Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Database abstraction and README update #39

Merged
merged 15 commits into from
Oct 31, 2022
Merged

Add Database abstraction and README update #39

Show file tree
Hide file tree
Changes from 14 commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
f45b5cb
Database abstraction layout
ytsarev Oct 20, 2022
8748f68
Configure Private SQL Instance directly accessible from within GKE cl…
ytsarev Oct 21, 2022
c621003
Revamp XRDs/Compositions naming for consistency
ytsarev Oct 25, 2022
e048649
Doc update
ytsarev Oct 25, 2022
c959180
Include database into e2e tests
ytsarev Oct 25, 2022
ef3ddf8
Delete user.sql in test hook to avoid the orphan state
ytsarev Oct 25, 2022
1fd42b6
Add note on `servicenetworking.googleapis.com` global binding
ytsarev Oct 26, 2022
aa4592f
Update examples for uptest
ytsarev Oct 26, 2022
939493c
Deleter ordering, new uptest with secret handling
ytsarev Oct 26, 2022
29abef5
Additional testhook arrangement
ytsarev Oct 26, 2022
d2d414e
Increase default timeout as the deployment takes time
ytsarev Oct 27, 2022
3b86244
Add doc covering required roles for SA
ytsarev Oct 27, 2022
de148d4
Avoid network selector in database composition
ytsarev Oct 27, 2022
0da3d64
More precise creds gen link
ytsarev Oct 27, 2022
69bb0f7
Add note on ordered deletion
ytsarev Oct 31, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ PLATFORMS ?= linux_amd64

UP_VERSION = v0.14.0
UP_CHANNEL = stable
UPTEST_VERSION = v0.1.1
UPTEST_VERSION = v0.2.0

-include build/makelib/k8s_tools.mk
# ====================================================================================
Expand Down Expand Up @@ -56,7 +56,7 @@ build.init: $(UP)
# End to End Testing
uptest: build $(UPTEST) $(KUBECTL) $(KUTTL) local.xpkg.deploy.configuration.$(PROJECT_NAME)
@$(INFO) running automated tests
@KUBECTL=$(KUBECTL) KUTTL=$(KUTTL) $(UPTEST) e2e examples/cluster-claim.yaml --setup-script=test/setup.sh --default-timeout=2400 || $(FAIL)
@KUBECTL=$(KUBECTL) KUTTL=$(KUTTL) $(UPTEST) e2e examples/cluster-claim.yaml,examples/postgres-claim.yaml --setup-script=test/setup.sh --default-timeout=3600 || $(FAIL)
@$(OK) running automated tests

e2e: controlplane.up uptest
e2e: controlplane.up uptest
344 changes: 194 additions & 150 deletions README.md
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion examples/cluster-claim.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ metadata:
name: platform-ref-gcp-cluster
namespace: default
annotations:
uptest.upbound.io/post-assert-hook: testhooks/delete-release.sh
uptest.upbound.io/pre-delete-hook: testhooks/delete-release.sh
spec:
compositionSelector:
matchLabels:
Expand Down
2 changes: 1 addition & 1 deletion examples/configuration.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,6 @@ kind: Configuration
metadata:
name: upbound-platform-ref-gcp
spec:
package: xpkg.upbound.io/upbound/platform-ref-gcp:v0.2.1
package: xpkg.upbound.io/upbound/platform-ref-gcp:v0.3.0
packagePullSecrets:
ytsarev marked this conversation as resolved.
Show resolved Hide resolved
- name: package-pull-secret
2 changes: 1 addition & 1 deletion examples/provider-default-gcp.yaml → examples/gcp-default-provider.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
spec:
credentials:
secretRef:
key: key
key: credentials
name: gcp-creds
namespace: upbound-system
source: Secret
Expand Down
2 changes: 1 addition & 1 deletion examples/network-xr.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
apiVersion: gcp.platformref.upbound.io/v1alpha1
kind: CompositeNetwork
kind: XNetwork
metadata:
name: platform-ref-gcp-cluster
spec:
Expand Down
27 changes: 27 additions & 0 deletions examples/postgres-claim.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
apiVersion: gcp.platformref.upbound.io/v1alpha1
kind: PostgreSQLInstance
metadata:
name: platform-ref-gcp-db
namespace: default
annotations:
uptest.upbound.io/pre-delete-hook: testhooks/delete-sql-user.sh
spec:
parameters:
storageGB: 10
passwordSecretRef:
namespace: default
name: psqlsecret
key: password
clusterRef:
id: platform-ref-gcp-cluster
writeConnectionSecretToRef:
name: platform-ref-gcp-db-conn
---
apiVersion: v1
data:
password: dXBiMHVuZHIwY2s1ITMxMzM3
ytsarev marked this conversation as resolved.
Show resolved Hide resolved
kind: Secret
metadata:
name: psqlsecret
namespace: default
type: Opaque
3 changes: 2 additions & 1 deletion examples/testhooks/delete-release.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,6 @@
set -aeuo pipefail

# Delete the release before deleting the cluster not to orphan the release object
# Use explicit ordering of the sql resources to avoid database stuck
# Note(turkenh): This is a workaround for the infamous dependency problem during deletion.
${KUBECTL} delete release --all
${KUBECTL} delete release.helm.crossplane.io --all
7 changes: 7 additions & 0 deletions examples/testhooks/delete-sql-user.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
#!/usr/bin/env bash
set -aeuo pipefail

# Delete the sql user before deleting the database not to orphan the user object
# Use explicit ordering of the sql resources to avoid database stuck
# Note(turkenh): This is a workaround for the infamous dependency problem during deletion.
${KUBECTL} delete user.sql.gcp.upbound.io --all
12 changes: 6 additions & 6 deletions package/cluster/composition.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,24 +1,24 @@
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: gke.compositeclusters.gcp.platformref.upbound.io
name: xclusters.gcp.platformref.upbound.io
labels:
provider: GCP
spec:
writeConnectionSecretsToNamespace: upbound-system
compositeTypeRef:
apiVersion: gcp.platformref.upbound.io/v1alpha1
kind: CompositeCluster
kind: XCluster
resources:
- base:
apiVersion: gcp.platformref.upbound.io/v1alpha1
kind: CompositeNetwork
kind: XNetwork
patches:
- fromFieldPath: spec.id
toFieldPath: spec.id
- base:
apiVersion: gcp.platformref.upbound.io/v1alpha1
kind: GKE
kind: XGKE
connectionDetails:
- fromConnectionSecretKey: kubeconfig
patches:
Expand All @@ -37,10 +37,10 @@ spec:
- fromFieldPath: spec.parameters.nodes.size
toFieldPath: spec.parameters.nodes.size
- fromFieldPath: spec.id
toFieldPath: spec.parameters.compositeNetworkSelector.matchLabels[networks.gcp.platformref.upbound.io/network-id]
toFieldPath: spec.parameters.XNetworkSelector.matchLabels[networks.gcp.platformref.upbound.io/network-id]
- base:
apiVersion: gcp.platformref.upbound.io/v1alpha1
kind: Services
kind: XServices
patches:
- fromFieldPath: spec.id
toFieldPath: spec.providerConfigRef.name
Expand Down
6 changes: 3 additions & 3 deletions package/cluster/definition.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: apiextensions.crossplane.io/v1
kind: CompositeResourceDefinition
metadata:
name: compositeclusters.gcp.platformref.upbound.io
name: xclusters.gcp.platformref.upbound.io
spec:
claimNames:
kind: Cluster
Expand All @@ -10,8 +10,8 @@ spec:
- kubeconfig
group: gcp.platformref.upbound.io
names:
kind: CompositeCluster
plural: compositeclusters
kind: XCluster
plural: xclusters
versions:
- name: v1alpha1
served: true
Expand Down
12 changes: 6 additions & 6 deletions package/cluster/gke/composition.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: gke.gcp.platformref.upbound.io
name: xgke.gcp.platformref.upbound.io
labels:
provider: GCP
spec:
writeConnectionSecretsToNamespace: upbound-system
compositeTypeRef:
apiVersion: gcp.platformref.upbound.io/v1alpha1
kind: GKE
kind: XGKE
resources:
- name: service-account
base:
Expand Down Expand Up @@ -99,9 +99,9 @@ spec:
- fromFieldPath: spec.writeConnectionSecretToRef.namespace
