From 4718b160731484caa82c8a4fed8804fcf0bea5c8 Mon Sep 17 00:00:00 2001 From: Wiktor Chomik Date: Fri, 30 May 2025 09:49:45 +0200 Subject: [PATCH 01/12] feat: Testing multi-values helm charts --- .github/workflows/git-pr-status-checks.yml | 2 +- .../.ci.config.yaml | 24 ++++ .../values.dev.yaml | 104 ++++++++++++++++++ .../values.network.yaml | 104 ++++++++++++++++++ 4 files changed, 233 insertions(+), 1 deletion(-) create mode 100644 helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/.ci.config.yaml create mode 100644 helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/values.dev.yaml create mode 100644 helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/values.network.yaml diff --git a/.github/workflows/git-pr-status-checks.yml b/.github/workflows/git-pr-status-checks.yml index 5c94ce4..ce726c4 100644 --- a/.github/workflows/git-pr-status-checks.yml +++ b/.github/workflows/git-pr-status-checks.yml @@ -22,4 +22,4 @@ permissions: jobs: pr-status-check: - uses: "openmcp-project/blueprint-workflows/.github/workflows/git-pr-status-checks.yml@main" + uses: "openmcp-project/blueprint-workflows/.github/workflows/git-pr-status-checks.yml@feat/multi-values" diff --git a/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/.ci.config.yaml b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/.ci.config.yaml new file mode 100644 index 0000000..4737860 --- /dev/null +++ b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/.ci.config.yaml @@ -0,0 +1,24 @@ +# pipeline feature flags obsolete (Bash Scripts) +jfrog.sh: + enabled: true + +# pipeline feature flags +helm-docs: + enable: true +helm-chart-linting: + enable: true +helm-chart-validation: + enable: true +helm-chart-version-bump: + enable: true +helm-chart-dependency-update: + enable: true +k8s-manifest-templating: + enable: true + helm-charts: + default-manifest-templating: true # disables stanard helm mainfest templating + additional-manifest-templating: # define this if you want additional helm manifest folder e.g. dev.... + - prefix-manifest-folder-name: "dev" + value-files: + - "values.network.yaml" + - "values.dev.yaml" \ No newline at end of file diff --git a/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/values.dev.yaml b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/values.dev.yaml new file mode 100644 index 0000000..d3b3d18 --- /dev/null +++ b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/values.dev.yaml @@ -0,0 +1,104 @@ +--- +###################################################################################################################################### +tags: # see ./Chart.yaml @url: https://helm.sh/docs/topics/charts/#tags-and-condition-fields-in-dependencies + external-secrets-config: true + crossplane-provider-configs: true + crossplane-provider-sap-btp-account: true + crossplane-provider-sap-btp-environment: true +###################################################################################################################################### +external-secrets-config: + secretStores: + - name: "hashicorp-vault" + namespace: "default" + provider: + vault: + server: "https://vault.example/" + namespace: "openmcp/blueprints" + path: "mcps" + version: "v2" + auth: + kubernetes: + mountPath: "k8s-openmcp-blueprints" + role: "k8s-openmcp-role" + secretRef: + name: "vault-tokenreview-service-account" + namespace: "default" + key: "token" + externalSecret: + - name: "btp-account-mcp-blueprints" + namespace: "default" + refreshInterval: "15m" + targetSecretName: "btp-account-credentials" + secretStore: + name: "hashicorp-vault" + data: + - secretKey: btp-cis-provider-credentials + remoteRef: + key: "btp-endpoint.example/btp-account" + property: btp-cis-provider-credentials + - secretKey: btp-service-account-provider-credentials + remoteRef: + key: "btp-endpoint.example/btp-account" + property: btp-service-account-provider-credentials +###################################################################################################################################### +crossplane-provider-configs: + providerConfigs: + btpSapCrossplane: + - providerConfigRefName: "btp-account-provider-config" + globalAccountSubDomain: "exmpl" + cliServerUrl: "https://cli.btp.cloud.sap" + cisCredentials: + source: "Secret" + secretRef: + namespace: default + name: "btp-account-mcp-blueprints" + key: btp-cis-provider-credentials + serviceAccountSecret: + source: "Secret" + secretRef: + namespace: default + name: "btp-account-mcp-blueprints" + key: btp-service-account-provider-credentials +######################################################################################################### +crossplane-provider-sap-btp-account: + cfAdminEmails: &cfAdminEmails [] + subaccountAdminEmails: &subaccountAdminEmails [] + #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++# + btpEntitlements: &btpEntitlements + - name: "cis-local" + serviceName: cis + servicePlanName: local + permitNumericQuota: false + amount: 1 + #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++# + accounts: + - btpSapCrossplaneProviderConfigRefName: "btp-account-provider-config" + #-------------------------------------------------------------------------------------------------------------------------# + #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++# + subAccounts: + #-------------------------------------------------------------------------------------------------------------------------# + - name: "subAccount1" + forProvider: + displayName: "exmpl dev eu01" + description: "Open Orchestrator Managed Control Plane Blueprint PoC" + subdomain: "exmpl-dev-eu01" + region: "eu01" + subaccountAdminEmails: *subaccountAdminEmails + entitlements: *btpEntitlements + services: + serviceManager: true + cloudManagement: true + #-------------------------------------------------------------------------------------------------------------------------# +######################################################################################################### +crossplane-provider-sap-btp-environment: + cloudFoundryEnvironments: + - btpSapCrossplaneProviderConfigRefName: "btp-account-provider-config" + name: "test" + forProvider: + initialOrgManagers: *cfAdminEmails + landscape: "eu01" + cloudManagementRef: + name: "dev-eu01" + subaccountRef: + name: "dev-eu01" +######################################################################################################### \ No newline at end of file diff --git a/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/values.network.yaml b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/values.network.yaml new file mode 100644 index 0000000..d3b3d18 --- /dev/null +++ b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/values.network.yaml @@ -0,0 +1,104 @@ +--- +###################################################################################################################################### +tags: # see ./Chart.yaml @url: https://helm.sh/docs/topics/charts/#tags-and-condition-fields-in-dependencies + external-secrets-config: true + crossplane-provider-configs: true + crossplane-provider-sap-btp-account: true + crossplane-provider-sap-btp-environment: true +###################################################################################################################################### +external-secrets-config: + secretStores: + - name: "hashicorp-vault" + namespace: "default" + provider: + vault: + server: "https://vault.example/" + namespace: "openmcp/blueprints" + path: "mcps" + version: "v2" + auth: + kubernetes: + mountPath: "k8s-openmcp-blueprints" + role: "k8s-openmcp-role" + secretRef: + name: "vault-tokenreview-service-account" + namespace: "default" + key: "token" + externalSecret: + - name: "btp-account-mcp-blueprints" + namespace: "default" + refreshInterval: "15m" + targetSecretName: "btp-account-credentials" + secretStore: + name: "hashicorp-vault" + data: + - secretKey: btp-cis-provider-credentials + remoteRef: + key: "btp-endpoint.example/btp-account" + property: btp-cis-provider-credentials + - secretKey: btp-service-account-provider-credentials + remoteRef: + key: "btp-endpoint.example/btp-account" + property: btp-service-account-provider-credentials +###################################################################################################################################### +crossplane-provider-configs: + providerConfigs: + btpSapCrossplane: + - providerConfigRefName: "btp-account-provider-config" + globalAccountSubDomain: "exmpl" + cliServerUrl: "https://cli.btp.cloud.sap" + cisCredentials: + source: "Secret" + secretRef: + namespace: default + name: "btp-account-mcp-blueprints" + key: btp-cis-provider-credentials + serviceAccountSecret: + source: "Secret" + secretRef: + namespace: default + name: "btp-account-mcp-blueprints" + key: btp-service-account-provider-credentials +######################################################################################################### +crossplane-provider-sap-btp-account: + cfAdminEmails: &cfAdminEmails [] + subaccountAdminEmails: &subaccountAdminEmails [] + #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++# + btpEntitlements: &btpEntitlements + - name: "cis-local" + serviceName: cis + servicePlanName: local + permitNumericQuota: false + amount: 1 + #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++# + accounts: + - btpSapCrossplaneProviderConfigRefName: "btp-account-provider-config" + #-------------------------------------------------------------------------------------------------------------------------# + #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++# + subAccounts: + #-------------------------------------------------------------------------------------------------------------------------# + - name: "subAccount1" + forProvider: + displayName: "exmpl dev eu01" + description: "Open Orchestrator Managed Control Plane Blueprint PoC" + subdomain: "exmpl-dev-eu01" + region: "eu01" + subaccountAdminEmails: *subaccountAdminEmails + entitlements: *btpEntitlements + services: + serviceManager: true + cloudManagement: true + #-------------------------------------------------------------------------------------------------------------------------# +######################################################################################################### +crossplane-provider-sap-btp-environment: + cloudFoundryEnvironments: + - btpSapCrossplaneProviderConfigRefName: "btp-account-provider-config" + name: "test" + forProvider: + initialOrgManagers: *cfAdminEmails + landscape: "eu01" + cloudManagementRef: + name: "dev-eu01" + subaccountRef: + name: "dev-eu01" +######################################################################################################### \ No newline at end of file From 72020b1ba6ea262d9dd858afac8b6707b004a5d3 Mon Sep 17 00:00:00 2001 From: wchomik Date: Fri, 30 May 2025 07:51:03 +0000 Subject: [PATCH 02/12] chore(ci): update helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/Chart.yaml.version 0.0.25 -> 0.0.26 --- .../Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/Chart.yaml b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/Chart.yaml index 2968923..fca0a7f 100644 --- a/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/Chart.yaml +++ b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/Chart.yaml @@ -17,7 +17,7 @@ icon: "https://avatars.githubusercontent.com/u/2531208?s=200&v=4" # This is the chart version. This version number should be incremented each time # you make changes to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.25 +version: 0.0.26 # This is the version number of the application being deployed. This version # number should be incremented each time you make changes to the application. # Versions are not expected to follow Semantic Versioning. They should reflect From a4c21b242be5c7c71732d1df9d5ec77d4a4a00e9 Mon Sep 17 00:00:00 2001 From: wchomik Date: Fri, 30 May 2025 07:51:05 +0000 Subject: [PATCH 03/12] chore(ci): update Helm Chart helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/README.md file --- .../README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/README.md b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/README.md index 08a0000..9faf372 100644 --- a/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/README.md +++ b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/README.md @@ -2,7 +2,7 @@ # btp-cf-env-runtime -![Version: 0.0.25](https://img.shields.io/badge/Version-0.0.25-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) +![Version: 0.0.26](https://img.shields.io/badge/Version-0.0.26-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) A Umbrealla Helm chart which demonstrate orchestration of SAP BTP Cloud Foundry Environment. From 17bd1630c37e3ceedff9fc021dbc73b8ef8ed753 Mon Sep 17 00:00:00 2001 From: wchomik Date: Fri, 30 May 2025 07:51:58 +0000 Subject: [PATCH 04/12] chore(ci): k8s manifest templated for Helm Charts --- .../btp.sap.crossplane.io.yaml | 6 +- .../mcp/btp-accounts/sub-accounts.yaml | 10 +- .../btp-subscriptions/cloud-management.yaml | 2 +- .../mcp/btp-subscriptions/entitlements.yaml | 4 +- .../mcp/btp-subscriptions/servicemanager.yaml | 2 +- .../templates/cloud-foundry-environment.yaml | 19 + .../templates/external-secret.yaml | 4 +- .../templates/secret-store.yaml | 10 +- .../mcp/btp-subscriptions/servicemanager.yaml | 20 - .../templates/external-secret.yaml | 26 - .../templates/secret-store.yaml | 25 - .../services-binding-services-cloud-sap.yaml | 19 - .../services-instance-services-cloud-sap.yaml | 16 - .../mcp/btp-accounts/sub-accounts.yaml | 18 - .../mcp/btp-subscriptions/entitlements.yaml | 18 - .../btp.sap.crossplane.io.yaml | 24 - .../templates/external-secret.yaml | 26 - .../templates/secret-store.yaml | 25 - .../btp.sap.crossplane.io.yaml | 24 - .../custom-chart/templates/deployment.yaml | 50 -- .../custom-chart/templates/service.yaml | 22 - .../templates/tests/test-connection.yaml | 21 - .../templates/external-secret.yaml | 26 - .../templates/secret-store.yaml | 25 - .../templates/ValidatingAdmissionPolicy.yaml | 32 - .../ValidatingAdmissionPolicyBinding.yaml | 16 - .../btp.sap.crossplane.io.yaml | 24 - .../mcp/btp-accounts/sub-accounts.yaml | 36 - .../mcp/btp-subscriptions/entitlements.yaml | 36 - .../mcp/btp-subscriptions/subscription.yaml | 20 - .../btp.sap.crossplane.io.yaml | 24 - .../templates/pkg-crossplane-provider.yaml | 70 -- .../mcp/btp-accounts/sub-accounts.yaml | 18 - .../mcp/btp-subscriptions/entitlements.yaml | 18 - ...mpostions-apiextensions-crossplane-io.yaml | 822 ------------------ .../templates/eip-ec2-aws-upbound-io.yaml | 26 - .../internet-gateway-ec2-aws-upbound-io.yaml | 30 - ...-rable-association-ec2-aws-upbound-io.yaml | 16 - .../nat-gateway-ec2-aws-upbound-io.yaml | 40 - .../templates/route-ec2-aws-upbound-io.yaml | 17 - ...-table-association-ec2-aws-upbound-io.yaml | 76 -- .../route-table-ec2-aws-upbound-io.yaml | 30 - .../security-group-ec2-aws-upbound-io.yaml | 18 - ...ecurity-group-rule-ec2-aws-upbound-io.yaml | 42 - .../templates/subnet-ec2-aws-upbound-io.yaml | 146 ---- .../templates/vpc-ec2-aws-upbound-io.yaml | 48 - .../templates/cluster-eks-aws-upbound-io.yaml | 40 - .../node-group-eks-aws-upbound-io.yaml | 41 - .../templates/role-iam-aws-upbound-io.yaml | 38 - ...-policy-attachment-iam-aws-upbound-io.yaml | 28 - .../instance-rdr-aws-upbound-io.yaml | 34 - .../templates/external-secret.yaml | 26 - .../templates/secret-store.yaml | 24 - .../mcp/btp-accounts/sub-accounts.yaml | 18 - .../mcp/btp-subscriptions/entitlements.yaml | 18 - .../templates/secret-store.yaml | 25 - .../admin-kubeconfig-request.yaml | 21 - .../gardener-orchestrate-cloud-sap.yaml | 16 - .../providerConfigs/helm-crossplane-io.yaml | 16 - .../kubernetes-crossplane-io.yaml | 16 - .../templates/helm-release.yaml | 42 - .../templates/external-secret.yaml | 22 - .../gardener-shoot-cluster-gcp.yaml | 97 --- .../admin-kubeconfig-request.yaml | 18 - .../gardener-orchestrate-cloud-sap.yaml | 16 - .../providerConfigs/helm-crossplane-io.yaml | 16 - .../kubernetes-crossplane-io.yaml | 16 - .../templates/helm-release.yaml | 42 - .../templates/external-secret.yaml | 22 - .../templates/secret-store.yaml | 25 - 70 files changed, 38 insertions(+), 2686 deletions(-) rename manifests/{helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts => dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime}/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml (72%) rename manifests/{helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator => dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime}/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml (54%) rename manifests/{helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts => dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime}/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml (78%) rename manifests/{helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator => dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime}/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml (70%) rename manifests/{helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts => dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime}/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml (80%) create mode 100644 manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-environment/templates/cloud-foundry-environment.yaml rename manifests/{helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts => dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime}/charts/external-secrets-config/templates/external-secret.yaml (84%) rename manifests/{helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing => dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime}/charts/external-secrets-config/templates/secret-store.yaml (65%) delete mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml delete mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml delete mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml delete mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml delete mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml delete mode 100644 manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-definition/landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml delete mode 100644 manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-definition/landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml delete mode 100644 manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/external-secret.yaml delete mode 100644 manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/secret-store.yaml delete mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/deployment.yaml delete mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/service.yaml delete mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/tests/test-connection.yaml delete mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/external-secret.yaml delete mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/secret-store.yaml delete mode 100644 manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicy.yaml delete mode 100644 manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicyBinding.yaml delete mode 100644 manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml delete mode 100644 manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml delete mode 100644 manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/subscription.yaml delete mode 100644 manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml delete mode 100644 manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml delete mode 100644 manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/main-route-rable-association-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/cluster-eks-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/node-group-eks-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-iam-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-policy-attachment-iam-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-rdr/templates/instance-rdr-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/external-secret.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/secret-store.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-gardener-shoot-kubeconfigs/templates/mcp-manifests/admin-kubeconfig-request.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-helm/templates/helm-release.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/external-secret.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/garden-manifests/gardener-shoot-cluster-gcp.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/mcp-manifests/admin-kubeconfig-request.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-helm/templates/helm-release.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/external-secret.