Skip to content

Commit

Permalink
Revert "Try adding SG and reformat LB network"
Browse files Browse the repository at this point in the history 
This reverts commit b1a8654.
  • Loading branch information
@mhoshi-vm
mhoshi-vm committed Aug 16, 2023
1 parent b1a8654 commit 38ec222
Show file tree
Hide file tree
Showing 5 changed files with 52 additions and 204 deletions.
22 changes: 0 additions & 22 deletions manifests/tap-ecs-supplychain.tanzu.japan.com/1.6.1/crossplane/provider-aws.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,6 @@
---
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
annotations:
kapp.k14s.io/change-group: "crd"
name: upbound-provider-family-aws
spec:
package: #@ data.values.crossplane.aws.repo + ":" + data.values.crossplane.aws.tag
controllerConfigRef:
name: upbound-provider-aws
---
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
annotations:
kapp.k14s.io/change-group: "crd"
Expand All @@ -24,17 +13,6 @@ spec:
---
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
annotations:
kapp.k14s.io/change-group: "crd"
name: upbound-provider-aws-ec2
spec:
package: #@ data.values.crossplane.ec2.repo + ":" + data.values.crossplane.ec2.tag
controllerConfigRef:
name: upbound-provider-aws
---
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
annotations:
kapp.k14s.io/change-group: "crd"
Expand Down
152 changes: 25 additions & 127 deletions manifests/tap-ecs-supplychain.tanzu.japan.com/1.6.1/supplychain/clusterconfig.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,12 +12,18 @@ spec:
name: region
- default: #@ data.values.aws.accountId
name: accountId
- default: #@ data.values.aws.alb
name: alb
- default: #@ data.values.aws.ecs
name: ecs
- default: #@ data.values.aws.vpcId
name: vpcId
- default: #@ data.values.aws.vpc
name: vpc
- default: #@ data.values.aws.subnets
name: subnets
- default: #@ data.values.aws.securityGroups
name: securityGroups
- default: #@ data.values.aws.accountId
name: accountId
- default: #@ data.values.aws.enableAlb
name: enableAlb
- default: #@ data.values.aws.public
name: public
configPath: .data
lifecycle: mutable
ytt: |
Expand Down Expand Up @@ -58,7 +64,7 @@ spec:
#@ enabled = False
#@ spec = config.spec
#@ workload = spec.containers[0]
#@ if data.values.params.alb.enabled and hasattr(workload, "ports") and hasattr(workload, "livenessProbe"):
#@ if data.values.params.enableAlb and hasattr(workload, "ports") and hasattr(workload, "readinessProbe"):
#@ enabled = True
#@ end
#@ return enabled
Expand Down Expand Up @@ -177,16 +183,16 @@ spec:
#@ forProvider["name"] = data.values.workload.metadata.name + "-" + data.values.workload.metadata.namespace
#@ forProvider["region"] = data.values.params.region
#@ forProvider["targetType"] = "ip"
#@ forProvider["vpcId"] = data.values.params.vpcId
#@ if hasattr(workload, "livenessProbe"):
#@ forProvider["vpcId"] = data.values.params.vpc
#@ if hasattr(workload, "readinessProbe"):
#@ healthCheck = {}
#@ healthCheck["enabled"] = True
#@ if hasattr(workload["livenessProbe"], "httpGet"):
#@ if hasattr(workload["readinessProbe"], "httpGet"):
#@ forProvider["port"] = workload["ports"][0]["containerPort"]
#@ forProvider["protocol"] = "HTTP"
#@ healthCheck["port"] = str(workload["livenessProbe"]["httpGet"]["port"])
#@ healthCheck["path"] = workload["livenessProbe"]["httpGet"]["path"]
#@ healthCheck["protocol"] = workload["livenessProbe"]["httpGet"]["scheme"]
#@ healthCheck["port"] = str(workload["readinessProbe"]["httpGet"]["port"])
#@ healthCheck["path"] = workload["readinessProbe"]["httpGet"]["path"]
#@ healthCheck["protocol"] = workload["readinessProbe"]["httpGet"]["scheme"]
#@ end
#@ forProvider["healthCheck"] = []
#@ forProvider["healthCheck"].append(healthCheck)
Expand Down Expand Up @@ -256,10 +262,9 @@ spec:
resolution: Required
resolve: 'Always'
networkConfiguration:
- subnets: #@ data.values.params.ecs.subnets
securityGroupRefs:
- name: #@ "ecs-" + data.values.workload.metadata.name + "-" + data.values.workload.metadata.namespace
#@ if data.values.params.ecs.public:
- subnets: #@ data.values.params.subnets
securityGroups: #@ data.values.params.securityGroups
#@ if data.values.params.public:
assignPublicIp: true
#@ end
#@ if verify_lb_enabled(data.values.config):
Expand All @@ -272,48 +277,6 @@ spec:
initProvider: {}
managementPolicies:
- '*'
#@ if hasattr(data.values.config.spec.containers[0], "ports"):
---
apiVersion: ec2.aws.upbound.io/v1beta1
kind: SecurityGroup
metadata:
annotations: #@ return_annotations(data.values.config, False, "base", "")
name: #@ "ecs-" + data.values.workload.metadata.name + "-" + data.values.workload.metadata.namespace
spec:
providerConfigRef:
name: aws-provider
deletionPolicy: Delete
initProvider: {}
managementPolicies:
- '*'
forProvider:
name: #@ "ecs-" + data.values.workload.metadata.name + "-" + data.values.workload.metadata.namespace
region: #@ data.values.params.region
vpcId: #@ data.values.params.vpcId
---
apiVersion: ec2.aws.upbound.io/v1beta1
kind: SecurityGroupRule
metadata:
annotations: #@ return_annotations(data.values.config, False, "base", "")
name: #@ "ecs-" + data.values.workload.metadata.name + "-" + data.values.workload.metadata.namespace
spec:
providerConfigRef:
name: aws-provider
deletionPolicy: Delete
initProvider: {}
managementPolicies:
- '*'
forProvider:
cidrBlocks:
- 0.0.0.0/0
fromPort: #@ data.values.config.spec.containers[0].ports[0].containerPort
protocol: #@ data.values.config.spec.containers[0].ports[0].protocol
region: #@ data.values.params.region
securityGroupIdRef:
name: #@ "ecs-" + data.values.workload.metadata.name + "-" + data.values.workload.metadata.namespace
toPort: #@ data.values.config.spec.containers[0].ports[0].containerPort
type: ingress
#@ end
#@ if verify_lb_enabled(data.values.config):
---
apiVersion: elbv2.aws.upbound.io/v1beta1
Expand Down Expand Up @@ -345,7 +308,7 @@ spec:
enableDeletionProtection: false
enableHttp2: true
idleTimeout: 60
#@ if data.values.params.alb.public:
#@ if data.values.params.public:
internal: false
#@ else:
internal: true
Expand All @@ -354,9 +317,8 @@ spec:
loadBalancerType: application
name: #@ data.values.workload.metadata.name + "-" + data.values.workload.metadata.namespace
region: #@ data.values.params.region
securityGroupRefs:
- name: #@ "lb-" + data.values.workload.metadata.name + "-" + data.values.workload.metadata.namespace
subnets: #@ data.values.params.alb.subnets
securityGroups: #@ data.values.params.securityGroups
subnets: #@ data.values.params.subnets
xffHeaderProcessingMode: append
initProvider: {}
managementPolicies:
Expand Down Expand Up @@ -384,46 +346,6 @@ spec:
initProvider: {}
managementPolicies:
- '*'
---
apiVersion: ec2.aws.upbound.io/v1beta1
kind: SecurityGroup
metadata:
annotations: #@ return_annotations(data.values.config, False, "base", "")
name: #@ "lb-" + data.values.workload.metadata.name + "-" + data.values.workload.metadata.namespace
spec:
providerConfigRef:
name: aws-provider
deletionPolicy: Delete
initProvider: {}
managementPolicies:
- '*'
forProvider:
name: #@ "lb-" + data.values.workload.metadata.name + "-" + data.values.workload.metadata.namespace
region: #@ data.values.params.region
vpcId: #@ data.values.params.vpcId
---
apiVersion: ec2.aws.upbound.io/v1beta1
kind: SecurityGroupRule
metadata:
annotations: #@ return_annotations(data.values.config, False, "base", "")
name: #@ "lb-" + data.values.workload.metadata.name + "-" + data.values.workload.metadata.namespace
spec:
providerConfigRef:
name: aws-provider
deletionPolicy: Delete
initProvider: {}
managementPolicies:
- '*'
forProvider:
cidrBlocks:
- 0.0.0.0/0
fromPort: 80
protocol: tcp
region: #@ data.values.params.region
securityGroupIdRef:
name: #@ "lb-" + data.values.workload.metadata.name + "-" + data.values.workload.metadata.namespace
toPort: 80
type: ingress
#@ end
---
apiVersion: kapp.k14s.io/v1alpha1
Expand All @@ -447,12 +369,6 @@ spec:
- apiVersionKindMatcher:
apiVersion: elbv2.aws.upbound.io/v1beta1
kind: LBListener
- apiVersionKindMatcher:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: SecurityGroup
- apiVersionKindMatcher:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: SecurityGroupRule
- path: [metadata, annotations, upjet.crossplane.io/provider-meta]
resourceMatchers: *All
Expand Down Expand Up @@ -481,12 +397,6 @@ spec:
apiVersion: ecs.aws.upbound.io/v1beta1
kind: Service
- path: [spec, forProvider, , {allIndexes: true}, targetGroupArn]
resourceMatchers:
- apiVersionKindMatcher:
apiVersion: ecs.aws.upbound.io/v1beta1
kind: Service
- path: [spec, forProvider, protocolVersion]
resourceMatchers:
- apiVersionKindMatcher:
Expand Down Expand Up @@ -516,18 +426,6 @@ spec:
- apiVersionKindMatcher:
apiVersion: elbv2.aws.upbound.io/v1beta1
kind: LBListener
- path: [spec, forProvider, description]
resourceMatchers:
- apiVersionKindMatcher:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: SecurityGroup
- path: [spec, forProvider, securityGroupId]
resourceMatchers:
- apiVersionKindMatcher:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: SecurityGroupRule
waitRules:
- supportsObservedGeneration: false
Expand Down
1 change: 0 additions & 1 deletion manifests/tap-ecs-supplychain.tanzu.japan.com/1.6.1/supplychain/role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ metadata:
apps.tanzu.vmware.com/aggregate-to-deliverable: "true"
rules:
- apiGroups:
- ec2.aws.upbound.io
- ecs.aws.upbound.io
- elbv2.aws.upbound.io
resources:
Expand Down
20 changes: 7 additions & 13 deletions manifests/tap-ecs-supplychain.tanzu.japan.com/1.6.1/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,6 @@ crossplane:
ecs:
repo: xpkg.upbound.io/upbound/provider-aws-ecs
tag: v0.38.0
ec2:
repo: xpkg.upbound.io/upbound/provider-aws-ec2
tag: v0.38.0
elbv2:
repo: xpkg.upbound.io/upbound/provider-aws-elbv2
tag: v0.38.0
Expand All @@ -19,13 +16,10 @@ aws:
roleName: "tap-ecs"
cluster: ""
region: us-west-2
vpcId: vpc-xxxxx
alb:
enabled: true
public: true
subnets:
- subnet1
ecs:
public: false
subnets:
- private-subnet1
vpc: us-west2-VPC
subnets:
- sample-subnet1
securityGroups:
- default
enableAlb: true
public: false
61 changes: 20 additions & 41 deletions packages/tap-ecs-supplychain.tanzu.japan.com/1.6.1.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,16 +33,6 @@ spec:
tag:
type: string
default: v0.38.0
ec2:
type: object
additionalProperties: false
properties:
repo:
type: string
default: xpkg.upbound.io/upbound/provider-aws-ec2
tag:
type: string
default: v0.38.0
elbv2:
type: object
additionalProperties: false
Expand All @@ -69,38 +59,27 @@ spec:
region:
type: string
default: us-west-2
vpcId:
vpc:
type: string
default: vpc-xxxxx
alb:
type: object
additionalProperties: false
properties:
enabled:
type: boolean
default: true
public:
type: boolean
default: true
subnets:
type: array
items:
type: string
default: subnet1
default: []
ecs:
type: object
additionalProperties: false
properties:
public:
type: boolean
default: false
subnets:
type: array
items:
type: string
default: private-subnet1
default: []
default: us-west2-VPC
subnets:
type: array
items:
type: string
default: sample-subnet1
default: []
securityGroups:
type: array
items:
type: string
default: default
default: []
enableAlb:
type: boolean
default: true
public:
type: boolean
default: false
template:
spec:
fetch:
Expand Down

0 comments on commit 38ec222

Please sign in to comment.