have those tools installed? | ||
" || exit 0 | ||
|
||
rm -f .env | ||
|
||
######################### | ||
# Control Plane Cluster # | ||
######################### | ||
|
||
kind create cluster | ||
|
||
############## | ||
# Crossplane # | ||
############## | ||
|
||
echo " | ||
Which Hyperscaler do you want to use?" | ||
|
||
HYPERSCALER=$(gum choose "google" "aws" "azure") | ||
|
||
echo "export HYPERSCALER=$HYPERSCALER" >> .env | ||
|
||
if [[ "$HYPERSCALER" == "google" ]]; then | ||
|
||
gcloud components install gke-gcloud-auth-plugin | ||
|
||
PROJECT_ID=dot-$(date +%Y%m%d%H%M%S) | ||
|
||
echo "export PROJECT_ID=$PROJECT_ID" >> .env | ||
|
||
gcloud projects create ${PROJECT_ID} | ||
|
||
echo " | ||
Please open https://console.cloud.google.com/marketplace/product/google/container.googleapis.com?project=$PROJECT_ID in a browser and *ENABLE* the API." | ||
|
||
gum input --placeholder " | ||
Press the enter key to continue." | ||
|
||
echo " | ||
Please open https://console.cloud.google.com/apis/library/sqladmin.googleapis.com?project=${PROJECT_ID} in a browser and *ENABLE* the API." | ||
|
||
gum input --placeholder " | ||
Press the enter key to continue." | ||
|
||
export SA_NAME=devops-toolkit | ||
|
||
export SA="${SA_NAME}@${PROJECT_ID}.iam.gserviceaccount.com" | ||
|
||
gcloud iam service-accounts create $SA_NAME \ | ||
--project $PROJECT_ID | ||
|
||
export ROLE=roles/admin | ||
|
||
gcloud projects add-iam-policy-binding \ | ||
--role $ROLE $PROJECT_ID --member serviceAccount:$SA | ||
|
||
gcloud iam service-accounts keys create gcp-creds.json \ | ||
--project $PROJECT_ID --iam-account $SA | ||
|
||
kubectl --namespace crossplane-system \ | ||
create secret generic gcp-creds \ | ||
--from-file creds=./gcp-creds.json | ||
|
||
echo " | ||
apiVersion: gcp.upbound.io/v1beta1 | ||
kind: ProviderConfig | ||
metadata: | ||
name: default | ||
spec: | ||
projectID: $PROJECT_ID | ||
credentials: | ||
source: Secret | ||
secretRef: | ||
namespace: crossplane-system | ||
name: gcp-creds | ||
key: creds" | kubectl apply --filename - | ||
|
||
elif [[ "$HYPERSCALER" == "aws" ]]; then | ||
|
||
AWS_ACCESS_KEY_ID=$(gum input --placeholder "AWS Access Key ID" --value "$AWS_ACCESS_KEY_ID") | ||
echo "export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID" >> .env | ||
|
||
AWS_SECRET_ACCESS_KEY=$(gum input --placeholder "AWS Secret Access Key" --value "$AWS_SECRET_ACCESS_KEY" --password) | ||
echo "export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY" >> .env | ||
|
||
AWS_ACCOUNT_ID=$(gum input --placeholder "AWS Account ID" --value "$AWS_ACCOUNT_ID") | ||
echo "export AWS_ACCOUNT_ID=$AWS_ACCOUNT_ID" >> .env | ||
|
||
echo "[default] | ||
aws_access_key_id = $AWS_ACCESS_KEY_ID | ||
aws_secret_access_key = $AWS_SECRET_ACCESS_KEY | ||
" >aws-creds.conf | ||
|
||
fi |