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/secret-store.yaml diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml similarity index 72% rename from manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml rename to manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml index 2156990..05c21c9 100644 --- a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +++ b/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml @@ -1,15 +1,15 @@ --- -# Source: provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +# Source: btp-cf-env-runtime/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml apiVersion: btp.sap.crossplane.io/v1alpha1 kind: ProviderConfig metadata: - name: "provider-config-ref-name-btp-account-mcp-blueprints" + name: "btp-account-provider-config" labels: openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" openmcp.cloud/blueprint-building-block-version: "0.0.18" spec: cliServerUrl: "https://cli.btp.cloud.sap" - globalAccount: "globalaccountsubdomain" + globalAccount: "exmpl" cisCredentials: secretRef: key: btp-cis-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml b/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml similarity index 54% rename from manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml rename to manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml index a78b2b5..4079d4d 100644 --- a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +++ b/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml @@ -1,5 +1,5 @@ --- -# Source: btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +# Source: btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml apiVersion: account.btp.sap.crossplane.io/v1alpha1 kind: Subaccount metadata: @@ -9,10 +9,10 @@ metadata: openmcp.cloud/blueprint-building-block-version: "0.0.9" spec: forProvider: - description: Open Managed Control Plane Blueprint - displayName: dev-eu01 + description: Open Orchestrator Managed Control Plane Blueprint PoC + displayName: exmpl dev eu01 region: eu01 subaccountAdminEmails: [] - subdomain: dev-eu01 + subdomain: exmpl-dev-eu01 providerConfigRef: - name: "btpSapCrossplaneProviderConfigRefName" + name: "btp-account-provider-config" diff --git a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml b/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml similarity index 78% rename from manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml rename to manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml index a1ed4bd..f584e0c 100644 --- a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml +++ b/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml @@ -1,5 +1,5 @@ --- -# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml +# Source: btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml apiVersion: account.btp.sap.crossplane.io/v1alpha1 kind: CloudManagement metadata: diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml b/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml similarity index 70% rename from manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml rename to manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml index 33d8bf1..1ee7044 100644 --- a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +++ b/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml @@ -1,5 +1,5 @@ --- -# Source: btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +# Source: btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml apiVersion: account.btp.sap.crossplane.io/v1alpha1 kind: Entitlement metadata: @@ -15,4 +15,4 @@ spec: subaccountRef: name: subaccount1 providerConfigRef: - name: "btpSapCrossplaneProviderConfigRefName" + name: "btp-account-provider-config" diff --git a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml b/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml similarity index 80% rename from manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml rename to manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml index 3664c61..e763137 100644 --- a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml +++ b/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml @@ -1,5 +1,5 @@ --- -# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml +# Source: btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml apiVersion: account.btp.sap.crossplane.io/v1beta1 kind: ServiceManager metadata: diff --git a/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-environment/templates/cloud-foundry-environment.yaml b/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-environment/templates/cloud-foundry-environment.yaml new file mode 100644 index 0000000..b3886d6 --- /dev/null +++ b/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-environment/templates/cloud-foundry-environment.yaml @@ -0,0 +1,19 @@ +--- +# Source: btp-cf-env-runtime/charts/crossplane-provider-sap-btp-environment/templates/cloud-foundry-environment.yaml +apiVersion: environment.btp.sap.crossplane.io/v1alpha1 +kind: CloudFoundryEnvironment +metadata: + name: btp-account-provider-config-test + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-environment" + openmcp.cloud/blueprint-building-block-version: "0.0.15" +spec: + providerConfigRef: + name: btp-account-provider-config + forProvider: + initialOrgManagers: [] + landscape: eu01 + cloudManagementRef: + name: dev-eu01 + subaccountRef: + name: dev-eu01 diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml b/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/external-secrets-config/templates/external-secret.yaml similarity index 84% rename from manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml rename to manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/external-secrets-config/templates/external-secret.yaml index edf3f2a..c592d40 100644 --- a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml +++ b/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/external-secrets-config/templates/external-secret.yaml @@ -1,5 +1,5 @@ --- -# Source: provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml +# Source: btp-cf-env-runtime/charts/external-secrets-config/templates/external-secret.yaml apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: @@ -14,7 +14,7 @@ spec: name: "hashicorp-vault" kind: "SecretStore" target: - name: "btp-account-mcp-blueprints" + name: "btp-account-credentials" data: - remoteRef: key: btp-endpoint.example/btp-account diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/secret-store.yaml b/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/external-secrets-config/templates/secret-store.yaml similarity index 65% rename from manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/secret-store.yaml rename to manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/external-secrets-config/templates/secret-store.yaml index 59b327f..02de3fa 100644 --- a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/secret-store.yaml +++ b/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/external-secrets-config/templates/secret-store.yaml @@ -1,5 +1,5 @@ --- -# Source: provider-gardener-existing/charts/external-secrets-config/templates/secret-store.yaml +# Source: btp-cf-env-runtime/charts/external-secrets-config/templates/secret-store.yaml apiVersion: external-secrets.io/v1beta1 kind: SecretStore metadata: @@ -13,13 +13,13 @@ spec: vault: auth: kubernetes: - mountPath: kubernetes - role: openmcp-kubernetes + mountPath: k8s-openmcp-blueprints + role: k8s-openmcp-role secretRef: key: token - name: vault-token-sa + name: vault-tokenreview-service-account namespace: default - namespace: ns1 + namespace: openmcp/blueprints path: mcps server: https://vault.example/ version: v2 diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml deleted file mode 100644 index 6689b29..0000000 --- a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -# Source: btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml -apiVersion: account.btp.sap.crossplane.io/v1beta1 -kind: ServiceManager -metadata: - name: subaccount1 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - writeConnectionSecretToRef: - # !!! TODO: Make this configurable !!! - name: btp-service-manager-btpSapCrossplaneProviderConfigRefName-subaccount1 - # !!! TODO: Make this configurable !!! - namespace: default - forProvider: - subaccountRef: - name: subaccount1 - providerConfigRef: - name: "btpSapCrossplaneProviderConfigRefName" diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml deleted file mode 100644 index 5409f7d..0000000 --- a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# Source: btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: "btp-account" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - refreshInterval: "15m" - secretStoreRef: - name: "hashicorp-vault" - kind: "SecretStore" - target: - name: "btp-account" - data: - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-cis-provider-credentials - secretKey: btp-cis-provider-credentials - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-service-account-provider-credentials - secretKey: btp-service-account-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml deleted file mode 100644 index 8fe474b..0000000 --- a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -# Source: btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml -apiVersion: external-secrets.io/v1beta1 -kind: SecretStore -metadata: - name: "hashicorp-vault" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - provider: - vault: - auth: - kubernetes: - mountPath: kubernetes - role: openmcp-kubernetes - secretRef: - key: token - name: vault-token-sa - namespace: default - namespace: ns1 - path: mcps - server: https://vault.example/ - version: v2 diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml deleted file mode 100644 index b028d57..0000000 --- a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml +++ /dev/null @@ -1,19 +0,0 @@ ---- -# Source: btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml -apiVersion: services.cloud.sap.com/v1alpha1 -kind: ServiceBinding -metadata: - name: hana-binding - namespace: default - labels: - openmcp.cloud/blueprint-building-block: "sap-btp-services" - openmcp.cloud/blueprint-building-block-version: "0.0.12" -spec: - serviceInstanceName: hana-cloud - secretName: hana-binding-secret - parameters: - [] - credentialsRotationPolicy: - enabled: false - rotatedBindingTTL: 1s - rotationFrequency: 1s diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml deleted file mode 100644 index 5d8d94f..0000000 --- a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml -apiVersion: services.cloud.sap.com/v1alpha1 -kind: ServiceInstance -metadata: - name: hana-cloud - namespace: default - labels: - openmcp.cloud/blueprint-building-block: "sap-btp-services" - openmcp.cloud/blueprint-building-block-version: "0.0.12" -spec: - serviceOfferingName: hana-cloud - servicePlanName: hana - parameters: - "data:\n memory: 48\n vcpu: 12\n systempassword: Cloud-12345! \n whitelistIPs:\n - \ - 127.0.0.1/0\n enabledservices:\n scriptserver: true\n edition: cloud\n" diff --git a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-definition/landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-definition/landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml deleted file mode 100644 index 51ca774..0000000 --- a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-definition/landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Subaccount -metadata: - name: subaccount1 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - description: Sub Account managed by Open MCP & IaD - displayName: Open Managed Control Plane Blueprint Sub-Account - region: eu01 - subaccountAdminEmails: [] - subdomain: dev-eu01 - providerConfigRef: - name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-definition/landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-definition/landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml deleted file mode 100644 index 66bead4..0000000 --- a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-definition/landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Entitlement -metadata: - name: auditlog-oauth2 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - serviceName: auditlog-management - servicePlanName: default - amount: 1 - subaccountRef: - name: subaccount1 - providerConfigRef: - name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml deleted file mode 100644 index f137ac3..0000000 --- a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -# Source: landscape-provider-cfgs-credentials/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml -apiVersion: btp.sap.crossplane.io/v1alpha1 -kind: ProviderConfig -metadata: - name: "provider-config-ref-name-btp-account-mcp-blueprints" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - cliServerUrl: "https://cli.btp.cloud.sap" - globalAccount: "globalaccountsubdomain" - cisCredentials: - secretRef: - key: btp-cis-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret - serviceAccountSecret: - secretRef: - key: btp-service-account-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/external-secret.yaml deleted file mode 100644 index 190fd33..0000000 --- a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/external-secret.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# Source: landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/external-secret.yaml -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: "btp-account-mcp-blueprints" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - refreshInterval: "15m" - secretStoreRef: - name: "hashicorp-vault" - kind: "SecretStore" - target: - name: "btp-account-mcp-blueprints" - data: - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-cis-provider-credentials - secretKey: btp-cis-provider-credentials - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-service-account-provider-credentials - secretKey: btp-service-account-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/secret-store.yaml deleted file mode 100644 index ec55947..0000000 --- a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/secret-store.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -# Source: landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/secret-store.yaml -apiVersion: external-secrets.io/v1beta1 -kind: SecretStore -metadata: - name: "hashicorp-vault" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - provider: - vault: - auth: - kubernetes: - mountPath: kubernetes - role: mcp-blueprints - secretRef: - key: token - name: vault-token-sa - namespace: default - namespace: ns1 - path: k8s-clusters - server: https://vault.example/ - version: v2 diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml deleted file mode 100644 index 334306c..0000000 --- a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -# Source: include-custom-helm-charts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml -apiVersion: btp.sap.crossplane.io/v1alpha1 -kind: ProviderConfig -metadata: - name: "provider-config-ref-name-btp-account-mcp-blueprints" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - cliServerUrl: "https://cli.btp.cloud.sap" - globalAccount: "globalaccountsubdomain" - cisCredentials: - secretRef: - key: btp-cis-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret - serviceAccountSecret: - secretRef: - key: btp-service-account-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/deployment.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/deployment.yaml deleted file mode 100644 index c321e27..0000000 --- a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/deployment.yaml +++ /dev/null @@ -1,50 +0,0 @@ ---- -# Source: include-custom-helm-charts/charts/custom-chart/templates/deployment.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: helm-release-name-custom-chart - labels: - helm.sh/chart: custom-chart-0.0.2 - app.kubernetes.io/name: custom-chart - app.kubernetes.io/instance: helm-release-name - app.kubernetes.io/version: "1.16.0" - app.kubernetes.io/managed-by: Helm -spec: - replicas: 2 - selector: - matchLabels: - app.kubernetes.io/name: custom-chart - app.kubernetes.io/instance: helm-release-name - template: - metadata: - labels: - helm.sh/chart: custom-chart-0.0.2 - app.kubernetes.io/name: custom-chart - app.kubernetes.io/instance: helm-release-name - app.kubernetes.io/version: "1.16.0" - app.kubernetes.io/managed-by: Helm - spec: - serviceAccountName: default - securityContext: - {} - containers: - - name: custom-chart - securityContext: - {} - image: "nginx:1.16.0" - imagePullPolicy: Always - ports: - - name: http - containerPort: 80 - protocol: TCP - livenessProbe: - httpGet: - path: / - port: http - readinessProbe: - httpGet: - path: / - port: http - resources: - {} diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/service.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/service.yaml deleted file mode 100644 index 480ffc9..0000000 --- a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/service.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -# Source: include-custom-helm-charts/charts/custom-chart/templates/service.yaml -apiVersion: v1 -kind: Service -metadata: - name: helm-release-name-custom-chart - labels: - helm.sh/chart: custom-chart-0.0.2 - app.kubernetes.io/name: custom-chart - app.kubernetes.io/instance: helm-release-name - app.kubernetes.io/version: "1.16.0" - app.kubernetes.io/managed-by: Helm -spec: - type: ClusterIP - ports: - - port: 80 - targetPort: http - protocol: TCP - name: http - selector: - app.kubernetes.io/name: custom-chart - app.kubernetes.io/instance: helm-release-name diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/tests/test-connection.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/tests/test-connection.yaml deleted file mode 100644 index c93abe6..0000000 --- a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/tests/test-connection.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -# Source: include-custom-helm-charts/charts/custom-chart/templates/tests/test-connection.yaml -apiVersion: v1 -kind: Pod -metadata: - name: "helm-release-name-custom-chart-test-connection" - labels: - helm.sh/chart: custom-chart-0.0.2 - app.kubernetes.io/name: custom-chart - app.kubernetes.io/instance: helm-release-name - app.kubernetes.io/version: "1.16.0" - app.kubernetes.io/managed-by: Helm - annotations: - "helm.sh/hook": test -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['helm-release-name-custom-chart:80'] - restartPolicy: Never diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/external-secret.yaml deleted file mode 100644 index a0990fc..0000000 --- a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/external-secret.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# Source: include-custom-helm-charts/charts/external-secrets-config/templates/external-secret.yaml -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: "btp-account-mcp-blueprints" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - refreshInterval: "15m" - secretStoreRef: - name: "hashicorp-vault" - kind: "SecretStore" - target: - name: "btp-account-mcp-blueprints" - data: - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-cis-provider-credentials - secretKey: btp-cis-provider-credentials - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-service-account-provider-credentials - secretKey: btp-service-account-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/secret-store.yaml deleted file mode 100644 index a5989e8..0000000 --- a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/secret-store.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -# Source: include-custom-helm-charts/charts/external-secrets-config/templates/secret-store.yaml -apiVersion: external-secrets.io/v1beta1 -kind: SecretStore -metadata: - name: "hashicorp-vault" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - provider: - vault: - auth: - kubernetes: - mountPath: kubernetes - role: mcp-blueprints - secretRef: - key: token - name: vault-token-sa - namespace: default - namespace: ns1 - path: k8s-clusters - server: https://vault.example/ - version: v2 diff --git a/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicy.yaml b/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicy.yaml deleted file mode 100644 index f1bb076..0000000 --- a/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicy.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -# Source: k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicy.yaml -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingAdmissionPolicy -metadata: - name: crossplane-helm-provider-config-if-secret-exists - labels: - openmcp.cloud/blueprint-building-block: "k8s-validating-admission-policy" - openmcp.cloud/blueprint-building-block-version: "0.0.5" -spec: - failurePolicy: Fail - matchConstraints: - resourceRules: - - apiGroups: - - "" - apiVersions: - - v1 - operations: - - DELETE - resources: - - secrets - paramKind: - apiVersion: helm.crossplane.io/v1beta1 - kind: ProviderConfig - validations: - - expression: "( \nhas(params.spec) && \nhas(params.spec.credentials) && \nhas(params.spec.credentials.secretRef) - && \nhas(params.spec.credentials.secretRef.name) && \noldObject.metadata.name - != params.spec.credentials.secretRef.name &&\noldObject.metadata.namespace != - params.spec.credentials.secretRef.namespace\n)\n" - messageExpression: '''Secret %s cannot be deleted because its referenced in Kind:%s - (%s) %s''.format([oldObject.metadata.name,params.kind,params.apiVersion,params.metadata.name])' - reason: Invalid diff --git a/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicyBinding.yaml b/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicyBinding.yaml deleted file mode 100644 index c63c7fc..0000000 --- a/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicyBinding.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicyBinding.yaml -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingAdmissionPolicyBinding -metadata: - name: crossplane-helm-provider-config-secret-binding - labels: - openmcp.cloud/blueprint-building-block: "k8s-validating-admission-policy" - openmcp.cloud/blueprint-building-block-version: "0.0.5" -spec: - paramRef: - parameterNotFoundAction: Allow - selector: {} - policyName: crossplane-helm-provider-config-if-secret-exists - validationActions: - - Deny diff --git a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml deleted file mode 100644 index 12c9fda..0000000 --- a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml -apiVersion: btp.sap.crossplane.io/v1alpha1 -kind: ProviderConfig -metadata: - name: "btp-account-provider-config" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - cliServerUrl: "https://cli.btp.cloud.sap" - globalAccount: "example1-aabb-1234-o987-3xampl3qwer6" - cisCredentials: - secretRef: - key: data - name: cis-provider-secret - namespace: default - source: Secret - serviceAccountSecret: - secretRef: - key: credentials - name: sa-provider-secret - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml deleted file mode 100644 index d21c16d..0000000 --- a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +++ /dev/null @@ -1,36 +0,0 @@ ---- -# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Subaccount -metadata: - name: subaccount1 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - description: 'Sub Account managed by OpenMCP & IaD from OpenMCP #2' - displayName: 'MCP #1 Blueprint Sub-Account #1' - region: eu01 - subaccountAdmins: [] - subdomain: blueprint-test-1 - providerConfigRef: - name: "btp-account-provider-config" ---- -# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Subaccount -metadata: - name: subaccount2 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - description: 'Sub Account managed by OpenMCP & IaD from OpenMCP #2 new' - displayName: 'MCP #1 Blueprint Sub-Account #2' - region: eu01 - subaccountAdmins: [] - subdomain: blueprint-test-2 - providerConfigRef: - name: "btp-account-provider-config" diff --git a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml deleted file mode 100644 index b5baa51..0000000 --- a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +++ /dev/null @@ -1,36 +0,0 @@ ---- -# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Entitlement -metadata: - name: auditlog-viewer - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - serviceName: auditlog-viewer - servicePlanName: free - enable: true - subaccountRef: - name: subaccount1 - providerConfigRef: - name: "btp-account-provider-config" ---- -# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Entitlement -metadata: - name: cis-local - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - serviceName: cis - servicePlanName: local - enable: true - subaccountRef: - name: subaccount1 - providerConfigRef: - name: "btp-account-provider-config" diff --git a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/subscription.yaml b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/subscription.yaml deleted file mode 100644 index 7b07fd4..0000000 --- a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/subscription.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/subscription.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Subscription -metadata: - name: subaccount1-auditlog-viewer - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - providerConfigRef: - name: btp-account-provider-config - forProvider: - appName: auditlog-viewer - planName: free - cloudManagementRef: - name: subaccount1 - writeConnectionSecretToRef: - name: auditlog-viewer - namespace: default diff --git a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml deleted file mode 100644 index e7cb133..0000000 --- a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml -apiVersion: btp.sap.crossplane.io/v1alpha1 -kind: ProviderConfig -metadata: - name: "provider-config-ref-name-btp-account-mcp-blueprints" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - cliServerUrl: "https://cli.btp.cloud.sap" - globalAccount: "globalaccountsubdomain" - cisCredentials: - secretRef: - key: btp-cis-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret - serviceAccountSecret: - secretRef: - key: btp-service-account-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml b/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml deleted file mode 100644 index 67a9ebb..0000000 --- a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml +++ /dev/null @@ -1,70 +0,0 @@ ---- -# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml -apiVersion: pkg.crossplane.io/v1 -kind: Provider -metadata: - name: provider-ias - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-pkgs" - openmcp.cloud/blueprint-building-block-version: "0.0.13" -spec: - package: ocm/crossplane/provider-ias:0.2.2 - packagePullPolicy: IfNotPresent - packagePullSecrets: - - name: pull-secret ---- -# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml -apiVersion: pkg.crossplane.io/v1 -kind: Provider -metadata: - name: provider-gardener-auth - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-pkgs" - openmcp.cloud/blueprint-building-block-version: "0.0.13" -spec: - package: ocm/crossplane/provider-gardener-auth:0.0.4 - packagePullPolicy: IfNotPresent - packagePullSecrets: - - name: pull-secret ---- -# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml -apiVersion: pkg.crossplane.io/v1 -kind: Provider -metadata: - name: provider-kubernetes - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-pkgs" - openmcp.cloud/blueprint-building-block-version: "0.0.13" -spec: - package: xpkg.upbound.io/crossplane-contrib/provider-kubernetes:v0.15.0 - packagePullPolicy: IfNotPresent - packagePullSecrets: - - name: pull-secret ---- -# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml -apiVersion: pkg.crossplane.io/v1 -kind: Provider -metadata: - name: provider-helm - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-pkgs" - openmcp.cloud/blueprint-building-block-version: "0.0.13" -spec: - package: xpkg.upbound.io/crossplane-contrib/provider-helm:v0.19.0 - packagePullPolicy: IfNotPresent - packagePullSecrets: - - name: pull-secret ---- -# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml -apiVersion: pkg.crossplane.io/v1 -kind: Provider -metadata: - name: provider-btp - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-pkgs" - openmcp.cloud/blueprint-building-block-version: "0.0.13" -spec: - package: ghcr.io/sap/crossplane-provider-btp/crossplane/provider-btp:v1.0.2 - packagePullPolicy: IfNotPresent - packagePullSecrets: - - name: pull-secret diff --git a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml b/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml deleted file mode 100644 index 33588e0..0000000 --- a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Subaccount -metadata: - name: subaccount1 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - description: Sub Account managed by OpenMCP & IaD - displayName: CO Managed Control Plane Blueprint Sub-Account - region: eu01 - subaccountAdminEmails: [] - subdomain: mcp-blueprint-test-1 - providerConfigRef: - name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml b/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml deleted file mode 100644 index 2a19a4b..0000000 --- a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Entitlement -metadata: - name: auditlog-oauth2 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - serviceName: auditlog-management - servicePlanName: default - amount: 1 - subaccountRef: - name: subaccount1 - providerConfigRef: - name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml deleted file mode 100644 index 533e29c..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml +++ /dev/null @@ -1,822 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml -apiVersion: apiextensions.crossplane.io/v1 -kind: Composition -metadata: - name: nosqls.aws.api.example -spec: - compositeTypeRef: - apiVersion: aws.api.example/v1alpha1 - kind: NoSQL - resources: - - base: - apiVersion: s3.aws.upbound.io/v1beta1 - kind: Bucket - metadata: - name: basic-bucket - spec: - forProvider: - region: east-2 - providerConfigRef: - name: default - name: s3Bucket - patches: - - fromFieldPath: spec.location - toFieldPath: spec.forProvider.region - transforms: - - map: - EU: eu-north-1 - US: east-2 - type: map - type: FromCompositeFieldPath - - base: - apiVersion: dynamodb.aws.upbound.io/v1beta1 - kind: Table - metadata: - name: nosql-database - spec: - forProvider: - attribute: - - name: S3ID - type: S - hashKey: S3ID - readCapacity: 1 - region: east-2 - writeCapacity: 1 - name: dynamoDB - patches: - - fromFieldPath: spec.location - toFieldPath: spec.forProvider.region - transforms: - - map: - EU: eu-north-1 - US: east-2 - type: map - type: FromCompositeFieldPath ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml -apiVersion: apiextensions.crossplane.io/v1 -kind: Composition -metadata: - name: eks-cluster -spec: - compositeTypeRef: - apiVersion: api.example/v1alpha1 - kind: EKSCluster - mode: "Pipeline" - writeConnectionSecretsToNamespace: "crossplane-system" - pipeline: - - functionRef: - name: patch-and-transform - input: - apiVersion: pt.fn.crossplane.io/v1beta1 - kind: Resources - patchSets: - - name: common-parameters - patches: - - fromFieldPath: spec.parameters.region - toFieldPath: spec.forProvider.region - type: FromCompositeFieldPath - resources: - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: VPC - spec: - forProvider: - enableDnsHostnames: true - enableDnsSupport: true - providerConfigRef: - name: dev-aws - name: vpc - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.vpc-cidrBlock - toFieldPath: spec.forProvider.cidrBlock - type: FromCompositeFieldPath - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: InternetGateway - metadata: - labels: - type: igw - spec: - forProvider: - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: internetgateway - patches: - - patchSetName: common-parameters - type: PatchSet - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: Subnet - metadata: - labels: - type: subnet - visibility: public - spec: - forProvider: - mapPublicIpOnLaunch: true - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: subnet-public-1 - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.subnet1-public-cidrBlock - toFieldPath: spec.forProvider.cidrBlock - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.subnet1-public-availabilityZone - toFieldPath: spec.forProvider.availabilityZone - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.subnet1-public-availabilityZone - toFieldPath: metadata.labels.zone - type: FromCompositeFieldPath - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: Subnet - metadata: - labels: - type: subnet - visibility: public - spec: - forProvider: - mapPublicIpOnLaunch: true - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: subnet-public-2 - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.subnet2-public-cidrBlock - toFieldPath: spec.forProvider.cidrBlock - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.subnet2-public-availabilityZone - toFieldPath: spec.forProvider.availabilityZone - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.subnet2-public-availabilityZone - toFieldPath: metadata.labels.zone - type: FromCompositeFieldPath - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: Subnet - metadata: - labels: - type: subnet - visibility: private - spec: - forProvider: - mapPublicIpOnLaunch: false - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: subnet-private-1 - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.subnet1-private-cidrBlock - toFieldPath: spec.forProvider.cidrBlock - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.subnet1-private-availabilityZone - toFieldPath: spec.forProvider.availabilityZone - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.subnet1-private-availabilityZone - toFieldPath: metadata.labels.zone - type: FromCompositeFieldPath - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: Subnet - metadata: - labels: - type: subnet - visibility: private - spec: - forProvider: - mapPublicIpOnLaunch: false - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: subnet-private-2 - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.subnet2-private-cidrBlock - toFieldPath: spec.forProvider.cidrBlock - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.subnet2-private-availabilityZone - toFieldPath: spec.forProvider.availabilityZone - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.subnet2-private-availabilityZone - toFieldPath: metadata.labels.zone - type: FromCompositeFieldPath - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: EIP - metadata: - labels: - type: eip-1 - spec: - forProvider: - domain: vpc - providerConfigRef: - name: dev-aws - name: elastic-ip-1 - patches: - - patchSetName: common-parameters - type: PatchSet - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: EIP - metadata: - labels: - type: eip-2 - spec: - forProvider: - domain: vpc - providerConfigRef: - name: dev-aws - name: elastic-ip-2 - patches: - - patchSetName: common-parameters - type: PatchSet - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: NATGateway - metadata: - labels: - type: natgw-1 - spec: - forProvider: - allocationIdSelector: - matchLabels: - type: eip-1 - subnetIdSelector: - matchLabels: - type: subnet - visibility: public - providerConfigRef: - name: dev-aws - name: natgateway-1 - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.subnet1-public-availabilityZone - toFieldPath: spec.forProvider.subnetIdSelector.matchLabels.zone - type: FromCompositeFieldPath - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: NATGateway - metadata: - labels: - type: natgw-2 - spec: - forProvider: - allocationIdSelector: - matchLabels: - type: eip-2 - subnetIdSelector: - matchLabels: - type: subnet - visibility: public - providerConfigRef: - name: dev-aws - name: natgateway-2 - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.subnet2-public-availabilityZone - toFieldPath: spec.forProvider.subnetIdSelector.matchLabels.zone - type: FromCompositeFieldPath - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: RouteTable - spec: - forProvider: - region: PATCHED - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: routetable-public - patches: - - patchSetName: common-parameters - type: PatchSet - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: RouteTable - spec: - forProvider: - region: PATCHED - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: routetable-private-1 - patches: - - patchSetName: common-parameters - type: PatchSet - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: RouteTable - spec: - forProvider: - region: PATCHED - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: routetable-private-2 - patches: - - patchSetName: common-parameters - type: PatchSet - - base: - apiVersion: eks.aws.upbound.io/v1beta1 - kind: Cluster - spec: - forProvider: - vpcConfig: - - endpointPrivateAccess: false - endpointPublicAccess: true - subnetIdSelector: - matchLabels: - type: subnet - visibility: private - providerConfigRef: - name: dev-aws - writeConnectionSecretToRef: - name: dev-connection-secret - namespace: crossplane-system - connectionDetails: - - fromConnectionSecretKey: kubeconfig - name: kubeconfig-value - type: FromConnectionSecretKey - name: eks-cluster - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.k8s-version - toFieldPath: spec.forProvider.version - type: FromCompositeFieldPath - - fromFieldPath: metadata.uid - toFieldPath: spec.writeConnectionSecretToRef.name - transforms: - - string: - fmt: '%s-ekscluster-connection' - type: Format - type: string - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.cluster-role - toFieldPath: spec.forProvider.roleArn - type: FromCompositeFieldPath - - base: - apiVersion: iam.aws.upbound.io/v1beta1 - kind: Role - spec: - forProvider: - assumeRolePolicy: | - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": { - "Service": "eks.amazonaws.com" - }, - "Action": "sts:AssumeRole" - } - ] - } - providerConfigRef: - name: dev-aws - name: role - - base: - apiVersion: iam.aws.upbound.io/v1beta1 - kind: RolePolicyAttachment - spec: - forProvider: - policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy - roleSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: rolePolicyAttachment - - base: - apiVersion: eks.aws.upbound.io/v1beta1 - kind: NodeGroup - spec: - forProvider: - clusterNameSelector: - matchControllerRef: true - instanceTypes: - - t3.medium - scalingConfig: - - minSize: 1 - subnetIdSelector: - matchControllerRef: true - matchLabels: - type: subnet - visibility: private - providerConfigRef: - name: dev-aws - name: eks-nodegroup - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.workers-size - toFieldPath: spec.forProvider.scalingConfig[0].desiredSize - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.workers-size - toFieldPath: spec.forProvider.scalingConfig[0].maxSize - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.workload-type - toFieldPath: spec.forProvider.amiType - transforms: - - map: - gpu: x86_GPU - non-gpu: x86 - type: map - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.workernode-role - toFieldPath: spec.forProvider.nodeRoleArn - type: FromCompositeFieldPath - step: patch-and-transform ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml -apiVersion: apiextensions.crossplane.io/v1 -kind: Composition -metadata: - name: vpc -spec: - compositeTypeRef: - apiVersion: api.example/v1alpha1 - kind: XVPC - mode: "Pipeline" - pipeline: - - functionRef: - name: go-templating - input: - apiVersion: gotemplating.fn.crossplane.io/v1beta1 - inline: - template: | - {{ $claimNamespace := index $.observed.composite.resource.metadata.labels "crossplane.io/claim-namespace" }} - {{ $tenantAwsProviderConfigRef := printf "%s-aws" $claimNamespace }} - {{ $params := get .observed.composite.resource.spec "parameters" | default dict }} - --- - apiVersion: ec2.aws.crossplane.io/v1beta1 - kind: VPC - metadata: - annotations: - {{ setResourceNameAnnotation "vpc" }} - crossplane.io/external-name: {{ get $params "id" | default ( print $claimNamespace "-vpc" ) }} - spec: - forProvider: - region: {{ get $params "region" | default "east-1" }} - vpcCidrBlock: {{ get $params "vpcCIDRBlock" | default "192.168.0.0/16" }} - enableDnsSupport: true - enableDnsHostNames: true - instanceTenancy: default - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef }} - kind: GoTemplate - source: Inline - step: compose-resources ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml -apiVersion: apiextensions.crossplane.io/v1 -kind: Composition -metadata: - name: rdsinstance -spec: - compositeTypeRef: - apiVersion: api.example/v1alpha1 - kind: XRDSInstance - mode: "Pipeline" - pipeline: - - functionRef: - name: go-templating - input: - apiVersion: gotemplating.fn.crossplane.io/v1beta1 - inline: - template: | - {{ $claimNamespace := index $.observed.composite.resource.metadata.labels "crossplane.io/claim-namespace" }} - {{ $claimNamespaceTrimmed := $claimNamespace | replace "-" "" }} - {{ $tenantAwsProviderConfigRef := printf "%s-aws" $claimNamespace }} - {{ $params := get .observed.composite.resource.spec "parameters" | default dict }} - --- - apiVersion: rds.aws.upbound.io/v1beta2 - kind: Instance - metadata: - annotations: - {{ setResourceNameAnnotation "rdsInstance" }} - crossplane.io/external-name: {{ get $params "id" | default ( print $claimNamespace "-rds-instance" ) }} - spec: - forProvider: - allocatedStorage: {{ get $params "storage" | default 20 }} - autoGeneratePassword: true - autoMinorVersionUpgrade: true - backupRetentionPeriod: 14 - backupWindow: "09:46-10:16" - dbName: {{ get $params "name" | default ( print $claimNamespaceTrimmed "db" ) }} - engine: postgres - engineVersion: "16.1" # 16.3? console shows RDS 16.1-R2 (PostgreSQL 13.1-R2) - instanceClass: {{ printf "db.t3.