diff --git a/config/acl_token/config.go b/config/acl_token/config.go index 28d6943..0594a28 100644 --- a/config/acl_token/config.go +++ b/config/acl_token/config.go @@ -7,7 +7,7 @@ func Configure(p *config.Provider) { p.AddResourceConfigurator("acl_token", func(r *config.Resource) { r.ShortGroup = "acl_token" r.References["policy"] = config.Reference{ - Type: "github.com/daanvinken/provider-consul/apis/policy/v1alpha1/v1alpha1.policy", + TerraformName: "acl_policy", } }) } diff --git a/examples-generated/acl/v1alpha1/token.yaml b/examples-generated/acl/v1alpha1/token.yaml index 2b8d436..4f940b8 100644 --- a/examples-generated/acl/v1alpha1/token.yaml +++ b/examples-generated/acl/v1alpha1/token.yaml @@ -11,10 +11,8 @@ spec: description: my test token local: true policies: - - ${consul_acl_policy.agent.name} - + - agent --- - apiVersion: acl.daanvinken.io/v1alpha1 kind: Policy metadata: @@ -30,3 +28,20 @@ spec: node_prefix "" { policy = "read" } +--- +apiVersion: acl.daanvinken.io/v1alpha1 +kind: Role +metadata: + annotations: + meta.upbound.io/example-id: acl/v1alpha1/role + labels: + testing.upbound.io/example-name: read + name: read +spec: + forProvider: + description: bar + name: foo + policies: + - ${consul_acl_policy.read-policy.id} + serviceIdentities: + - serviceName: foo \ No newline at end of file diff --git a/examples-generated/prepared/v1alpha1/query.yaml b/examples-generated/prepared/v1alpha1/query.yaml index de694b6..777dd71 100644 --- a/examples-generated/prepared/v1alpha1/query.yaml +++ b/examples-generated/prepared/v1alpha1/query.yaml @@ -1,5 +1,5 @@ apiVersion: prepared.daanvinken.io/v1alpha1 -kind: PreparedQuery +kind: Query metadata: annotations: meta.upbound.io/example-id: prepared/v1alpha1/query @@ -8,14 +8,16 @@ metadata: name: myapp-query spec: forProvider: - datacenter: dc1 + datacenter: us-central1 dns: - ttl: 30s failover: - datacenters: - - dc1 + - us-west1 + - us-east-2 + - asia-east1 nearestN: 3 - name: myapp + name: myquery near: _agent onlyPassing: true service: myapp diff --git a/examples/abstractions/composition.yaml b/examples/abstractions/composition.yaml new file mode 100644 index 0000000..0ec38b4 --- /dev/null +++ b/examples/abstractions/composition.yaml @@ -0,0 +1,119 @@ +apiVersion: apiextensions.crossplane.io/v1 +kind: Composition +metadata: + name: consulserviceacl.composite.daanvinken +spec: + compositeTypeRef: + apiVersion: daanvinken.io/v1 + kind: ConsulServiceACL + resources: + # Consul ACL Policy Resource + - name: consul_acl_policy + base: + apiVersion: acl.daanvinken.io/v1alpha1 + kind: Policy + metadata: + labels: + crossplane.io/composite: "consulserviceacl" # Simplified label + spec: + forProvider: + datacenters: + - dc1 + rules: "" # Patch later + + patches: + - fromFieldPath: "metadata.name" # Use composite name as part of policy name + toFieldPath: "spec.forProvider.name" + transforms: + - type: string + string: + fmt: "policy-%s" + # Inject composite name into the `rules` field dynamically + - fromFieldPath: "metadata.name" + toFieldPath: "spec.forProvider.rules" + transforms: + - type: string + string: + fmt: | + agent_prefix "" { + policy = "read" + } + + service_prefix "" { + policy = "read" + } + + service_prefix "%[1]s" { + policy = "write" + } + + key_prefix "%[1]s" { + policy = "write" + } + + key_prefix "app/%[1]s" { + policy = "write" + } + + session_prefix "" { + policy = "write" + } + + session_prefix "session/%[1]s" { + policy = "write" + } + + key_prefix "preloader/%[1]s" { + policy = "write" + } + + # Consul ACL Role Resource + - name: consul_acl_role + base: + apiVersion: acl.daanvinken.io/v1alpha1 + kind: Role + spec: + forProvider: + name: "placeholder" + description: "ACL Role for service" + serviceIdentities: + - serviceName: "foo" + patches: + - fromFieldPath: "spec.parameters.service" + toFieldPath: "spec.forProvider.name" + transforms: + - type: string + string: + fmt: "role-%s" + # Reference the Policy dynamically based on the unique composite name + - type: FromCompositeFieldPath + fromFieldPath: "metadata.name" + toFieldPath: "spec.forProvider.policies[0]" + transforms: + - type: string + string: + fmt: "policy-%s" + + # Consul ACL Token Resource + - name: consul_acl_token + base: + apiVersion: acl.daanvinken.io/v1alpha1 + kind: Token + spec: + forProvider: + description: "Generated by Crossplane" + patches: + - fromFieldPath: "spec.parameters.service" + toFieldPath: "spec.forProvider.name" + transforms: + - type: string + string: + fmt: "role-%s" + # Reference the Policy dynamically based on the unique composite name + - type: FromCompositeFieldPath + fromFieldPath: "metadata.name" + toFieldPath: "spec.forProvider.policies[0]" + transforms: + - type: string + string: + fmt: "policy-%s" diff --git a/examples/abstractions/consulserviceacl-2.yaml b/examples/abstractions/consulserviceacl-2.yaml new file mode 100644 index 0000000..0894845 --- /dev/null +++ b/examples/abstractions/consulserviceacl-2.yaml @@ -0,0 +1,7 @@ +apiVersion: daanvinken.io/v1 +kind: ConsulServiceACL +metadata: + name: alb-abcdfghi1234 +spec: + parameters: + main_keys: true \ No newline at end of file diff --git a/examples/abstractions/consulserviceacl.yaml b/examples/abstractions/consulserviceacl.yaml new file mode 100644 index 0000000..ef059f1 --- /dev/null +++ b/examples/abstractions/consulserviceacl.yaml @@ -0,0 +1,7 @@ +apiVersion: daanvinken.io/v1 +kind: ConsulServiceACL +metadata: + name: acr-main +spec: + parameters: + main_keys: true \ No newline at end of file diff --git a/examples/abstractions/kustomization.yaml b/examples/abstractions/kustomization.yaml new file mode 100644 index 0000000..79be420 --- /dev/null +++ b/examples/abstractions/kustomization.yaml @@ -0,0 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - composition.yaml + - consulserviceacl.yaml + - consulserviceacl-2.yaml + - xrd.yaml diff --git a/examples/abstractions/xrd.yaml b/examples/abstractions/xrd.yaml new file mode 100644 index 0000000..b5a220f --- /dev/null +++ b/examples/abstractions/xrd.yaml @@ -0,0 +1,29 @@ +apiVersion: apiextensions.crossplane.io/v1 +kind: CompositeResourceDefinition +metadata: + name: consulserviceacls.daanvinken.io +spec: + group: daanvinken.io + names: + kind: ConsulServiceACL + plural: consulserviceacls + claimNames: + kind: ConsulServiceACL + plural: consulserviceacls + versions: + - name: v1 + served: true + referenceable: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + parameters: + type: object + properties: + main_keys: + type: boolean + description: "Flag to include main keys in the ACL policy" diff --git