toFieldPath: spec.writeConnectionSecretToRef.namespace
# Create this cluster in the Network and Subnetwork referenced by network ID
- fromFieldPath: spec.parameters.compositeNetworkSelector.matchLabels
- fromFieldPath: spec.parameters.XNetworkSelector.matchLabels
toFieldPath: spec.forProvider.networkSelector.matchLabels
- fromFieldPath: spec.parameters.compositeNetworkSelector.matchLabels
- fromFieldPath: spec.parameters.XNetworkSelector.matchLabels
toFieldPath: spec.forProvider.subnetworkSelector.matchLabels
- fromFieldPath: status.gke.serviceAccount
toFieldPath: spec.forProvider.nodeConfig[0].serviceAccount
Expand All @@ -128,9 +128,9 @@ spec:
- minNodeCount: 1
maxNodeCount: 3
nodeConfig:
- diskType: pd-standard
diskSizeGb: 100
- diskSizeGb: 10
imageType: COS_CONTAINERD
machineType: e2-medium
preemptible: true
shieldedInstanceConfig:
- enableIntegrityMonitoring: true
Expand Down
10 changes: 5 additions & 5 deletions package/cluster/gke/definition.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
apiVersion: apiextensions.crossplane.io/v1
kind: CompositeResourceDefinition
metadata:
name: gke.gcp.platformref.upbound.io
name: xgke.gcp.platformref.upbound.io
spec:
connectionSecretKeys:
- kubeconfig
group: gcp.platformref.upbound.io
names:
kind: GKE
plural: gke
kind: XGKE
plural: xgke
versions:
- name: v1alpha1
served: true
Expand Down Expand Up @@ -48,13 +48,13 @@ spec:
required:
- count
- size
compositeNetworkSelector:
XNetworkSelector:
type: object
properties:
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures a CompositeNetwork with matching labels
description: MatchLabels ensures a XNetwork with matching labels
is selected.
type: object
required:
Expand Down
6 changes: 4 additions & 2 deletions package/cluster/network/composition.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: gcp.compositenetworks.gcp.platformref.upbound.io
name: xnetworks.gcp.platformref.upbound.io
labels:
provider: GCP
spec:
writeConnectionSecretsToNamespace: upbound-system
compositeTypeRef:
apiVersion: gcp.platformref.upbound.io/v1alpha1
kind: CompositeNetwork
kind: XNetwork
resources:
- base:
apiVersion: compute.gcp.upbound.io/v1beta1
Expand All @@ -18,6 +18,8 @@ spec:
autoCreateSubnetworks: false
routingMode: REGIONAL
patches:
- fromFieldPath: spec.id
toFieldPath: metadata.name
- fromFieldPath: spec.id
toFieldPath: metadata.labels[networks.gcp.platformref.upbound.io/network-id]
- base:
Expand Down
6 changes: 3 additions & 3 deletions package/cluster/network/definition.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
apiVersion: apiextensions.crossplane.io/v1
kind: CompositeResourceDefinition
metadata:
name: compositenetworks.gcp.platformref.upbound.io
name: xnetworks.gcp.platformref.upbound.io
spec:
group: gcp.platformref.upbound.io
names:
kind: CompositeNetwork
plural: compositenetworks
kind: XNetwork
plural: xnetworks
versions:
- name: v1alpha1
served: true
Expand Down
4 changes: 2 additions & 2 deletions package/cluster/services/composition.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: services.gcp.platformref.upbound.io