%s" (get $params "size" | default "micro") }} - maintenanceWindow: Mon:00:00-Mon:03:00 - passwordSecretRef: - key: password - name: {{ printf "%s-rds-root" $claimNamespace }} - namespace: {{ $claimNamespace }} - publiclyAccessible: false - region: {{ printf "%s-1" (get $params "region" | default "east") }} - skipFinalSnapshot: true - storageEncrypted: true - storageType: gp2 - username: adminuser - writeConnectionSecretToRef: - name: {{ printf "%s-rds-connection-details" $claimNamespace }} - namespace: {{ $claimNamespace }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef }} - kind: GoTemplate - source: Inline - step: compose-resources ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml -apiVersion: apiextensions.crossplane.io/v1 -kind: Composition -metadata: - name: eksnetwork.api.example -spec: - compositeTypeRef: - apiVersion: api.example/v1alpha1 - kind: XEKSNetwork - mode: "Pipeline" - pipeline: - - functionRef: - name: go-templating - input: - apiVersion: gotemplating.fn.crossplane.io/v1beta1 - inline: - template: | - {{ $claimNamespace := index $.observed.composite.resource.metadata.labels "crossplane.io/claim-namespace" }} - {{ $tenantAwsProviderConfigRef := printf "%s-aws" $claimNamespace }} - {{ $params := get .observed.composite.resource.spec "parameters" | default dict }} - --- - {{ $vpcResourceName := "vpc" }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: VPC - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $vpcResourceName }} - spec: - forProvider: - cidrBlock: {{ $params.vpcCidrBlock | toYaml }} - enableDnsHostnames: true - enableDnsSupport: true - tags: - Name: {{ printf "%s-%s" $params.id $vpcResourceName | toYaml }} - region: {{ $params.region | toYaml }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - --- - {{ $igwResourceName := "internet-gateway" }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: InternetGateway - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $igwResourceName }} - spec: - forProvider: - region: {{ $params.region | toYaml }} - tags: - Name: {{ printf "%s-%s" $params.id $igwResourceName | toYaml }} - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - {{ $region := $params.region | toYaml }} - {{- range $i, $subnet := $params.subnets }} - --- - {{ $subnetResourceName := printf "subnet-%s-%s-%s" $subnet.availabilityZone $subnet.type (toString $i) }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: Subnet - metadata: - labels: - zone: {{ $subnet.availabilityZone }} - {{- if eq $subnet.type "private" }} - access: private - {{- else }} - access: public - {{- end }} - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $subnetResourceName }} - spec: - forProvider: - cidrBlock: {{ $subnet.cidrBlock | toYaml }} - {{ if eq $subnet.type "public" }} - mapPublicIpOnLaunch: true - {{ end }} - tags: - {{- if eq $subnet.type "private" }} - kubernetes.io/role/internal-elb: "1" - {{- else }} - kubernetes.io/role/elb: "1" - {{- end }} - Name: {{ printf "%s-%s" $params.id $subnetResourceName | toYaml }} - region: {{ $region }} - vpcIdSelector: - matchControllerRef: true - availabilityZone: {{ $subnet.availabilityZone | toYaml }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - {{- end }} - --- - {{ $routeTableResourceName := "route-table" }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: RouteTable - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $routeTableResourceName }} - spec: - forProvider: - vpcIdSelector: - matchControllerRef: true - region: {{ $params.region | toYaml }} - tags: - Name: {{ printf "%s-%s" $params.id $routeTableResourceName | toYaml }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - --- - {{ $publicRouteResourceName := "public-route" }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: Route - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $publicRouteResourceName }} - spec: - forProvider: - destinationCidrBlock: 0.0.0.0/0 - gatewayIdSelector: - matchControllerRef: true - routeTableIdSelector: - matchControllerRef: true - region: {{ $params.region | toYaml }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - --- - {{ $mainRouteTableAssociationResourceName := "main-route-table-association" }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: MainRouteTableAssociation - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $mainRouteTableAssociationResourceName }} - spec: - forProvider: - region: {{ $params.region | toYaml }} - routeTableIdSelector: - matchControllerRef: true - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - {{- range $i, $subnet := $params.subnets }} - --- - {{ $routeTableAssociationResourceName := printf "route-table-association-%s-%s-%s" $subnet.availabilityZone $subnet.type (toString $i) }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: RouteTableAssociation - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $routeTableAssociationResourceName }} - spec: - forProvider: - region: {{ $region }} - routeTableIdSelector: - matchControllerRef: true - subnetIdSelector: - matchControllerRef: true - matchLabels: - {{- if eq $subnet.type "private" }} - access: private - {{- else }} - access: public - {{- end }} - zone: {{ $subnet.availabilityZone | toYaml }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - {{- end }} - --- - {{ $sgResourceName := "security-group" }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: SecurityGroup - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $sgResourceName }} - spec: - forProvider: - description: Allow access to databases - name: {{ printf "%s-%s" $params.id $sgResourceName | toYaml }} - vpcIdSelector: - matchControllerRef: true - region: {{ $params.region | toYaml }} - tags: - Name: {{ printf "%s-%s" $params.id $sgResourceName | toYaml }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - --- - {{ $sgrpRulePostGresResourceName := "security-group-rule-postgres" }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: SecurityGroupRule - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $sgrpRulePostGresResourceName }} - spec: - forProvider: - cidrBlocks: - - 192.168.0.0/16 - description: Everywhere - fromPort: 5432 - protocol: tcp - securityGroupIdSelector: - matchControllerRef: true - toPort: 5432 - type: ingress - region: {{ $params.region | toYaml }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - --- - {{ $sgrpRuleMySQLResourceName := "security-group-rule-mysql" }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: SecurityGroupRule - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $sgrpRuleMySQLResourceName }} - spec: - forProvider: - cidrBlocks: - - 192.168.0.0/16 - description: Everywhere - fromPort: 3306 - protocol: tcp - securityGroupIdSelector: - matchControllerRef: true - toPort: 3306 - type: ingress - region: {{ $params.region | toYaml }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - kind: GoTemplate - source: Inline - step: compose-resources - - functionRef: - name: go-templating - input: - apiVersion: gotemplating.fn.crossplane.io/v1beta1 - inline: - template: | - {{ $observedResources := get .observed "resources" | default dict }} - {{ $params := get .observed.composite.resource.spec "parameters" | default dict }} - {{ $vpcStatus := dig "vpc" "resource" "status" dict $observedResources }} - {{ $subnetsStatus := dict }} - {{ range $i, $subnet := $params.subnets }} - {{ $subnetResourceName := printf "subnet-%s-%s-%s" $subnet.availabilityZone $subnet.type (toString $i) }} - {{ $subnetStatuses := dig $subnetResourceName "resource" "status" dict $observedResources }} - {{ $subnetsStatus = merge $subnetsStatus (dict $subnetResourceName $subnetStatuses) }} - {{ end }} - apiVersion: api.example/v1alpha1 - kind: XEKSNetwork - status: - vpc: {{ $vpcStatus | toYaml | nindent 4 }} - subnets: {{ $subnetsStatus | toYaml | nindent 4 }} - kind: GoTemplate - source: Inline - step: set-xr-status - - functionRef: - name: auto-ready - step: automatically-detect-ready-composed-resources diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml deleted file mode 100644 index 692781b..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: EIP -metadata: - name: dev-ekscluster -spec: - deletionPolicy: "" - forProvider: - domain: vpc - region: west-2 - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: EIP -metadata: - name: dev-ekscluster-2 -spec: - deletionPolicy: "" - forProvider: - domain: vpc - region: west-2 - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml deleted file mode 100644 index 491ade3..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: InternetGateway -metadata: - name: dev-ekscluster -spec: - deletionPolicy: "" - forProvider: - region: west-2 - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: InternetGateway -metadata: - name: reference-eks-network -spec: - deletionPolicy: "" - forProvider: - region: east-1 - tags: - Name: platform-ref-eks-network-internet-gateway - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/main-route-rable-association-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/main-route-rable-association-ec2-aws-upbound-io.yaml deleted file mode 100644 index 7c44279..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/main-route-rable-association-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/main-route-rable-association-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: MainRouteTableAssociation -metadata: - name: reference-eks-network -spec: - deletionPolicy: "" - forProvider: - region: east-1 - routeTableIdSelector: - matchControllerRef: true - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml deleted file mode 100644 index 7f248f3..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,40 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: NATGateway -metadata: - name: dev-ekscluster -spec: - deletionPolicy: "" - forProvider: - allocationIdSelector: - matchLabels: - type: eip-1 - region: west-2 - subnetIdSelector: - matchLabels: - type: subnet - visibility: public - zone: west-2a - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: NATGateway -metadata: - name: dev-ekscluster-2 -spec: - deletionPolicy: "" - forProvider: - allocationIdSelector: - matchLabels: - type: eip-2 - region: west-2 - subnetIdSelector: - matchLabels: - type: subnet - visibility: public - zone: west-2b - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-ec2-aws-upbound-io.yaml deleted file mode 100644 index 399c9ad..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Route -metadata: - name: reference-eks-network -spec: - deletionPolicy: "" - forProvider: - destinationCidrBlock: 0.0.0.0/0 - gatewayIdSelector: - matchControllerRef: true - region: east-1 - routeTableIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml deleted file mode 100644 index 334e813..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,76 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: RouteTableAssociation -metadata: - name: reference-eks-network-public -spec: - deletionPolicy: "" - forProvider: - region: east-1 - routeTableIdSelector: - matchControllerRef: true - subnetIdSelector: - matchControllerRef: true - matchLabels: - access: public - zone: east-1a - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: RouteTableAssociation -metadata: - name: reference-eks-network-private -spec: - deletionPolicy: "" - forProvider: - region: east-1 - routeTableIdSelector: - matchControllerRef: true - subnetIdSelector: - matchControllerRef: true - matchLabels: - access: private - zone: east-1a - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: RouteTableAssociation -metadata: - name: reference-eks-network-public-1b -spec: - deletionPolicy: "" - forProvider: - region: east-1 - routeTableIdSelector: - matchControllerRef: true - subnetIdSelector: - matchControllerRef: true - matchLabels: - access: public - zone: east-1b - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: RouteTableAssociation -metadata: - name: reference-eks-network-private-1b -spec: - deletionPolicy: "" - forProvider: - region: east-1 - routeTableIdSelector: - matchControllerRef: true - subnetIdSelector: - matchControllerRef: true - matchLabels: - access: private - zone: east-1b - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml deleted file mode 100644 index 6c56542..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: RouteTable -metadata: - name: dev-ekscluster -spec: - deletionPolicy: "" - forProvider: - region: west-2 - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: RouteTable -metadata: - name: reference-eks-network -spec: - deletionPolicy: "" - forProvider: - region: east-1 - tags: - Name: platform-ref-eks-network-route-table - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-ec2-aws-upbound-io.yaml deleted file mode 100644 index 88c5e15..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: SecurityGroup -metadata: - name: reference-eks-network -spec: - deletionPolicy: "" - forProvider: - description: Allow access to databases - name: platform-ref-eks-network-security-group - region: east-1 - tags: - Name: platform-ref-eks-network-security-group - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml deleted file mode 100644 index 4b706a3..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,42 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: SecurityGroupRuleRule -metadata: - name: reference-eks-network -spec: - deletionPolicy: "" - forProvider: - cidrBlocks: - - 192.168.0.0/16 - description: Everywhere - fromPort: 3306 - protocol: tcp - region: east-1 - securityGroupIdSelector: - matchControllerRef: true - toPort: 3306 - type: ingress - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: SecurityGroupRuleRule -metadata: - name: reference-eks-network-5432 -spec: - deletionPolicy: "" - forProvider: - cidrBlocks: - - 192.168.0.0/16 - description: Everywhere - fromPort: 5432 - protocol: tcp - region: east-1 - securityGroupIdSelector: - matchControllerRef: true - toPort: 5432 - type: ingress - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml deleted file mode 100644 index 254fa55..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,146 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Subnet -metadata: - name: dev-ekscluster -spec: - deletionPolicy: "" - forProvider: - availabilityZone: west-2a - cidrBlock: 192.168.50.0/24 - mapPublicIpOnLaunch: false - region: west-2 - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Subnet -metadata: - name: reference-eks-network -spec: - deletionPolicy: "" - forProvider: - availabilityZone: east-1a - cidrBlock: 192.168.128.0/18 - region: east-1 - tags: - Name: platform-ref-eks-network-subnet-east-1a-private-2 - kubernetes.io/role/internal-elb: "1" - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Subnet -metadata: - name: reference-eks-network-public-0 -spec: - deletionPolicy: "" - forProvider: - availabilityZone: east-1a - cidrBlock: 192.168.0.0/18 - mapPublicIpOnLaunch: true - region: east-1 - tags: - Name: platform-ref-eks-network-subnet-east-1a-public-0 - kubernetes.io/role/elb: "1" - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Subnet -metadata: - name: reference-eks-network-east-1b-private-3 -spec: - deletionPolicy: "" - forProvider: - availabilityZone: east-1b - cidrBlock: 192.168.192.0/18 - region: east-1 - tags: - Name: platform-ref-eks-network-subnet-east-1b-private-3 - kubernetes.io/role/internal-elb: "1" - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Subnet -metadata: - name: reference-eks-network-east-1b-public-1 -spec: - deletionPolicy: "" - forProvider: - availabilityZone: east-1b - cidrBlock: 192.168.64.0/18 - mapPublicIpOnLaunch: true - region: east-1 - tags: - Name: platform-ref-eks-network-subnet-east-1b-public-1 - kubernetes.io/role/elb: "1" - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Subnet -metadata: - name: dev-ekscluster-2 -spec: - deletionPolicy: "" - forProvider: - availabilityZone: west-2b - cidrBlock: 192.168.51.0/24 - mapPublicIpOnLaunch: false - region: west-2 - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Subnet -metadata: - name: dev-ekscluster-3 -spec: - deletionPolicy: "" - forProvider: - availabilityZone: west-2b - cidrBlock: 192.168.49.0/24 - mapPublicIpOnLaunch: true - region: west-2 - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Subnet -metadata: - name: dev-ekscluster-4 -spec: - deletionPolicy: "" - forProvider: - availabilityZone: west-2b - cidrBlock: 192.168.49.0/24 - mapPublicIpOnLaunch: true - region: west-2 - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml deleted file mode 100644 index 11aaac6..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: VPC -metadata: - name: dev-ekscluster -spec: - deletionPolicy: "" - forProvider: - cidrBlock: 192.168.48.0/20 - enableDnsHostnames: true - enableDnsSupport: true - region: west-2 - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: VPC -metadata: - name: reference-eks-network -spec: - deletionPolicy: "" - forProvider: - cidrBlock: 192.168.0.0/16 - enableDnsHostnames: true - enableDnsSupport: true - region: east-1 - tags: - Name: platform-ref-eks-network-vpc - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: VPC -metadata: - name: vpc-west-2 -spec: - deletionPolicy: "" - forProvider: - enableDnsHostNames: true - enableDnsSupport: true - instanceTenancy: default - region: west-2 - vpcCidrBlock: 10.0.0.0/16 - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/cluster-eks-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/cluster-eks-aws-upbound-io.yaml deleted file mode 100644 index 1ce2073..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/cluster-eks-aws-upbound-io.yaml +++ /dev/null @@ -1,40 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/cluster-eks-aws-upbound-io.yaml -apiVersion: eks.aws.upbound.io/v1beta1 -kind: Cluster -metadata: - name: dev-ekscluster - annotations: - crossplane.io/composition-resource-name: eks-cluster - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-aws-eks" - openmcp.cloud/blueprint-building-block-version: "0.0.12" - crossplane.io/claim-namespace: dev-us - crossplane.io/composite: dev-ekscluster - ownerReferences: - - apiVersion: api.example/v1alpha1 - blockOwnerDeletion: true - controller: true - kind: EKSCluster - name: dev-ekscluster - uid: "" -spec: - deletionPolicy: "" - forProvider: - region: west-2 - roleArn: arn:aws:iam::XXXX:role/EKS-Cluster-Role - version: "1.29" - vpcConfig: - - endpointPrivateAccess: false - endpointPublicAccess: true - subnetIdSelector: - matchLabels: - type: subnet - visibility: private - providerConfigRef: - name: dev-aws - writeConnectionSecretToRef: - name: dev-connection-secret - namespace: crossplane-system - publishConnectionDetailsTo: - {} diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/node-group-eks-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/node-group-eks-aws-upbound-io.yaml deleted file mode 100644 index 3ae5b5f..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/node-group-eks-aws-upbound-io.yaml +++ /dev/null @@ -1,41 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/node-group-eks-aws-upbound-io.yaml -apiVersion: eks.aws.upbound.io/v1beta1 -kind: NodeGroup -metadata: - name: dev-ekscluster - annotations: - crossplane.io/composition-resource-name: eks-nodegroup - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-aws-eks" - openmcp.cloud/blueprint-building-block-version: "0.0.12" - crossplane.io/claim-namespace: dev-us - crossplane.io/composite: dev-ekscluster - ownerReferences: - - apiVersion: api.example/v1alpha1 - blockOwnerDeletion: true - controller: true - kind: EKSCluster - name: dev-ekscluster - uid: "" -spec: - deletionPolicy: "" - forProvider: - amiType: x86 - clusterNameSelector: - matchControllerRef: true - instanceTypes: - - t3.medium - nodeRoleArn: arn:aws:iam::XXXX:role/EKS-WorkerNode-Role - region: west-2 - scalingConfig: - - desiredSize: 2 - maxSize: 2 - minSize: 1 - subnetIdSelector: - matchControllerRef: true - matchLabels: - type: subnet - visibility: private - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-iam-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-iam-aws-upbound-io.yaml deleted file mode 100644 index 2806fb0..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-iam-aws-upbound-io.yaml +++ /dev/null @@ -1,38 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-iam-aws-upbound-io.yaml -apiVersion: iam.aws.upbound.io/v1beta1 -kind: Role -metadata: - name: dev-ekscluster - annotations: - crossplane.io/composition-resource-name: role - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-aws-iam" - openmcp.cloud/blueprint-building-block-version: "0.0.13" - crossplane.io/claim-namespace: dev-us - crossplane.io/composite: dev-ekscluster - ownerReferences: - - apiVersion: api.example/v1alpha1 - blockOwnerDeletion: true - controller: true - kind: EKSCluster - name: dev-ekscluster - uid: "" -spec: - deletionPolicy: "" - forProvider: - assumeRolePolicy: | - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": { - "Service": "eks.amazonaws.com" - }, - "Action": "sts:AssumeRole" - } - ] - } - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-policy-attachment-iam-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-policy-attachment-iam-aws-upbound-io.yaml deleted file mode 100644 index f414976..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-policy-attachment-iam-aws-upbound-io.yaml +++ /dev/null @@ -1,28 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-policy-attachment-iam-aws-upbound-io.yaml -apiVersion: iam.aws.upbound.io/v1beta1 -kind: RolePolicyAttachment -metadata: - name: dev-ekscluster - annotations: - crossplane.io/composition-resource-name: rolePolicyAttachment - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-aws-iam" - openmcp.cloud/blueprint-building-block-version: "0.0.13" - crossplane.io/claim-namespace: dev-us - crossplane.io/composite: dev-ekscluster - ownerReferences: - - apiVersion: api.example/v1alpha1 - blockOwnerDeletion: true - controller: true - kind: EKSCluster - name: dev-ekscluster - uid: "" -spec: - deletionPolicy: "" - forProvider: - policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy - roleSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-rdr/templates/instance-rdr-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-rdr/templates/instance-rdr-aws-upbound-io.yaml deleted file mode 100644 index 15753b6..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-rdr/templates/instance-rdr-aws-upbound-io.yaml +++ /dev/null @@ -1,34 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-rdr/templates/instance-rdr-aws-upbound-io.yaml -apiVersion: rds.aws.upbound.io/v1beta2 -kind: Instance -metadata: - name: rds-instance -spec: - deletionPolicy: "" - forProvider: - allocatedStorage: 20 - autoGeneratePassword: true - autoMinorVersionUpgrade: true - backupRetentionPeriod: 14 - backupWindow: 09:46-10:16 - dbName: clopsdevusdb - engine: postgres - engineVersion: "16.1" - instanceClass: db.t3.micro - maintenanceWindow: Mon:00:00-Mon:03:00 - passwordSecretRef: - key: password - name: dev-rds-root - namespace: dev-us - publiclyAccessible: false - region: east-1 - skipFinalSnapshot: true - storageEncrypted: true - storageType: gp2 - username: adminuser - providerConfigRef: - name: dev-aws - writeConnectionSecretToRef: - name: dev-rds-connection-details - namespace: dev-us diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/external-secret.yaml deleted file mode 100644 index a055e58..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/external-secret.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/external-secrets-config/templates/external-secret.yaml -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: "btp-account-test" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - refreshInterval: "15m" - secretStoreRef: - name: "hashicorp-vault" - kind: "SecretStore" - target: - name: "btp-account-test" - data: - - remoteRef: - key: "" - property: btp-cis-provider-credentials - secretKey: btp-cis-provider-credentials - - remoteRef: - key: "" - property: btp-service-account-provider-credentials - secretKey: btp-service-account-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/secret-store.yaml deleted file mode 100644 index 05d51eb..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/secret-store.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/external-secrets-config/templates/secret-store.yaml -apiVersion: external-secrets.io/v1beta1 -kind: SecretStore -metadata: - name: "hashicorp-vault" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - provider: - vault: - auth: - appRole: - path: approle - roleId: "" - secretRef: - key: token - name: hashicorp-vault-token - namespace: ns1 - path: k8s-clusters - server: https://vault.example/ - version: v2 diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml deleted file mode 100644 index 85230a8..0000000 --- a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Subaccount -metadata: - name: subaccount1 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - description: Sub Account managed by OpenMCP & IaD - displayName: CO Managed Control Plane Blueprint Sub-Account - region: eu01 - subaccountAdminEmails: [] - subdomain: mcp-blueprint-test-1 - providerConfigRef: - name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml deleted file mode 100644 index 4e2f274..0000000 --- a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Entitlement -metadata: - name: auditlog-oauth2 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - serviceName: auditlog-management - servicePlanName: default - amount: 1 - subaccountRef: - name: subaccount1 - providerConfigRef: - name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml deleted file mode 100644 index 5f099a9..0000000 --- a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -# Source: provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml -apiVersion: external-secrets.io/v1beta1 -kind: SecretStore -metadata: - name: "hashicorp-vault" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - provider: - vault: - auth: - kubernetes: - mountPath: kubernetes - role: mcp-blueprints - secretRef: - key: token - name: vault-token-sa - namespace: default - namespace: ns1 - path: k8s-clusters - server: https://vault.example/ - version: v2 diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-gardener-shoot-kubeconfigs/templates/mcp-manifests/admin-kubeconfig-request.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-gardener-shoot-kubeconfigs/templates/mcp-manifests/admin-kubeconfig-request.yaml deleted file mode 100644 index e9816bb..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-gardener-shoot-kubeconfigs/templates/mcp-manifests/admin-kubeconfig-request.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -# Source: provider-gardener-existing/charts/crossplane-gardener-shoot-kubeconfigs/templates/mcp-manifests/admin-kubeconfig-request.yaml -apiVersion: gardener.orchestrate.cloud.sap/v1alpha1 -kind: AdminKubeconfigRequest -metadata: - name: "iad-test" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-gardener-shoot-kubeconfigs" - openmcp.cloud/blueprint-building-block-version: "0.0.10" -spec: - forProvider: - validFor: 1h0s - renewAfter: 45m0s - shootRef: - name: "iad-test" - namespace: "garden-co-golden" - providerConfigRef: - name: "garden-sa-co-mcp-blueprints" - writeConnectionSecretToRef: - name: gardener-shoot-kubeconfig-iad-test - namespace: default diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml deleted file mode 100644 index 547e820..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml -apiVersion: gardener.orchestrate.cloud.sap/v1alpha1 -kind: ProviderConfig -metadata: - name: "garden-sa-co-mcp-blueprints" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - credentials: - secretRef: - key: kubeconfig - name: garden-co-golden - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml deleted file mode 100644 index 7b40cb1..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml -apiVersion: helm.crossplane.io/v1beta1 -kind: ProviderConfig -metadata: - name: "gardener-shoot-iad-test" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - credentials: - secretRef: - key: kubeconfig - name: gardener-shoot-kubeconfig-iad-test - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml deleted file mode 100644 index df70493..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml -apiVersion: kubernetes.crossplane.io/v1alpha1 -kind: ProviderConfig -metadata: - name: "garden-sa-co-mcp-blueprints" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - credentials: - secretRef: - key: kubeconfig - name: garden-co-golden - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-helm/templates/helm-release.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-helm/templates/helm-release.yaml deleted file mode 100644 index da659aa..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-helm/templates/helm-release.yaml +++ /dev/null @@ -1,42 +0,0 @@ ---- -# Source: provider-gardener-existing/charts/crossplane-provider-helm/templates/helm-release.yaml -apiVersion: helm.crossplane.io/v1beta1 -kind: Release -metadata: - name: gardener-shoot-iad-test-ingress-nginx - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-helm" - openmcp.cloud/blueprint-building-block-version: "0.0.11" -spec: - providerConfigRef: - name: gardener-shoot-iad-test - # rollbackLimit: 3 - forProvider: - chart: - name: ingress-nginx - repository: https://kubernetes.github.io/ingress-nginx - version: 4.10.0 - namespace: default - # insecureSkipTLSVerify: true/false - # skipCreateNamespace: true/false - # wait: true/false - # skipCRDs: true/false - values: - controller: - config: - enable-underscores-in-headers: "true" - extraArgs: - default-ssl-certificate: default/www-tls - ingressClassResource: - default: true - service: - annotations: - cert.gardener.cloud/secretname: www-tls - dns.gardener.cloud/class: garden - dns.gardener.cloud/dnsnames: "" - dns.gardener.cloud/ttl: "600" - appProtocol: false - watchIngressWithoutClass: true - defaultBackend: - enabled: true - fullnameOverride: ingress-nginx diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/external-secret.yaml deleted file mode 100644 index 6d3c650..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/external-secret.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -# Source: provider-gardener-existing/charts/external-secrets-config/templates/external-secret.yaml -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: "garden-co-golden" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - refreshInterval: "15m" - secretStoreRef: - name: "hashicorp-vault" - kind: "SecretStore" - target: - name: "garden-co-golden" - data: - - remoteRef: - key: btp-endpoint.example/btp-account - property: kubeconfig - secretKey: kubeconfig diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/garden-manifests/gardener-shoot-cluster-gcp.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/garden-manifests/gardener-shoot-cluster-gcp.yaml deleted file mode 100644 index cadd9e1..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/garden-manifests/gardener-shoot-cluster-gcp.yaml +++ /dev/null @@ -1,97 +0,0 @@ ---- -# Source: provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/garden-manifests/gardener-shoot-cluster-gcp.yaml -apiVersion: kubernetes.crossplane.io/v1alpha1 -kind: Object -metadata: - name: "iad-test" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-gardener-shoot-clusters" - openmcp.cloud/blueprint-building-block-version: "0.0.11" -spec: - providerConfigRef: - name: "garden-co-golden" # Set to Kubernetes ProviderConfig - forProvider: - manifest: - # gardener shoot api: https://github.com/gardener/gardener/blob/master/docs/api-reference/core.md - apiVersion: core.gardener.cloud/v1beta1 - kind: Shoot - metadata: - annotations: - confirmation.gardener.cloud/deletion: "true" # otherwise it can't be destroyed using IAD - name: iad-test - namespace: garden-co-golden - - spec: - secretBindingName: gcp-sa-garden-co-golden # Set your SecretBinding name - cloudProfileName: gcp - region: "europe-west1" - purpose: "testing" - #### START hyperscaler specific stuff START #### - provider: - type: gcp - infrastructureConfig: - apiVersion: gcp.provider.extensions.gardener.cloud/v1alpha1 - kind: InfrastructureConfig - networks: - workers: 10.180.0.0/16 - controlPlaneConfig: - apiVersion: gcp.provider.extensions.gardener.cloud/v1alpha1 - kind: ControlPlaneConfig - zone: europe-west1-b - workers: - - machine: - image: - name: gardenlinux - version: 1312.3.0 - type: n2-standard-8 - maxSurge: 1 - maxUnavailable: 0 - maximum: 3 - minimum: 1 - name: worker - volume: - encrypted: true - size: 50Gi - type: pd-standard - zones: - - europe-west1-b - #### END hyperscaler specific stuff END #### - kubernetes: - version: "1.30.2" - kubeAPIServer: - enableAnonymousAuthentication: false - scheduling.k8s.io/v1alpha1: true - kubeControllerManager: - nodeCIDRMaskSize: 24 - clusterAutoscaler: - scaleDownDelayAfterAdd: 1h0m0s - scaleDownDelayAfterDelete: 10s - scaleDownDelayAfterFailure: 10m0s - scaleDownUnneededTime: 30m0s - scaleDownUtilizationThreshold: 0.5 - scanInterval: 10s - extensions: - [] - networking: - nodes: 10.180.0.0/16 - type: calico - maintenance: - autoUpdate: - kubernetesVersion: false - machineImageVersion: true - confineSpecUpdateRollout: true - timeWindow: - begin: 120000+0000 - end: 130000+0000 - hibernation: - schedules: - - end: 00 08 * * 1,2,3,4,5 - location: Europe/Berlin - start: 00 21 * * 1,2,3,4,5 - addons: - kubernetesDashboard: - enabled: false - nginxIngress: - enabled: false - resources: - [] diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/mcp-manifests/admin-kubeconfig-request.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/mcp-manifests/admin-kubeconfig-request.yaml deleted file mode 100644 index 0f92787..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/mcp-manifests/admin-kubeconfig-request.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/mcp-manifests/admin-kubeconfig-request.yaml -apiVersion: gardener.orchestrate.cloud.sap/v1alpha1 -kind: AdminKubeconfigRequest -metadata: - name: "iad-test" -spec: - forProvider: - validFor: 1h0s - renewAfter: 45m0s - shootRef: - name: "iad-test" - namespace: "garden-co-golden" - providerConfigRef: - name: "garden-co-golden" - writeConnectionSecretToRef: - name: gardener-shoot-kubeconfig-iad-test - namespace: default diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml deleted file mode 100644 index b413679..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml -apiVersion: gardener.orchestrate.cloud.sap/v1alpha1 -kind: ProviderConfig -metadata: - name: "garden-co-golden" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - credentials: - secretRef: - key: kubeconfig - name: garden-co-golden - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml deleted file mode 100644 index 1e97c32..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml -apiVersion: helm.crossplane.io/v1beta1 -kind: ProviderConfig -metadata: - name: "gardener-shoot-iad-test" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - credentials: - secretRef: - key: kubeconfig - name: gardener-shoot-kubeconfig-iad-test - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml deleted file mode 100644 index 8dfe274..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml -apiVersion: kubernetes.crossplane.io/v1alpha1 -kind: ProviderConfig -metadata: - name: "garden-co-golden" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - credentials: - secretRef: - key: kubeconfig - name: garden-co-golden - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-helm/templates/helm-release.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-helm/templates/helm-release.yaml deleted file mode 100644 index b3b8a9a..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-helm/templates/helm-release.yaml +++ /dev/null @@ -1,42 +0,0 @@ ---- -# Source: provider-gardener/charts/crossplane-provider-helm/templates/helm-release.yaml -apiVersion: helm.crossplane.io/v1beta1 -kind: Release -metadata: - name: gardener-shoot-iad-test-ingress-nginx - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-helm" - openmcp.cloud/blueprint-building-block-version: "0.0.11" -spec: - providerConfigRef: - name: gardener-shoot-iad-test - # rollbackLimit: 3 - forProvider: - chart: - name: ingress-nginx - repository: https://kubernetes.github.io/ingress-nginx - version: 4.10.0 - namespace: default - # insecureSkipTLSVerify: true/false - # skipCreateNamespace: true/false - # wait: true/false - # skipCRDs: true/false - values: - controller: - config: - enable-underscores-in-headers: "true" - extraArgs: - default-ssl-certificate: default/www-tls - ingressClassResource: - default: true - service: - annotations: - cert.gardener.cloud/secretname: www-tls - dns.gardener.cloud/class: garden - dns.gardener.cloud/dnsnames: "" - dns.gardener.cloud/ttl: "600" - appProtocol: false - watchIngressWithoutClass: true - defaultBackend: - enabled: true - fullnameOverride: ingress-nginx diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/external-secret.yaml deleted file mode 100644 index dc5bf76..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/external-secret.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -# Source: provider-gardener/charts/external-secrets-config/templates/external-secret.yaml -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: "garden-co-golden" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - refreshInterval: "15m" - secretStoreRef: - name: "hashicorp-vault" - kind: "SecretStore" - target: - name: "garden-co-golden" - data: - - remoteRef: - key: btp-endpoint.example/btp-account - property: kubeconfig - secretKey: kubeconfig diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/secret-store.yaml deleted file mode 100644 index 6fb4349..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/secret-store.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -# Source: provider-gardener/charts/external-secrets-config/templates/secret-store.yaml -apiVersion: external-secrets.io/v1beta1 -kind: SecretStore -metadata: - name: "hashicorp-vault" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - provider: - vault: - auth: - kubernetes: - mountPath: kubernetes - role: openmcp-kubernetes - secretRef: - key: token - name: vault-token-sa - namespace: default - namespace: ns1 - path: mcps - server: https://vault.example/ - version: v2 From bcd65d570a05fb554682a4280bd3be6fdb8410eb Mon Sep 17 00:00:00 2001 From: wchomik Date: Fri, 30 May 2025 08:13:19 +0000 Subject: [PATCH 05/12] chore(ci): k8s manifest templated for Helm Charts --- .../mcp/btp-accounts/sub-accounts.yaml | 18 +++++++++++++ .../mcp/btp-subscriptions/entitlements.yaml | 18 +++++++++++++ .../mcp/btp-subscriptions/servicemanager.yaml | 20 ++++++++++++++ .../templates/external-secret.yaml | 26 +++++++++++++++++++ .../templates/secret-store.yaml | 25 ++++++++++++++++++ .../services-binding-services-cloud-sap.yaml | 19 ++++++++++++++ .../services-instance-services-cloud-sap.yaml | 16 ++++++++++++ .../btp.sap.crossplane.io.yaml | 24 +++++++++++++++++ .../mcp/btp-accounts/sub-accounts.yaml | 18 +++++++++++++ .../mcp/btp-subscriptions/entitlements.yaml | 18 +++++++++++++ .../templates/external-secret.yaml | 26 +++++++++++++++++++ .../templates/secret-store.yaml | 25 ++++++++++++++++++ 12 files changed, 253 insertions(+) create mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml create mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml create mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml create mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml create mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml create mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml create mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml new file mode 100644 index 0000000..a78b2b5 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml @@ -0,0 +1,18 @@ +--- +# Source: btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +apiVersion: account.btp.sap.crossplane.io/v1alpha1 +kind: Subaccount +metadata: + name: subaccount1 + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" + openmcp.cloud/blueprint-building-block-version: "0.0.9" +spec: + forProvider: + description: Open Managed Control Plane Blueprint + displayName: dev-eu01 + region: eu01 + subaccountAdminEmails: [] + subdomain: dev-eu01 + providerConfigRef: + name: "btpSapCrossplaneProviderConfigRefName" diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml new file mode 100644 index 0000000..33d8bf1 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml @@ -0,0 +1,18 @@ +--- +# Source: btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +apiVersion: account.btp.sap.crossplane.io/v1alpha1 +kind: Entitlement +metadata: + name: cis-local + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" + openmcp.cloud/blueprint-building-block-version: "0.0.9" +spec: + forProvider: + serviceName: cis + servicePlanName: local + enable: true + subaccountRef: + name: subaccount1 + providerConfigRef: + name: "btpSapCrossplaneProviderConfigRefName" diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml new file mode 100644 index 0000000..6689b29 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml @@ -0,0 +1,20 @@ +--- +# Source: btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml +apiVersion: account.btp.sap.crossplane.io/v1beta1 +kind: ServiceManager +metadata: + name: subaccount1 + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" + openmcp.cloud/blueprint-building-block-version: "0.0.9" +spec: + writeConnectionSecretToRef: + # !!! TODO: Make this configurable !!! + name: btp-service-manager-btpSapCrossplaneProviderConfigRefName-subaccount1 + # !!! TODO: Make this configurable !!! + namespace: default + forProvider: + subaccountRef: + name: subaccount1 + providerConfigRef: + name: "btpSapCrossplaneProviderConfigRefName" diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml new file mode 100644 index 0000000..5409f7d --- /dev/null +++ b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml @@ -0,0 +1,26 @@ +--- +# Source: btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: "btp-account" + namespace: "default" + labels: + openmcp.cloud/blueprint-building-block: "external-secrets-config" + openmcp.cloud/blueprint-building-block-version: "0.1.10" +spec: + refreshInterval: "15m" + secretStoreRef: + name: "hashicorp-vault" + kind: "SecretStore" + target: + name: "btp-account" + data: + - remoteRef: + key: btp-endpoint.example/btp-account + property: btp-cis-provider-credentials + secretKey: btp-cis-provider-credentials + - remoteRef: + key: btp-endpoint.example/btp-account + property: btp-service-account-provider-credentials + secretKey: btp-service-account-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml new file mode 100644 index 0000000..8fe474b --- /dev/null +++ b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml @@ -0,0 +1,25 @@ +--- +# Source: btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml +apiVersion: external-secrets.io/v1beta1 +kind: SecretStore +metadata: + name: "hashicorp-vault" + namespace: "default" + labels: + openmcp.cloud/blueprint-building-block: "external-secrets-config" + openmcp.cloud/blueprint-building-block-version: "0.1.10" +spec: + provider: + vault: + auth: + kubernetes: + mountPath: kubernetes + role: openmcp-kubernetes + secretRef: + key: token + name: vault-token-sa + namespace: default + namespace: ns1 + path: mcps + server: https://vault.example/ + version: v2 diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml new file mode 100644 index 0000000..b028d57 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml @@ -0,0 +1,19 @@ +--- +# Source: btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml +apiVersion: services.cloud.sap.com/v1alpha1 +kind: ServiceBinding +metadata: + name: hana-binding + namespace: default + labels: + openmcp.cloud/blueprint-building-block: "sap-btp-services" + openmcp.cloud/blueprint-building-block-version: "0.0.12" +spec: + serviceInstanceName: hana-cloud + secretName: hana-binding-secret + parameters: + [] + credentialsRotationPolicy: + enabled: false + rotatedBindingTTL: 1s + rotationFrequency: 1s diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml new file mode 100644 index 0000000..5d8d94f --- /dev/null +++ b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml @@ -0,0 +1,16 @@ +--- +# Source: btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml +apiVersion: services.cloud.sap.com/v1alpha1 +kind: ServiceInstance +metadata: + name: hana-cloud + namespace: default + labels: + openmcp.cloud/blueprint-building-block: "sap-btp-services" + openmcp.cloud/blueprint-building-block-version: "0.0.12" +spec: + serviceOfferingName: hana-cloud + servicePlanName: hana + parameters: + "data:\n memory: 48\n vcpu: 12\n systempassword: Cloud-12345! \n whitelistIPs:\n + \ - 127.0.0.1/0\n enabledservices:\n scriptserver: true\n edition: cloud\n" diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml new file mode 100644 index 0000000..2156990 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml @@ -0,0 +1,24 @@ +--- +# Source: provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +apiVersion: btp.sap.crossplane.io/v1alpha1 +kind: ProviderConfig +metadata: + name: "provider-config-ref-name-btp-account-mcp-blueprints" + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" + openmcp.cloud/blueprint-building-block-version: "0.0.18" +spec: + cliServerUrl: "https://cli.btp.cloud.sap" + globalAccount: "globalaccountsubdomain" + cisCredentials: + secretRef: + key: btp-cis-provider-credentials + name: btp-account-mcp-blueprints + namespace: default + source: Secret + serviceAccountSecret: + secretRef: + key: btp-service-account-provider-credentials + name: btp-account-mcp-blueprints + namespace: default + source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml new file mode 100644 index 0000000..85230a8 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml @@ -0,0 +1,18 @@ +--- +# Source: provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +apiVersion: account.btp.sap.crossplane.io/v1alpha1 +kind: Subaccount +metadata: + name: subaccount1 + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" + openmcp.cloud/blueprint-building-block-version: "0.0.9" +spec: + forProvider: + description: Sub Account managed by OpenMCP & IaD + displayName: CO Managed Control Plane Blueprint Sub-Account + region: eu01 + subaccountAdminEmails: [] + subdomain: mcp-blueprint-test-1 + providerConfigRef: + name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml new file mode 100644 index 0000000..4e2f274 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml @@ -0,0 +1,18 @@ +--- +# Source: provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +apiVersion: account.btp.sap.crossplane.io/v1alpha1 +kind: Entitlement +metadata: + name: auditlog-oauth2 + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" + openmcp.cloud/blueprint-building-block-version: "0.0.9" +spec: + forProvider: + serviceName: auditlog-management + servicePlanName: default + amount: 1 + subaccountRef: + name: subaccount1 + providerConfigRef: + name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml new file mode 100644 index 0000000..edf3f2a --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml @@ -0,0 +1,26 @@ +--- +# Source: provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: "btp-account-mcp-blueprints" + namespace: "default" + labels: + openmcp.cloud/blueprint-building-block: "external-secrets-config" + openmcp.cloud/blueprint-building-block-version: "0.1.10" +spec: + refreshInterval: "15m" + secretStoreRef: + name: "hashicorp-vault" + kind: "SecretStore" + target: + name: "btp-account-mcp-blueprints" + data: + - remoteRef: + key: btp-endpoint.example/btp-account + property: btp-cis-provider-credentials + secretKey: btp-cis-provider-credentials + - remoteRef: + key: btp-endpoint.example/btp-account + property: btp-service-account-provider-credentials + secretKey: btp-service-account-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml new file mode 100644 index 0000000..5f099a9 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml @@ -0,0 +1,25 @@ +--- +# Source: provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml +apiVersion: external-secrets.io/v1beta1 +kind: SecretStore +metadata: + name: "hashicorp-vault" + namespace: "default" + labels: + openmcp.cloud/blueprint-building-block: "external-secrets-config" + openmcp.cloud/blueprint-building-block-version: "0.1.10" +spec: + provider: + vault: + auth: + kubernetes: + mountPath: kubernetes + role: mcp-blueprints + secretRef: + key: token + name: vault-token-sa + namespace: default + namespace: ns1 + path: k8s-clusters + server: https://vault.example/ + version: v2 From 1954a16dd707fa984323c730cbc73adee1a1d1be Mon Sep 17 00:00:00 2001 From: Wiktor Chomik Date: Fri, 30 May 2025 11:56:40 +0200 Subject: [PATCH 06/12] Revert "chore(ci): k8s manifest templated for Helm Charts" This reverts commit bcd65d570a05fb554682a4280bd3be6fdb8410eb. --- .../mcp/btp-accounts/sub-accounts.yaml | 18 ------------- .../mcp/btp-subscriptions/entitlements.yaml | 18 ------------- .../mcp/btp-subscriptions/servicemanager.yaml | 20 -------------- .../templates/external-secret.yaml | 26 ------------------- .../templates/secret-store.yaml | 25 ------------------ .../services-binding-services-cloud-sap.yaml | 19 -------------- .../services-instance-services-cloud-sap.yaml | 16 ------------ .../btp.sap.crossplane.io.yaml | 24 ----------------- .../mcp/btp-accounts/sub-accounts.yaml | 18 ------------- .../mcp/btp-subscriptions/entitlements.yaml | 18 ------------- .../templates/external-secret.yaml | 26 ------------------- .../templates/secret-store.yaml | 25 ------------------ 12 files changed, 253 deletions(-) delete mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml delete mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml delete mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml delete mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml delete mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml delete mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml delete mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml deleted file mode 100644 index a78b2b5..0000000 --- a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Subaccount -metadata: - name: subaccount1 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - description: Open Managed Control Plane Blueprint - displayName: dev-eu01 - region: eu01 - subaccountAdminEmails: [] - subdomain: dev-eu01 - providerConfigRef: - name: "btpSapCrossplaneProviderConfigRefName" diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml deleted file mode 100644 index 33d8bf1..0000000 --- a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Entitlement -metadata: - name: cis-local - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - serviceName: cis - servicePlanName: local - enable: true - subaccountRef: - name: subaccount1 - providerConfigRef: - name: "btpSapCrossplaneProviderConfigRefName" diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml deleted file mode 100644 index 6689b29..0000000 --- a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -# Source: btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml -apiVersion: account.btp.sap.crossplane.io/v1beta1 -kind: ServiceManager -metadata: - name: subaccount1 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - writeConnectionSecretToRef: - # !!! TODO: Make this configurable !!! - name: btp-service-manager-btpSapCrossplaneProviderConfigRefName-subaccount1 - # !!! TODO: Make this configurable !!! - namespace: default - forProvider: - subaccountRef: - name: subaccount1 - providerConfigRef: - name: "btpSapCrossplaneProviderConfigRefName" diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml deleted file mode 100644 index 5409f7d..0000000 --- a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# Source: btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: "btp-account" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - refreshInterval: "15m" - secretStoreRef: - name: "hashicorp-vault" - kind: "SecretStore" - target: - name: "btp-account" - data: - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-cis-provider-credentials - secretKey: btp-cis-provider-credentials - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-service-account-provider-credentials - secretKey: btp-service-account-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml deleted file mode 100644 index 8fe474b..0000000 --- a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -# Source: btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml -apiVersion: external-secrets.io/v1beta1 -kind: SecretStore -metadata: - name: "hashicorp-vault" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - provider: - vault: - auth: - kubernetes: - mountPath: kubernetes - role: openmcp-kubernetes - secretRef: - key: token - name: vault-token-sa - namespace: default - namespace: ns1 - path: mcps - server: https://vault.example/ - version: v2 diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml deleted file mode 100644 index b028d57..0000000 --- a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml +++ /dev/null @@ -1,19 +0,0 @@ ---- -# Source: btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml -apiVersion: services.cloud.sap.com/v1alpha1 -kind: ServiceBinding -metadata: - name: hana-binding - namespace: default - labels: - openmcp.cloud/blueprint-building-block: "sap-btp-services" - openmcp.cloud/blueprint-building-block-version: "0.0.12" -spec: - serviceInstanceName: hana-cloud - secretName: hana-binding-secret - parameters: - [] - credentialsRotationPolicy: - enabled: false - rotatedBindingTTL: 1s - rotationFrequency: 1s diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml deleted file mode 100644 index 5d8d94f..0000000 --- a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml -apiVersion: services.cloud.sap.com/v1alpha1 -kind: ServiceInstance -metadata: - name: hana-cloud - namespace: default - labels: - openmcp.cloud/blueprint-building-block: "sap-btp-services" - openmcp.cloud/blueprint-building-block-version: "0.0.12" -spec: - serviceOfferingName: hana-cloud - servicePlanName: hana - parameters: - "data:\n memory: 48\n vcpu: 12\n systempassword: Cloud-12345! \n whitelistIPs:\n - \ - 127.0.0.1/0\n enabledservices:\n scriptserver: true\n edition: cloud\n" diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml deleted file mode 100644 index 2156990..0000000 --- a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -# Source: provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml -apiVersion: btp.sap.crossplane.io/v1alpha1 -kind: ProviderConfig -metadata: - name: "provider-config-ref-name-btp-account-mcp-blueprints" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - cliServerUrl: "https://cli.btp.cloud.sap" - globalAccount: "globalaccountsubdomain" - cisCredentials: - secretRef: - key: btp-cis-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret - serviceAccountSecret: - secretRef: - key: btp-service-account-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml deleted file mode 100644 index 85230a8..0000000 --- a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Subaccount -metadata: - name: subaccount1 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - description: Sub Account managed by OpenMCP & IaD - displayName: CO Managed Control Plane Blueprint Sub-Account - region: eu01 - subaccountAdminEmails: [] - subdomain: mcp-blueprint-test-1 - providerConfigRef: - name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml deleted file mode 100644 index 4e2f274..0000000 --- a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Entitlement -metadata: - name: auditlog-oauth2 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - serviceName: auditlog-management - servicePlanName: default - amount: 1 - subaccountRef: - name: subaccount1 - providerConfigRef: - name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml deleted file mode 100644 index edf3f2a..0000000 --- a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# Source: provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: "btp-account-mcp-blueprints" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - refreshInterval: "15m" - secretStoreRef: - name: "hashicorp-vault" - kind: "SecretStore" - target: - name: "btp-account-mcp-blueprints" - data: - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-cis-provider-credentials - secretKey: btp-cis-provider-credentials - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-service-account-provider-credentials - secretKey: btp-service-account-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml deleted file mode 100644 index 5f099a9..0000000 --- a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -# Source: provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml -apiVersion: external-secrets.io/v1beta1 -kind: SecretStore -metadata: - name: "hashicorp-vault" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - provider: - vault: - auth: - kubernetes: - mountPath: kubernetes - role: mcp-blueprints - secretRef: - key: token - name: vault-token-sa - namespace: default - namespace: ns1 - path: k8s-clusters - server: https://vault.example/ - version: v2 From 5425661e2fb6003c0c71119ea7ab0e1096eb49bf Mon Sep 17 00:00:00 2001 From: Wiktor Chomik Date: Fri, 30 May 2025 11:56:43 +0200 Subject: [PATCH 07/12] Revert "chore(ci): k8s manifest templated for Helm Charts" This reverts commit 17bd1630c37e3ceedff9fc021dbc73b8ef8ed753. --- .../templates/cloud-foundry-environment.yaml | 19 - .../mcp/btp-accounts/sub-accounts.yaml | 10 +- .../mcp/btp-subscriptions/entitlements.yaml | 4 +- .../mcp/btp-subscriptions/servicemanager.yaml | 20 + .../templates/external-secret.yaml | 26 + .../templates/secret-store.yaml | 10 +- .../services-binding-services-cloud-sap.yaml | 19 + .../services-instance-services-cloud-sap.yaml | 16 + .../mcp/btp-accounts/sub-accounts.yaml | 18 + .../mcp/btp-subscriptions/entitlements.yaml | 18 + .../btp.sap.crossplane.io.yaml | 24 + .../templates/external-secret.yaml | 26 + .../templates/secret-store.yaml | 25 + .../btp.sap.crossplane.io.yaml | 24 + .../custom-chart/templates/deployment.yaml | 50 ++ .../custom-chart/templates/service.yaml | 22 + .../templates/tests/test-connection.yaml | 21 + .../templates/external-secret.yaml | 26 + .../templates/secret-store.yaml | 25 + .../templates/ValidatingAdmissionPolicy.yaml | 32 + .../ValidatingAdmissionPolicyBinding.yaml | 16 + .../btp.sap.crossplane.io.yaml | 24 + .../mcp/btp-accounts/sub-accounts.yaml | 36 + .../btp-subscriptions/cloud-management.yaml | 2 +- .../mcp/btp-subscriptions/entitlements.yaml | 36 + .../mcp/btp-subscriptions/servicemanager.yaml | 2 +- .../mcp/btp-subscriptions/subscription.yaml | 20 + .../btp.sap.crossplane.io.yaml | 24 + .../templates/pkg-crossplane-provider.yaml | 70 ++ .../mcp/btp-accounts/sub-accounts.yaml | 18 + .../mcp/btp-subscriptions/entitlements.yaml | 18 + ...mpostions-apiextensions-crossplane-io.yaml | 822 ++++++++++++++++++ .../templates/eip-ec2-aws-upbound-io.yaml | 26 + .../internet-gateway-ec2-aws-upbound-io.yaml | 30 + ...-rable-association-ec2-aws-upbound-io.yaml | 16 + .../nat-gateway-ec2-aws-upbound-io.yaml | 40 + .../templates/route-ec2-aws-upbound-io.yaml | 17 + ...-table-association-ec2-aws-upbound-io.yaml | 76 ++ .../route-table-ec2-aws-upbound-io.yaml | 30 + .../security-group-ec2-aws-upbound-io.yaml | 18 + ...ecurity-group-rule-ec2-aws-upbound-io.yaml | 42 + .../templates/subnet-ec2-aws-upbound-io.yaml | 146 ++++ .../templates/vpc-ec2-aws-upbound-io.yaml | 48 + .../templates/cluster-eks-aws-upbound-io.yaml | 40 + .../node-group-eks-aws-upbound-io.yaml | 41 + .../templates/role-iam-aws-upbound-io.yaml | 38 + ...-policy-attachment-iam-aws-upbound-io.yaml | 28 + .../instance-rdr-aws-upbound-io.yaml | 34 + .../templates/external-secret.yaml | 26 + .../templates/secret-store.yaml | 24 + .../btp.sap.crossplane.io.yaml | 6 +- .../mcp/btp-accounts/sub-accounts.yaml | 18 + .../mcp/btp-subscriptions/entitlements.yaml | 18 + .../templates/external-secret.yaml | 4 +- .../templates/secret-store.yaml | 25 + .../admin-kubeconfig-request.yaml | 21 + .../gardener-orchestrate-cloud-sap.yaml | 16 + .../providerConfigs/helm-crossplane-io.yaml | 16 + .../kubernetes-crossplane-io.yaml | 16 + .../templates/helm-release.yaml | 42 + .../templates/external-secret.yaml | 22 + .../templates/secret-store.yaml | 25 + .../gardener-shoot-cluster-gcp.yaml | 97 +++ .../admin-kubeconfig-request.yaml | 18 + .../gardener-orchestrate-cloud-sap.yaml | 16 + .../providerConfigs/helm-crossplane-io.yaml | 16 + .../kubernetes-crossplane-io.yaml | 16 + .../templates/helm-release.yaml | 42 + .../templates/external-secret.yaml | 22 + .../templates/secret-store.yaml | 25 + 70 files changed, 2686 insertions(+), 38 deletions(-) delete mode 100644 manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-environment/templates/cloud-foundry-environment.yaml rename manifests/{dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime => helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator}/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml (54%) rename manifests/{dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime => helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator}/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml (70%) create mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml create mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml rename manifests/{dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime => helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator}/charts/external-secrets-config/templates/secret-store.yaml (65%) create mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml create mode 100644 manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml create mode 100644 manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-definition/landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml create mode 100644 manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-definition/landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml create mode 100644 manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml create mode 100644 manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/external-secret.yaml create mode 100644 manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/secret-store.yaml create mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml create mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/deployment.yaml create mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/service.yaml create mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/tests/test-connection.yaml create mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/external-secret.yaml create mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/secret-store.yaml create mode 100644 manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicy.yaml create mode 100644 manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicyBinding.yaml create mode 100644 manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml create mode 100644 manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml rename manifests/{dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime => helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts}/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml (78%) create mode 100644 manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml rename manifests/{dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime => helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts}/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml (80%) create mode 100644 manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/subscription.yaml create mode 100644 manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml create mode 100644 manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml create mode 100644 manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml create mode 100644 manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/main-route-rable-association-ec2-aws-upbound-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-ec2-aws-upbound-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-ec2-aws-upbound-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/cluster-eks-aws-upbound-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/node-group-eks-aws-upbound-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-iam-aws-upbound-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-policy-attachment-iam-aws-upbound-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-rdr/templates/instance-rdr-aws-upbound-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/external-secret.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/secret-store.yaml rename manifests/{dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime => helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts}/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml (72%) create mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml rename manifests/{dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime => helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts}/charts/external-secrets-config/templates/external-secret.yaml (84%) create mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-gardener-shoot-kubeconfigs/templates/mcp-manifests/admin-kubeconfig-request.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-helm/templates/helm-release.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/external-secret.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/secret-store.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/garden-manifests/gardener-shoot-cluster-gcp.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/mcp-manifests/admin-kubeconfig-request.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-helm/templates/helm-release.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/external-secret.yaml create mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/secret-store.yaml diff --git a/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-environment/templates/cloud-foundry-environment.yaml b/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-environment/templates/cloud-foundry-environment.yaml deleted file mode 100644 index b3886d6..0000000 --- a/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-environment/templates/cloud-foundry-environment.yaml +++ /dev/null @@ -1,19 +0,0 @@ ---- -# Source: btp-cf-env-runtime/charts/crossplane-provider-sap-btp-environment/templates/cloud-foundry-environment.yaml -apiVersion: environment.btp.sap.crossplane.io/v1alpha1 -kind: CloudFoundryEnvironment -metadata: - name: btp-account-provider-config-test - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-environment" - openmcp.cloud/blueprint-building-block-version: "0.0.15" -spec: - providerConfigRef: - name: btp-account-provider-config - forProvider: - initialOrgManagers: [] - landscape: eu01 - cloudManagementRef: - name: dev-eu01 - subaccountRef: - name: dev-eu01 diff --git a/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml similarity index 54% rename from manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml rename to manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml index 4079d4d..a78b2b5 100644 --- a/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +++ b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml @@ -1,5 +1,5 @@ --- -# Source: btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +# Source: btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml apiVersion: account.btp.sap.crossplane.io/v1alpha1 kind: Subaccount metadata: @@ -9,10 +9,10 @@ metadata: openmcp.cloud/blueprint-building-block-version: "0.0.9" spec: forProvider: - description: Open Orchestrator Managed Control Plane Blueprint PoC - displayName: exmpl dev eu01 + description: Open Managed Control Plane Blueprint + displayName: dev-eu01 region: eu01 subaccountAdminEmails: [] - subdomain: exmpl-dev-eu01 + subdomain: dev-eu01 providerConfigRef: - name: "btp-account-provider-config" + name: "btpSapCrossplaneProviderConfigRefName" diff --git a/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml similarity index 70% rename from manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml rename to manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml index 1ee7044..33d8bf1 100644 --- a/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +++ b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml @@ -1,5 +1,5 @@ --- -# Source: btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +# Source: btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml apiVersion: account.btp.sap.crossplane.io/v1alpha1 kind: Entitlement metadata: @@ -15,4 +15,4 @@ spec: subaccountRef: name: subaccount1 providerConfigRef: - name: "btp-account-provider-config" + name: "btpSapCrossplaneProviderConfigRefName" diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml new file mode 100644 index 0000000..6689b29 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml @@ -0,0 +1,20 @@ +--- +# Source: btp-service-operator/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml +apiVersion: account.btp.sap.crossplane.io/v1beta1 +kind: ServiceManager +metadata: + name: subaccount1 + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" + openmcp.cloud/blueprint-building-block-version: "0.0.9" +spec: + writeConnectionSecretToRef: + # !!! TODO: Make this configurable !!! + name: btp-service-manager-btpSapCrossplaneProviderConfigRefName-subaccount1 + # !!! TODO: Make this configurable !!! + namespace: default + forProvider: + subaccountRef: + name: subaccount1 + providerConfigRef: + name: "btpSapCrossplaneProviderConfigRefName" diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml new file mode 100644 index 0000000..5409f7d --- /dev/null +++ b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml @@ -0,0 +1,26 @@ +--- +# Source: btp-service-operator/charts/external-secrets-config/templates/external-secret.yaml +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: "btp-account" + namespace: "default" + labels: + openmcp.cloud/blueprint-building-block: "external-secrets-config" + openmcp.cloud/blueprint-building-block-version: "0.1.10" +spec: + refreshInterval: "15m" + secretStoreRef: + name: "hashicorp-vault" + kind: "SecretStore" + target: + name: "btp-account" + data: + - remoteRef: + key: btp-endpoint.example/btp-account + property: btp-cis-provider-credentials + secretKey: btp-cis-provider-credentials + - remoteRef: + key: btp-endpoint.example/btp-account + property: btp-service-account-provider-credentials + secretKey: btp-service-account-provider-credentials diff --git a/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml similarity index 65% rename from manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/external-secrets-config/templates/secret-store.yaml rename to manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml index 02de3fa..8fe474b 100644 --- a/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/external-secrets-config/templates/secret-store.yaml +++ b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml @@ -1,5 +1,5 @@ --- -# Source: btp-cf-env-runtime/charts/external-secrets-config/templates/secret-store.yaml +# Source: btp-service-operator/charts/external-secrets-config/templates/secret-store.yaml apiVersion: external-secrets.io/v1beta1 kind: SecretStore metadata: @@ -13,13 +13,13 @@ spec: vault: auth: kubernetes: - mountPath: k8s-openmcp-blueprints - role: k8s-openmcp-role + mountPath: kubernetes + role: openmcp-kubernetes secretRef: key: token - name: vault-tokenreview-service-account + name: vault-token-sa namespace: default - namespace: openmcp/blueprints + namespace: ns1 path: mcps server: https://vault.example/ version: v2 diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml new file mode 100644 index 0000000..b028d57 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml @@ -0,0 +1,19 @@ +--- +# Source: btp-service-operator/charts/sap-btp-services/templates/services-binding-services-cloud-sap.yaml +apiVersion: services.cloud.sap.com/v1alpha1 +kind: ServiceBinding +metadata: + name: hana-binding + namespace: default + labels: + openmcp.cloud/blueprint-building-block: "sap-btp-services" + openmcp.cloud/blueprint-building-block-version: "0.0.12" +spec: + serviceInstanceName: hana-cloud + secretName: hana-binding-secret + parameters: + [] + credentialsRotationPolicy: + enabled: false + rotatedBindingTTL: 1s + rotationFrequency: 1s diff --git a/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml new file mode 100644 index 0000000..5d8d94f --- /dev/null +++ b/manifests/helm/umbrella/blueprints/btp-service-operator.abc.shoot.live.k8s-hana.ondemand.com/btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml @@ -0,0 +1,16 @@ +--- +# Source: btp-service-operator/charts/sap-btp-services/templates/services-instance-services-cloud-sap.yaml +apiVersion: services.cloud.sap.com/v1alpha1 +kind: ServiceInstance +metadata: + name: hana-cloud + namespace: default + labels: + openmcp.cloud/blueprint-building-block: "sap-btp-services" + openmcp.cloud/blueprint-building-block-version: "0.0.12" +spec: + serviceOfferingName: hana-cloud + servicePlanName: hana + parameters: + "data:\n memory: 48\n vcpu: 12\n systempassword: Cloud-12345! \n whitelistIPs:\n + \ - 127.0.0.1/0\n enabledservices:\n scriptserver: true\n edition: cloud\n" diff --git a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-definition/landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-definition/landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml new file mode 100644 index 0000000..51ca774 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-definition/landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml @@ -0,0 +1,18 @@ +--- +# Source: landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +apiVersion: account.btp.sap.crossplane.io/v1alpha1 +kind: Subaccount +metadata: + name: subaccount1 + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" + openmcp.cloud/blueprint-building-block-version: "0.0.9" +spec: + forProvider: + description: Sub Account managed by Open MCP & IaD + displayName: Open Managed Control Plane Blueprint Sub-Account + region: eu01 + subaccountAdminEmails: [] + subdomain: dev-eu01 + providerConfigRef: + name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-definition/landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-definition/landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml new file mode 100644 index 0000000..66bead4 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-definition/landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml @@ -0,0 +1,18 @@ +--- +# Source: landscape-definition/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +apiVersion: account.btp.sap.crossplane.io/v1alpha1 +kind: Entitlement +metadata: + name: auditlog-oauth2 + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" + openmcp.cloud/blueprint-building-block-version: "0.0.9" +spec: + forProvider: + serviceName: auditlog-management + servicePlanName: default + amount: 1 + subaccountRef: + name: subaccount1 + providerConfigRef: + name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml new file mode 100644 index 0000000..f137ac3 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml @@ -0,0 +1,24 @@ +--- +# Source: landscape-provider-cfgs-credentials/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +apiVersion: btp.sap.crossplane.io/v1alpha1 +kind: ProviderConfig +metadata: + name: "provider-config-ref-name-btp-account-mcp-blueprints" + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" + openmcp.cloud/blueprint-building-block-version: "0.0.18" +spec: + cliServerUrl: "https://cli.btp.cloud.sap" + globalAccount: "globalaccountsubdomain" + cisCredentials: + secretRef: + key: btp-cis-provider-credentials + name: btp-account-mcp-blueprints + namespace: default + source: Secret + serviceAccountSecret: + secretRef: + key: btp-service-account-provider-credentials + name: btp-account-mcp-blueprints + namespace: default + source: Secret diff --git a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/external-secret.yaml new file mode 100644 index 0000000..190fd33 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/external-secret.yaml @@ -0,0 +1,26 @@ +--- +# Source: landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/external-secret.yaml +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: "btp-account-mcp-blueprints" + namespace: "default" + labels: + openmcp.cloud/blueprint-building-block: "external-secrets-config" + openmcp.cloud/blueprint-building-block-version: "0.1.10" +spec: + refreshInterval: "15m" + secretStoreRef: + name: "hashicorp-vault" + kind: "SecretStore" + target: + name: "btp-account-mcp-blueprints" + data: + - remoteRef: + key: btp-endpoint.example/btp-account + property: btp-cis-provider-credentials + secretKey: btp-cis-provider-credentials + - remoteRef: + key: btp-endpoint.example/btp-account + property: btp-service-account-provider-credentials + secretKey: btp-service-account-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/secret-store.yaml new file mode 100644 index 0000000..ec55947 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/secret-store.yaml @@ -0,0 +1,25 @@ +--- +# Source: landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/secret-store.yaml +apiVersion: external-secrets.io/v1beta1 +kind: SecretStore +metadata: + name: "hashicorp-vault" + namespace: "default" + labels: + openmcp.cloud/blueprint-building-block: "external-secrets-config" + openmcp.cloud/blueprint-building-block-version: "0.1.10" +spec: + provider: + vault: + auth: + kubernetes: + mountPath: kubernetes + role: mcp-blueprints + secretRef: + key: token + name: vault-token-sa + namespace: default + namespace: ns1 + path: k8s-clusters + server: https://vault.example/ + version: v2 diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml new file mode 100644 index 0000000..334306c --- /dev/null +++ b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml @@ -0,0 +1,24 @@ +--- +# Source: include-custom-helm-charts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +apiVersion: btp.sap.crossplane.io/v1alpha1 +kind: ProviderConfig +metadata: + name: "provider-config-ref-name-btp-account-mcp-blueprints" + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" + openmcp.cloud/blueprint-building-block-version: "0.0.18" +spec: + cliServerUrl: "https://cli.btp.cloud.sap" + globalAccount: "globalaccountsubdomain" + cisCredentials: + secretRef: + key: btp-cis-provider-credentials + name: btp-account-mcp-blueprints + namespace: default + source: Secret + serviceAccountSecret: + secretRef: + key: btp-service-account-provider-credentials + name: btp-account-mcp-blueprints + namespace: default + source: Secret diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/deployment.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/deployment.yaml new file mode 100644 index 0000000..c321e27 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/deployment.yaml @@ -0,0 +1,50 @@ +--- +# Source: include-custom-helm-charts/charts/custom-chart/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: helm-release-name-custom-chart + labels: + helm.sh/chart: custom-chart-0.0.2 + app.kubernetes.io/name: custom-chart + app.kubernetes.io/instance: helm-release-name + app.kubernetes.io/version: "1.16.0" + app.kubernetes.io/managed-by: Helm +spec: + replicas: 2 + selector: + matchLabels: + app.kubernetes.io/name: custom-chart + app.kubernetes.io/instance: helm-release-name + template: + metadata: + labels: + helm.sh/chart: custom-chart-0.0.2 + app.kubernetes.io/name: custom-chart + app.kubernetes.io/instance: helm-release-name + app.kubernetes.io/version: "1.16.0" + app.kubernetes.io/managed-by: Helm + spec: + serviceAccountName: default + securityContext: + {} + containers: + - name: custom-chart + securityContext: + {} + image: "nginx:1.16.0" + imagePullPolicy: Always + ports: + - name: http + containerPort: 80 + protocol: TCP + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + resources: + {} diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/service.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/service.yaml new file mode 100644 index 0000000..480ffc9 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/service.yaml @@ -0,0 +1,22 @@ +--- +# Source: include-custom-helm-charts/charts/custom-chart/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: helm-release-name-custom-chart + labels: + helm.sh/chart: custom-chart-0.0.2 + app.kubernetes.io/name: custom-chart + app.kubernetes.io/instance: helm-release-name + app.kubernetes.io/version: "1.16.0" + app.kubernetes.io/managed-by: Helm +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: http + protocol: TCP + name: http + selector: + app.kubernetes.io/name: custom-chart + app.kubernetes.io/instance: helm-release-name diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/tests/test-connection.