Update Helm release crossplane to v1.18.1 #162
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: provision-aws | |
| on: [push] | |
| env: | |
| KIND_NODE_VERSION: v1.31.1 | |
| BUCKET_NAME: spring2024-bucket | |
| # AWS | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_DEFAULT_REGION: 'eu-central-1' | |
| jobs: | |
| crossplane-provision-aws: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@master | |
| # Using branch unique name for our bucket to prevent interfering jobs | |
| # But we need to split out the branch name, see https://stackoverflow.com/a/73467112/4964553 | |
| # otherwise we'll run into errors like: 'compose resources: cannot associate composed resources with Composition resource templates: cannot get composed resource: invalid resource name "spring2024-bucket-renovate/xpkg.upbound.io-upbound-provider-aws-s3-1.x": [may not contain '/']' | |
| - name: Split branch name | |
| env: | |
| BRANCH: ${{ github.ref_name }} | |
| id: split | |
| run: echo "::set-output name=branchbucketsuffix::${BRANCH##*/}" | |
| - name: Spin up kind | |
| run: | | |
| echo "### Create kind cluster" | |
| kind create cluster --image "kindest/node:$KIND_NODE_VERSION" --wait 5m | |
| echo "### Let's try to access our kind cluster via kubectl" | |
| kubectl get nodes | |
| - name: Install crossplane via Helm & install crossplane CLI | |
| run: | | |
| echo "### Install crossplane via Helm" | |
| helm dependency update crossplane-install | |
| helm upgrade --install crossplane --namespace crossplane-system crossplane-install --create-namespace | |
| echo "### Install crossplane CLI" | |
| curl -sL "https://raw.githubusercontent.com/crossplane/crossplane/master/install.sh" | sh | |
| sudo mv crossplane /usr/local/bin | |
| - name: Check crossplane status | |
| run: | | |
| helm list -n crossplane-system | |
| echo "### Wait for crossplane to become ready before installing Providers" | |
| kubectl wait --for=condition=ready pod -l app=crossplane --namespace crossplane-system --timeout=120s | |
| kubectl get all -n crossplane-system | |
| - name: Configure crossplane to access AWS (now using Upbound official AWS Provider Families) | |
| run: | | |
| echo "### Create aws-creds.conf file" | |
| echo "[default] | |
| aws_access_key_id = $AWS_ACCESS_KEY_ID | |
| aws_secret_access_key = $AWS_SECRET_ACCESS_KEY | |
| " > aws-creds.conf | |
| echo "### Create AWS Provider secret" | |
| kubectl create secret generic aws-creds -n crossplane-system --from-file=creds=./aws-creds.conf | |
| echo "### Install the crossplane Upbound AWS S3 Provider Family" | |
| kubectl apply -f upbound/provider-aws-s3/config/provider-aws-s3.yaml | |
| kubectl get provider.pkg.crossplane.io | |
| echo "### Wait until AWS Provider is up and running" | |
| kubectl wait --for=condition=healthy --timeout=180s provider/upbound-provider-aws-s3 | |
| echo "### Create ProviderConfig to consume the Secret containing AWS credentials" | |
| kubectl apply -f upbound/provider-aws-s3/config/provider-config-aws.yaml | |
| echo "### Get overall provider status" | |
| kubectl get provider | |
| # Not using kubectl apply -f upbound/provider-aws-s3/claim.yaml currently to prevent jobs from interfering with each other | |
| - name: Create XRD, Composition & Claim to create S3 Bucket (now using Upbound official AWS Provider Families) | |
| run: | | |
| echo "### Create CompositeResourceDefinition (XRD)" | |
| kubectl apply -f upbound/provider-aws-s3/definition.yaml | |
| kubectl get xrd | |
| echo "### Wait for XRD to become Offered" | |
| kubectl wait --for=condition=Offered --timeout=120s xrd xobjectstorages.crossplane.jonashackt.io | |
| echo "### Create Composition" | |
| kubectl apply -f upbound/provider-aws-s3/composition.yaml | |
| echo "### Create Claim, which should create S3 Bucket (inline here to prevent jobs from interfering with each other)" | |
| kubectl apply -f - <<EOF | |
| apiVersion: crossplane.jonashackt.io/v1alpha1 | |
| kind: ObjectStorage | |
| metadata: | |
| namespace: default | |
| name: managed-upbound-s3 | |
| spec: | |
| compositionRef: | |
| name: objectstorage-composition | |
| parameters: | |
| bucketName: "$BUCKET_NAME-${{ steps.split.outputs.branchbucketsuffix }}" | |
| region: eu-central-1 | |
| EOF | |
| echo "### Show crossplane overall status" | |
| kubectl get crossplane | |
| echo "### Trace status of AWS S3 Bucket" | |
| crossplane beta trace objectstorage.crossplane.jonashackt.io/managed-upbound-s3 -o wide | |
| echo "### Wait until Claim & XR (Composite) are ready (giving it 6mins, since resources consumption of the AWS Upbound provider seems to be way higher than the crossplane-contrib one)" | |
| kubectl wait --for=condition=ready --timeout=360s claim managed-upbound-s3 | |
| echo "### Trace status of AWS S3 Bucket" | |
| crossplane beta trace objectstorage.crossplane.jonashackt.io/managed-upbound-s3 -o wide | |
| - name: Upload index.html to S3 and check deployment works | |
| run: | | |
| echo "### Upload index.html to Bucket via AWS CLI" | |
| aws s3 sync static "s3://$BUCKET_NAME-${{ steps.split.outputs.branchbucketsuffix }}" --acl public-read | |
| echo "### Access S3 Bucket static website" | |
| curl "http://$BUCKET_NAME-${{ steps.split.outputs.branchbucketsuffix }}.s3-website.eu-central-1.amazonaws.com" | |
| - name: Delete index.html and remove Claim for S3 Bucket deletion | |
| run: | | |
| echo "### Delete index.html from S3 Bucket" | |
| aws s3 rm "s3://$BUCKET_NAME-${{ steps.split.outputs.branchbucketsuffix }}/index.html" | |
| echo "### Remove CompositeResourceClaim to delete S3 Bucket" | |
| kubectl delete -f upbound/provider-aws-s3/claim.yaml | |
| echo "### Give the deletion process some time by having a look into the crossplane status" | |
| kubectl get crossplane |