a/examples/policy-reference.yaml b/examples/policy-reference.yaml new file mode 100644 index 0000000..704f530 --- /dev/null +++ b/examples/policy-reference.yaml @@ -0,0 +1,45 @@ +apiVersion: acl.daanvinken.io/v1alpha1 +kind: Token +metadata: + annotations: + meta.upbound.io/example-id: acl/v1alpha1/token + name: node-token +spec: + forProvider: + description: my test token + local: true + policies: + - agent +--- +apiVersion: acl.daanvinken.io/v1alpha1 +kind: Policy +metadata: + annotations: + meta.upbound.io/example-id: acl/v1alpha1/token + labels: + testing.upbound.io/example-name: agent + name: agent +spec: + forProvider: + name: agent + rules: | + node_prefix "" { + policy = "read" + } +--- +apiVersion: acl.daanvinken.io/v1alpha1 +kind: Role +metadata: + annotations: + meta.upbound.io/example-id: acl/v1alpha1/role + labels: + testing.upbound.io/example-name: read + name: read +spec: + forProvider: + description: bar + name: foo + policies: + - agent + serviceIdentities: + - serviceName: foo \ No newline at end of file diff --git a/go.mod b/go.mod index 4447835..dcf6927 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( dario.cat/mergo v1.0.0 github.com/crossplane/crossplane-runtime v1.16.0 github.com/crossplane/crossplane-tools v0.0.0-20240522174801-1ad3d4c87f21 - github.com/crossplane/upjet v1.4.0 + github.com/crossplane/upjet v1.4.1 github.com/pkg/errors v0.9.1 gopkg.in/alecthomas/kingpin.v2 v2.2.6 k8s.io/apimachinery v0.29.1 diff --git a/go.sum b/go.sum index b1ed44d..cf3fac1 100644 --- a/go.sum +++ b/go.sum @@ -34,8 +34,8 @@ github.com/crossplane/crossplane-runtime v1.16.0 h1:lz+l0wEB3qowdTmN7t0PZkfuNSvf github.com/crossplane/crossplane-runtime v1.16.0/go.mod h1:Pz2tdGVMF6KDGzHZOkvKro0nKc8EzK0sb/nSA7pH4Dc= github.com/crossplane/crossplane-tools v0.0.0-20240522174801-1ad3d4c87f21 h1:8wb7/zCbVPkeX68WbVESWJmSWQE5SZKzz0g9X4FlXRw= github.com/crossplane/crossplane-tools v0.0.0-20240522174801-1ad3d4c87f21/go.mod h1:cN0Y7PFGQMM8mcagXVCbeQoKtipmFWQTPZYyziCPBUI= -github.com/crossplane/upjet v1.4.0 h1:twKCU8omU7VAA7E5fpbQkqDHjVnoTb8EXqmB805Q37o= -github.com/crossplane/upjet v1.4.0/go.mod h1:3pDVtCgyBc5f2Zx4K5HEPxxhjndmOc5CHCJNpIivK/g= +github.com/crossplane/upjet v1.4.1 h1:f2HawXz8OGte1jhe3Fa+IIOca+eCsNFE3Fc5rnkF24Y= +github.com/crossplane/upjet v1.4.1/go.mod h1:3pDVtCgyBc5f2Zx4K5HEPxxhjndmOc5CHCJNpIivK/g= github.com/dave/jennifer v1.7.0 h1:uRbSBH9UTS64yXbh4FrMHfgfY762RD+C7bUPKODpSJE= github.com/dave/jennifer v1.7.0/go.mod h1:nXbxhEmQfOZhWml3D1cDK5M1FLnMSozpbFN/m3RmGZc= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= diff --git a/package/crds/prepared.daanvinken.io_queries.yaml b/package/crds/prepared.daanvinken.io_queries.yaml index 3adc48d..cccc6ed 100644 --- a/package/crds/prepared.daanvinken.io_queries.yaml +++ b/package/crds/prepared.daanvinken.io_queries.yaml @@ -4,7 +4,7 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.14.0 - name: preparedqueries.prepared.daanvinken.io + name: queries.prepared.daanvinken.io spec: group: prepared.daanvinken.io names: @@ -12,10 +12,10 @@ spec: - crossplane - managed - consul - kind: PreparedQuery - listKind: PreparedQueryList - plural: preparedqueries - singular: preparedquery + kind: Query + listKind: QueryList + plural: queries + singular: query scope: Cluster versions: - additionalPrinterColumns: