Initial commit from kro/examples/aws/eks-cluster-mgmt

2026-04-21 09:55:53 -03:00
parent 0585444299
commit 7d11fd5889
66 changed files with 3667 additions and 0 deletions
@@ -0,0 +1,175 @@
+apiVersion: kro.run/v1alpha1
+kind: ResourceGraphDefinition
+metadata:
+  name: ekscluster.kro.run
+  annotations:
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+    argocd.argoproj.io/sync-wave: "0"
+spec:
+  schema:
+    apiVersion: v1alpha1
+    kind: EksCluster
+    spec:
+      name: string
+      tenant: string | default="auto1"
+      environment: string | default="staging"
+      region: string | default="us-west-2"
+      k8sVersion: string | default="1.34"
+      accountId: string
+      managementAccountId: string
+      adminRoleName: string | default="Admin"
+      fleetSecretManagerSecretNameSuffix: string | default="argocd-secret"
+      domainName: string | default="cluster.example.com"
+      vpc:
+        create: boolean | default=true
+        vpcCidr: string | default="10.0.0.0/16"
+        publicSubnet1Cidr: string | default="10.0.1.0/24"
+        publicSubnet2Cidr: string | default="10.0.2.0/24"
+        privateSubnet1Cidr: string | default="10.0.11.0/24"
+        privateSubnet2Cidr: string | default="10.0.12.0/24"
+        vpcId: string | default=""
+        publicSubnet1Id: string | default=""
+        publicSubnet2Id: string | default=""
+        privateSubnet1Id: string | default=""
+        privateSubnet2Id: string | default=""
+      workloads: string | default="false" # Define if we want to deploy workloads application
+      gitops:
+        addonsRepoBasePath: string | default="addons/"
+        addonsRepoPath: string | default="bootstrap"
+        addonsRepoRevision: string | default="main"
+        addonsRepoUrl: string | default="https://github.com/allamand/eks-cluster-mgmt"
+
+        fleetRepoBasePath: string | default="fleet/"
+        fleetRepoPath: string | default="bootstrap"
+        fleetRepoRevision: string | default="main"
+        fleetRepoUrl: string | default="https://github.com/allamand/eks-cluster-mgmt"
+
+      addons:
+
+        enable_external_secrets: string | default="true"
+        external_secrets_namespace: string | default="external-secrets"
+        external_secrets_service_account: string | default="external-secrets-sa"
+
+  resources:
+  - id: vpc
+    includeWhen:
+      - ${schema.spec.vpc.create}
+    readyWhen:
+    - ${vpc.status.conditions.exists(x, x.type == 'Ready' && x.status == "True")} # Check on kro conditions
+    template:
+      apiVersion: kro.run/v1alpha1
+      kind: Vpc
+      metadata:
+        name: ${schema.spec.name}
+        namespace: ${schema.spec.name}
+        labels:
+          app.kubernetes.io/instance: ${schema.spec.name}
+        annotations:
+          argocd.argoproj.io/tracking-id: clusters:kro.run/Vpc:${schema.spec.name}/${schema.spec.name}
+      spec:
+        name: ${schema.spec.name}
+        region: ${schema.spec.region}
+        cidr:
+          vpcCidr: ${schema.spec.vpc.vpcCidr}
+          publicSubnet1Cidr: ${schema.spec.vpc.publicSubnet1Cidr}
+          publicSubnet2Cidr: ${schema.spec.vpc.publicSubnet2Cidr}
+          privateSubnet1Cidr: ${schema.spec.vpc.privateSubnet1Cidr}
+          privateSubnet2Cidr: ${schema.spec.vpc.privateSubnet2Cidr}
+  - id: eksWithVpc
+    includeWhen:
+      - ${schema.spec.vpc.create}
+    readyWhen:
+      - ${eksWithVpc.status.conditions.exists(x, x.type == 'Ready' && x.status == "True")} # Check on kro conditions
+    template:
+      apiVersion: kro.run/v1alpha1
+      kind: EksClusterBasic
+      metadata:
+        name: ${schema.spec.name}
+        namespace: ${schema.spec.name}
+        labels:
+          app.kubernetes.io/instance: ${schema.spec.name}
+        annotations:
+          argocd.argoproj.io/tracking-id: clusters:kro.run/EksCluster:${schema.spec.name}/${schema.spec.name}
+      spec:
+        name: ${schema.spec.name}
+        tenant: ${schema.spec.tenant}
+        environment: ${schema.spec.environment}
+        region: ${schema.spec.region}
+        accountId: ${schema.spec.accountId}
+        managementAccountId: ${schema.spec.managementAccountId}
+        k8sVersion: ${schema.spec.k8sVersion}
+        adminRoleName: ${schema.spec.adminRoleName}
+        fleetSecretManagerSecretNameSuffix: ${schema.spec.fleetSecretManagerSecretNameSuffix}
+        domainName: ${schema.spec.domainName}
+        network:
+          vpcID: "${vpc.status.vpcID}"
+          subnets:
+            controlplane:
+              subnet1ID: "${vpc.status.privateSubnet1ID}"
+              subnet2ID: "${vpc.status.privateSubnet2ID}"
+            workers:
+              subnet1ID: "${vpc.status.privateSubnet1ID}"
+              subnet2ID: "${vpc.status.privateSubnet2ID}"
+        workloads: ${schema.spec.workloads}
+        gitops:
+          addonsRepoBasePath: ${schema.spec.gitops.addonsRepoBasePath}
+          addonsRepoPath: ${schema.spec.gitops.addonsRepoPath}
+          addonsRepoRevision: ${schema.spec.gitops.addonsRepoRevision}
+          addonsRepoUrl: ${schema.spec.gitops.addonsRepoUrl}
+          fleetRepoBasePath: ${schema.spec.gitops.fleetRepoBasePath}
+          fleetRepoPath: ${schema.spec.gitops.fleetRepoPath}
+          fleetRepoRevision: ${schema.spec.gitops.fleetRepoRevision}
+          fleetRepoUrl: ${schema.spec.gitops.fleetRepoUrl}
+        addons:
+          enable_external_secrets: ${schema.spec.addons.enable_external_secrets}
+          external_secrets_namespace: ${schema.spec.addons.external_secrets_namespace}
+          external_secrets_service_account: ${schema.spec.addons.external_secrets_service_account}
+  - id: eksExistingVpc
+    includeWhen:
+      - ${!schema.spec.vpc.create}
+    readyWhen:
+      - ${eksExistingVpc.status.conditions.exists(x, x.type == 'Ready' && x.status == "True")} # Check on kro conditions
+    template:
+      apiVersion: kro.run/v1alpha1
+      kind: EksClusterBasic
+      metadata:
+        name: ${schema.spec.name}
+        namespace: ${schema.spec.name}
+        labels:
+          app.kubernetes.io/instance: ${schema.spec.name}
+        annotations:
+          argocd.argoproj.io/tracking-id: clusters:kro.run/EksCluster:${schema.spec.name}/${schema.spec.name}
+      spec:
+        name: ${schema.spec.name}
+        tenant: ${schema.spec.tenant}
+        environment: ${schema.spec.environment}
+        region: ${schema.spec.region}
+        accountId: ${schema.spec.accountId}
+        managementAccountId: ${schema.spec.managementAccountId}
+        k8sVersion: ${schema.spec.k8sVersion}
+        adminRoleName: ${schema.spec.adminRoleName}
+        fleetSecretManagerSecretNameSuffix: ${schema.spec.fleetSecretManagerSecretNameSuffix}
+        domainName: ${schema.spec.domainName}
+        network:
+          vpcID: "${schema.spec.vpc.vpcId}"
+          subnets:
+            controlplane:
+              subnet1ID: "${schema.spec.vpc.privateSubnet1Id}"
+              subnet2ID: "${schema.spec.vpc.privateSubnet2Id}"
+            workers:
+              subnet1ID: "${schema.spec.vpc.privateSubnet1Id}"
+              subnet2ID: "${schema.spec.vpc.privateSubnet2Id}"
+        workloads: ${schema.spec.workloads}
+        gitops:
+          addonsRepoBasePath: ${schema.spec.gitops.addonsRepoBasePath}
+          addonsRepoPath: ${schema.spec.gitops.addonsRepoPath}
+          addonsRepoRevision: ${schema.spec.gitops.addonsRepoRevision}
+          addonsRepoUrl: ${schema.spec.gitops.addonsRepoUrl}
+          fleetRepoBasePath: ${schema.spec.gitops.fleetRepoBasePath}
+          fleetRepoPath: ${schema.spec.gitops.fleetRepoPath}
+          fleetRepoRevision: ${schema.spec.gitops.fleetRepoRevision}
+          fleetRepoUrl: ${schema.spec.gitops.fleetRepoUrl}
+        addons:
+          enable_external_secrets: ${schema.spec.addons.enable_external_secrets}
+          external_secrets_namespace: ${schema.spec.addons.external_secrets_namespace}
+          external_secrets_service_account: ${schema.spec.addons.external_secrets_service_account}