name: xservices.gcp.platformref.upbound.io
labels:
provider: helm
spec:
writeConnectionSecretsToNamespace: upbound-system
compositeTypeRef:
apiVersion: gcp.platformref.upbound.io/v1alpha1
kind: Services
kind: XServices
resources:
- base:
apiVersion: helm.crossplane.io/v1beta1
Expand Down
6 changes: 3 additions & 3 deletions package/cluster/services/definition.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
apiVersion: apiextensions.crossplane.io/v1
kind: CompositeResourceDefinition
metadata:
name: services.gcp.platformref.upbound.io
name: xservices.gcp.platformref.upbound.io
spec:
group: gcp.platformref.upbound.io
names:
kind: Services
plural: services
kind: XServices
plural: xservices
versions:
- name: v1alpha1
served: true
Expand Down
79 changes: 79 additions & 0 deletions package/database/postgres/composition.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: xpostgresqlinstances.gcp.platformref.upbound.io
labels:
provider: gcp
spec:
writeConnectionSecretsToNamespace: upbound-system
compositeTypeRef:
apiVersion: gcp.platformref.upbound.io/v1alpha1
kind: XPostgreSQLInstance
resources:
- name: PrivateIPAddress
base:
apiVersion: compute.gcp.upbound.io/v1beta1
kind: GlobalAddress
spec:
forProvider:
addressType: INTERNAL
prefixLength: 16
purpose: VPC_PEERING
patches:
- fromFieldPath: spec.parameters.clusterRef.id
toFieldPath: spec.forProvider.networkSelector.matchLabels[networks.gcp.platformref.upbound.io/network-id]
- name: PrivateConnection
base:
apiVersion: servicenetworking.gcp.upbound.io/v1beta1
kind: Connection
spec:
forProvider:
reservedPeeringRangesSelector:
matchControllerRef: true
service: servicenetworking.googleapis.com
patches:
- fromFieldPath: spec.parameters.clusterRef.id
toFieldPath: spec.forProvider.networkSelector.matchLabels[networks.gcp.platformref.upbound.io/network-id]
- name: DatabaseUser
base:
apiVersion: sql.gcp.upbound.io/v1beta1
kind: User
spec:
forProvider:
instanceSelector:
matchControllerRef: true
patches:
- fromFieldPath: spec.parameters.passwordSecretRef.namespace
toFieldPath: spec.forProvider.passwordSecretRef.namespace
- fromFieldPath: spec.parameters.passwordSecretRef.name
toFieldPath: spec.forProvider.passwordSecretRef.name
- fromFieldPath: spec.parameters.passwordSecretRef.key
toFieldPath: spec.forProvider.passwordSecretRef.key
- name: DBInstance
base:
apiVersion: sql.gcp.upbound.io/v1beta1
kind: DatabaseInstance
spec:
forProvider:
databaseVersion: POSTGRES_13
deletionProtection: false
region: us-west2
settings:
- diskSize: 20
tier: db-f1-micro
patches:
- fromFieldPath: metadata.uid
toFieldPath: spec.writeConnectionSecretToRef.name
transforms:
- type: string
string:
fmt: "%s-gcp-postgresql"
- fromFieldPath: spec.writeConnectionSecretToRef.namespace
toFieldPath: spec.writeConnectionSecretToRef.namespace
- fromFieldPath: spec.parameters.storageGB
toFieldPath: spec.forProvider.settings[0].diskSize
- fromFieldPath: spec.parameters.clusterRef.id
toFieldPath: spec.forProvider.settings[0].ipConfiguration[0].privateNetworkRef.name
connectionDetails:
- fromConnectionSecretKey: privateIP
- fromConnectionSecretKey: serverCACertificateCert
Loading