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/tests/test-connection.yaml new file mode 100644 index 0000000..c93abe6 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/tests/test-connection.yaml @@ -0,0 +1,21 @@ +--- +# Source: include-custom-helm-charts/charts/custom-chart/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "helm-release-name-custom-chart-test-connection" + labels: + helm.sh/chart: custom-chart-0.0.2 + app.kubernetes.io/name: custom-chart + app.kubernetes.io/instance: helm-release-name + app.kubernetes.io/version: "1.16.0" + app.kubernetes.io/managed-by: Helm + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['helm-release-name-custom-chart:80'] + restartPolicy: Never diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/external-secret.yaml new file mode 100644 index 0000000..a0990fc --- /dev/null +++ b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/external-secret.yaml @@ -0,0 +1,26 @@ +--- +# Source: include-custom-helm-charts/charts/external-secrets-config/templates/external-secret.yaml +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: "btp-account-mcp-blueprints" + namespace: "default" + labels: + openmcp.cloud/blueprint-building-block: "external-secrets-config" + openmcp.cloud/blueprint-building-block-version: "0.1.10" +spec: + refreshInterval: "15m" + secretStoreRef: + name: "hashicorp-vault" + kind: "SecretStore" + target: + name: "btp-account-mcp-blueprints" + data: + - remoteRef: + key: btp-endpoint.example/btp-account + property: btp-cis-provider-credentials + secretKey: btp-cis-provider-credentials + - remoteRef: + key: btp-endpoint.example/btp-account + property: btp-service-account-provider-credentials + secretKey: btp-service-account-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/secret-store.yaml new file mode 100644 index 0000000..a5989e8 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/secret-store.yaml @@ -0,0 +1,25 @@ +--- +# Source: include-custom-helm-charts/charts/external-secrets-config/templates/secret-store.yaml +apiVersion: external-secrets.io/v1beta1 +kind: SecretStore +metadata: + name: "hashicorp-vault" + namespace: "default" + labels: + openmcp.cloud/blueprint-building-block: "external-secrets-config" + openmcp.cloud/blueprint-building-block-version: "0.1.10" +spec: + provider: + vault: + auth: + kubernetes: + mountPath: kubernetes + role: mcp-blueprints + secretRef: + key: token + name: vault-token-sa + namespace: default + namespace: ns1 + path: k8s-clusters + server: https://vault.example/ + version: v2 diff --git a/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicy.yaml b/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicy.yaml new file mode 100644 index 0000000..f1bb076 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicy.yaml @@ -0,0 +1,32 @@ +--- +# Source: k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicy.yaml +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingAdmissionPolicy +metadata: + name: crossplane-helm-provider-config-if-secret-exists + labels: + openmcp.cloud/blueprint-building-block: "k8s-validating-admission-policy" + openmcp.cloud/blueprint-building-block-version: "0.0.5" +spec: + failurePolicy: Fail + matchConstraints: + resourceRules: + - apiGroups: + - "" + apiVersions: + - v1 + operations: + - DELETE + resources: + - secrets + paramKind: + apiVersion: helm.crossplane.io/v1beta1 + kind: ProviderConfig + validations: + - expression: "( \nhas(params.spec) && \nhas(params.spec.credentials) && \nhas(params.spec.credentials.secretRef) + && \nhas(params.spec.credentials.secretRef.name) && \noldObject.metadata.name + != params.spec.credentials.secretRef.name &&\noldObject.metadata.namespace != + params.spec.credentials.secretRef.namespace\n)\n" + messageExpression: '''Secret %s cannot be deleted because its referenced in Kind:%s + (%s) %s''.format([oldObject.metadata.name,params.kind,params.apiVersion,params.metadata.name])' + reason: Invalid diff --git a/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicyBinding.yaml b/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicyBinding.yaml new file mode 100644 index 0000000..c63c7fc --- /dev/null +++ b/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicyBinding.yaml @@ -0,0 +1,16 @@ +--- +# Source: k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicyBinding.yaml +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingAdmissionPolicyBinding +metadata: + name: crossplane-helm-provider-config-secret-binding + labels: + openmcp.cloud/blueprint-building-block: "k8s-validating-admission-policy" + openmcp.cloud/blueprint-building-block-version: "0.0.5" +spec: + paramRef: + parameterNotFoundAction: Allow + selector: {} + policyName: crossplane-helm-provider-config-if-secret-exists + validationActions: + - Deny diff --git a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml new file mode 100644 index 0000000..12c9fda --- /dev/null +++ b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml @@ -0,0 +1,24 @@ +--- +# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +apiVersion: btp.sap.crossplane.io/v1alpha1 +kind: ProviderConfig +metadata: + name: "btp-account-provider-config" + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" + openmcp.cloud/blueprint-building-block-version: "0.0.18" +spec: + cliServerUrl: "https://cli.btp.cloud.sap" + globalAccount: "example1-aabb-1234-o987-3xampl3qwer6" + cisCredentials: + secretRef: + key: data + name: cis-provider-secret + namespace: default + source: Secret + serviceAccountSecret: + secretRef: + key: credentials + name: sa-provider-secret + namespace: default + source: Secret diff --git a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml new file mode 100644 index 0000000..d21c16d --- /dev/null +++ b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml @@ -0,0 +1,36 @@ +--- +# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +apiVersion: account.btp.sap.crossplane.io/v1alpha1 +kind: Subaccount +metadata: + name: subaccount1 + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" + openmcp.cloud/blueprint-building-block-version: "0.0.9" +spec: + forProvider: + description: 'Sub Account managed by OpenMCP & IaD from OpenMCP #2' + displayName: 'MCP #1 Blueprint Sub-Account #1' + region: eu01 + subaccountAdmins: [] + subdomain: blueprint-test-1 + providerConfigRef: + name: "btp-account-provider-config" +--- +# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +apiVersion: account.btp.sap.crossplane.io/v1alpha1 +kind: Subaccount +metadata: + name: subaccount2 + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" + openmcp.cloud/blueprint-building-block-version: "0.0.9" +spec: + forProvider: + description: 'Sub Account managed by OpenMCP & IaD from OpenMCP #2 new' + displayName: 'MCP #1 Blueprint Sub-Account #2' + region: eu01 + subaccountAdmins: [] + subdomain: blueprint-test-2 + providerConfigRef: + name: "btp-account-provider-config" diff --git a/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml similarity index 78% rename from manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml rename to manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml index f584e0c..a1ed4bd 100644 --- a/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml +++ b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml @@ -1,5 +1,5 @@ --- -# Source: btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml +# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml apiVersion: account.btp.sap.crossplane.io/v1alpha1 kind: CloudManagement metadata: diff --git a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml new file mode 100644 index 0000000..b5baa51 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml @@ -0,0 +1,36 @@ +--- +# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +apiVersion: account.btp.sap.crossplane.io/v1alpha1 +kind: Entitlement +metadata: + name: auditlog-viewer + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" + openmcp.cloud/blueprint-building-block-version: "0.0.9" +spec: + forProvider: + serviceName: auditlog-viewer + servicePlanName: free + enable: true + subaccountRef: + name: subaccount1 + providerConfigRef: + name: "btp-account-provider-config" +--- +# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +apiVersion: account.btp.sap.crossplane.io/v1alpha1 +kind: Entitlement +metadata: + name: cis-local + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" + openmcp.cloud/blueprint-building-block-version: "0.0.9" +spec: + forProvider: + serviceName: cis + servicePlanName: local + enable: true + subaccountRef: + name: subaccount1 + providerConfigRef: + name: "btp-account-provider-config" diff --git a/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml similarity index 80% rename from manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml rename to manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml index e763137..3664c61 100644 --- a/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml +++ b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml @@ -1,5 +1,5 @@ --- -# Source: btp-cf-env-runtime/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml +# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml apiVersion: account.btp.sap.crossplane.io/v1beta1 kind: ServiceManager metadata: diff --git a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/subscription.yaml b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/subscription.yaml new file mode 100644 index 0000000..7b07fd4 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/subscription.yaml @@ -0,0 +1,20 @@ +--- +# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/subscription.yaml +apiVersion: account.btp.sap.crossplane.io/v1alpha1 +kind: Subscription +metadata: + name: subaccount1-auditlog-viewer + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" + openmcp.cloud/blueprint-building-block-version: "0.0.9" +spec: + providerConfigRef: + name: btp-account-provider-config + forProvider: + appName: auditlog-viewer + planName: free + cloudManagementRef: + name: subaccount1 + writeConnectionSecretToRef: + name: auditlog-viewer + namespace: default diff --git a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml new file mode 100644 index 0000000..e7cb133 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml @@ -0,0 +1,24 @@ +--- +# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +apiVersion: btp.sap.crossplane.io/v1alpha1 +kind: ProviderConfig +metadata: + name: "provider-config-ref-name-btp-account-mcp-blueprints" + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" + openmcp.cloud/blueprint-building-block-version: "0.0.18" +spec: + cliServerUrl: "https://cli.btp.cloud.sap" + globalAccount: "globalaccountsubdomain" + cisCredentials: + secretRef: + key: btp-cis-provider-credentials + name: btp-account-mcp-blueprints + namespace: default + source: Secret + serviceAccountSecret: + secretRef: + key: btp-service-account-provider-credentials + name: btp-account-mcp-blueprints + namespace: default + source: Secret diff --git a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml b/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml new file mode 100644 index 0000000..67a9ebb --- /dev/null +++ b/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml @@ -0,0 +1,70 @@ +--- +# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml +apiVersion: pkg.crossplane.io/v1 +kind: Provider +metadata: + name: provider-ias + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-pkgs" + openmcp.cloud/blueprint-building-block-version: "0.0.13" +spec: + package: ocm/crossplane/provider-ias:0.2.2 + packagePullPolicy: IfNotPresent + packagePullSecrets: + - name: pull-secret +--- +# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml +apiVersion: pkg.crossplane.io/v1 +kind: Provider +metadata: + name: provider-gardener-auth + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-pkgs" + openmcp.cloud/blueprint-building-block-version: "0.0.13" +spec: + package: ocm/crossplane/provider-gardener-auth:0.0.4 + packagePullPolicy: IfNotPresent + packagePullSecrets: + - name: pull-secret +--- +# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml +apiVersion: pkg.crossplane.io/v1 +kind: Provider +metadata: + name: provider-kubernetes + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-pkgs" + openmcp.cloud/blueprint-building-block-version: "0.0.13" +spec: + package: xpkg.upbound.io/crossplane-contrib/provider-kubernetes:v0.15.0 + packagePullPolicy: IfNotPresent + packagePullSecrets: + - name: pull-secret +--- +# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml +apiVersion: pkg.crossplane.io/v1 +kind: Provider +metadata: + name: provider-helm + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-pkgs" + openmcp.cloud/blueprint-building-block-version: "0.0.13" +spec: + package: xpkg.upbound.io/crossplane-contrib/provider-helm:v0.19.0 + packagePullPolicy: IfNotPresent + packagePullSecrets: + - name: pull-secret +--- +# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml +apiVersion: pkg.crossplane.io/v1 +kind: Provider +metadata: + name: provider-btp + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-pkgs" + openmcp.cloud/blueprint-building-block-version: "0.0.13" +spec: + package: ghcr.io/sap/crossplane-provider-btp/crossplane/provider-btp:v1.0.2 + packagePullPolicy: IfNotPresent + packagePullSecrets: + - name: pull-secret diff --git a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml b/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml new file mode 100644 index 0000000..33588e0 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml @@ -0,0 +1,18 @@ +--- +# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +apiVersion: account.btp.sap.crossplane.io/v1alpha1 +kind: Subaccount +metadata: + name: subaccount1 + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" + openmcp.cloud/blueprint-building-block-version: "0.0.9" +spec: + forProvider: + description: Sub Account managed by OpenMCP & IaD + displayName: CO Managed Control Plane Blueprint Sub-Account + region: eu01 + subaccountAdminEmails: [] + subdomain: mcp-blueprint-test-1 + providerConfigRef: + name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml b/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml new file mode 100644 index 0000000..2a19a4b --- /dev/null +++ b/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml @@ -0,0 +1,18 @@ +--- +# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +apiVersion: account.btp.sap.crossplane.io/v1alpha1 +kind: Entitlement +metadata: + name: auditlog-oauth2 + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" + openmcp.cloud/blueprint-building-block-version: "0.0.9" +spec: + forProvider: + serviceName: auditlog-management + servicePlanName: default + amount: 1 + subaccountRef: + name: subaccount1 + providerConfigRef: + name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml new file mode 100644 index 0000000..533e29c --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml @@ -0,0 +1,822 @@ +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml +apiVersion: apiextensions.crossplane.io/v1 +kind: Composition +metadata: + name: nosqls.aws.api.example +spec: + compositeTypeRef: + apiVersion: aws.api.example/v1alpha1 + kind: NoSQL + resources: + - base: + apiVersion: s3.aws.upbound.io/v1beta1 + kind: Bucket + metadata: + name: basic-bucket + spec: + forProvider: + region: east-2 + providerConfigRef: + name: default + name: s3Bucket + patches: + - fromFieldPath: spec.location + toFieldPath: spec.forProvider.region + transforms: + - map: + EU: eu-north-1 + US: east-2 + type: map + type: FromCompositeFieldPath + - base: + apiVersion: dynamodb.aws.upbound.io/v1beta1 + kind: Table + metadata: + name: nosql-database + spec: + forProvider: + attribute: + - name: S3ID + type: S + hashKey: S3ID + readCapacity: 1 + region: east-2 + writeCapacity: 1 + name: dynamoDB + patches: + - fromFieldPath: spec.location + toFieldPath: spec.forProvider.region + transforms: + - map: + EU: eu-north-1 + US: east-2 + type: map + type: FromCompositeFieldPath +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml +apiVersion: apiextensions.crossplane.io/v1 +kind: Composition +metadata: + name: eks-cluster +spec: + compositeTypeRef: + apiVersion: api.example/v1alpha1 + kind: EKSCluster + mode: "Pipeline" + writeConnectionSecretsToNamespace: "crossplane-system" + pipeline: + - functionRef: + name: patch-and-transform + input: + apiVersion: pt.fn.crossplane.io/v1beta1 + kind: Resources + patchSets: + - name: common-parameters + patches: + - fromFieldPath: spec.parameters.region + toFieldPath: spec.forProvider.region + type: FromCompositeFieldPath + resources: + - base: + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: VPC + spec: + forProvider: + enableDnsHostnames: true + enableDnsSupport: true + providerConfigRef: + name: dev-aws + name: vpc + patches: + - patchSetName: common-parameters + type: PatchSet + - fromFieldPath: spec.parameters.vpc-cidrBlock + toFieldPath: spec.forProvider.cidrBlock + type: FromCompositeFieldPath + - base: + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: InternetGateway + metadata: + labels: + type: igw + spec: + forProvider: + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws + name: internetgateway + patches: + - patchSetName: common-parameters + type: PatchSet + - base: + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: Subnet + metadata: + labels: + type: subnet + visibility: public + spec: + forProvider: + mapPublicIpOnLaunch: true + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws + name: subnet-public-1 + patches: + - patchSetName: common-parameters + type: PatchSet + - fromFieldPath: spec.parameters.subnet1-public-cidrBlock + toFieldPath: spec.forProvider.cidrBlock + type: FromCompositeFieldPath + - fromFieldPath: spec.parameters.subnet1-public-availabilityZone + toFieldPath: spec.forProvider.availabilityZone + type: FromCompositeFieldPath + - fromFieldPath: spec.parameters.subnet1-public-availabilityZone + toFieldPath: metadata.labels.zone + type: FromCompositeFieldPath + - base: + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: Subnet + metadata: + labels: + type: subnet + visibility: public + spec: + forProvider: + mapPublicIpOnLaunch: true + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws + name: subnet-public-2 + patches: + - patchSetName: common-parameters + type: PatchSet + - fromFieldPath: spec.parameters.subnet2-public-cidrBlock + toFieldPath: spec.forProvider.cidrBlock + type: FromCompositeFieldPath + - fromFieldPath: spec.parameters.subnet2-public-availabilityZone + toFieldPath: spec.forProvider.availabilityZone + type: FromCompositeFieldPath + - fromFieldPath: spec.parameters.subnet2-public-availabilityZone + toFieldPath: metadata.labels.zone + type: FromCompositeFieldPath + - base: + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: Subnet + metadata: + labels: + type: subnet + visibility: private + spec: + forProvider: + mapPublicIpOnLaunch: false + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws + name: subnet-private-1 + patches: + - patchSetName: common-parameters + type: PatchSet + - fromFieldPath: spec.parameters.subnet1-private-cidrBlock + toFieldPath: spec.forProvider.cidrBlock + type: FromCompositeFieldPath + - fromFieldPath: spec.parameters.subnet1-private-availabilityZone + toFieldPath: spec.forProvider.availabilityZone + type: FromCompositeFieldPath + - fromFieldPath: spec.parameters.subnet1-private-availabilityZone + toFieldPath: metadata.labels.zone + type: FromCompositeFieldPath + - base: + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: Subnet + metadata: + labels: + type: subnet + visibility: private + spec: + forProvider: + mapPublicIpOnLaunch: false + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws + name: subnet-private-2 + patches: + - patchSetName: common-parameters + type: PatchSet + - fromFieldPath: spec.parameters.subnet2-private-cidrBlock + toFieldPath: spec.forProvider.cidrBlock + type: FromCompositeFieldPath + - fromFieldPath: spec.parameters.subnet2-private-availabilityZone + toFieldPath: spec.forProvider.availabilityZone + type: FromCompositeFieldPath + - fromFieldPath: spec.parameters.subnet2-private-availabilityZone + toFieldPath: metadata.labels.zone + type: FromCompositeFieldPath + - base: + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: EIP + metadata: + labels: + type: eip-1 + spec: + forProvider: + domain: vpc + providerConfigRef: + name: dev-aws + name: elastic-ip-1 + patches: + - patchSetName: common-parameters + type: PatchSet + - base: + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: EIP + metadata: + labels: + type: eip-2 + spec: + forProvider: + domain: vpc + providerConfigRef: + name: dev-aws + name: elastic-ip-2 + patches: + - patchSetName: common-parameters + type: PatchSet + - base: + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: NATGateway + metadata: + labels: + type: natgw-1 + spec: + forProvider: + allocationIdSelector: + matchLabels: + type: eip-1 + subnetIdSelector: + matchLabels: + type: subnet + visibility: public + providerConfigRef: + name: dev-aws + name: natgateway-1 + patches: + - patchSetName: common-parameters + type: PatchSet + - fromFieldPath: spec.parameters.subnet1-public-availabilityZone + toFieldPath: spec.forProvider.subnetIdSelector.matchLabels.zone + type: FromCompositeFieldPath + - base: + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: NATGateway + metadata: + labels: + type: natgw-2 + spec: + forProvider: + allocationIdSelector: + matchLabels: + type: eip-2 + subnetIdSelector: + matchLabels: + type: subnet + visibility: public + providerConfigRef: + name: dev-aws + name: natgateway-2 + patches: + - patchSetName: common-parameters + type: PatchSet + - fromFieldPath: spec.parameters.subnet2-public-availabilityZone + toFieldPath: spec.forProvider.subnetIdSelector.matchLabels.zone + type: FromCompositeFieldPath + - base: + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: RouteTable + spec: + forProvider: + region: PATCHED + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws + name: routetable-public + patches: + - patchSetName: common-parameters + type: PatchSet + - base: + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: RouteTable + spec: + forProvider: + region: PATCHED + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws + name: routetable-private-1 + patches: + - patchSetName: common-parameters + type: PatchSet + - base: + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: RouteTable + spec: + forProvider: + region: PATCHED + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws + name: routetable-private-2 + patches: + - patchSetName: common-parameters + type: PatchSet + - base: + apiVersion: eks.aws.upbound.io/v1beta1 + kind: Cluster + spec: + forProvider: + vpcConfig: + - endpointPrivateAccess: false + endpointPublicAccess: true + subnetIdSelector: + matchLabels: + type: subnet + visibility: private + providerConfigRef: + name: dev-aws + writeConnectionSecretToRef: + name: dev-connection-secret + namespace: crossplane-system + connectionDetails: + - fromConnectionSecretKey: kubeconfig + name: kubeconfig-value + type: FromConnectionSecretKey + name: eks-cluster + patches: + - patchSetName: common-parameters + type: PatchSet + - fromFieldPath: spec.parameters.k8s-version + toFieldPath: spec.forProvider.version + type: FromCompositeFieldPath + - fromFieldPath: metadata.uid + toFieldPath: spec.writeConnectionSecretToRef.name + transforms: + - string: + fmt: '%s-ekscluster-connection' + type: Format + type: string + type: FromCompositeFieldPath + - fromFieldPath: spec.parameters.cluster-role + toFieldPath: spec.forProvider.roleArn + type: FromCompositeFieldPath + - base: + apiVersion: iam.aws.upbound.io/v1beta1 + kind: Role + spec: + forProvider: + assumeRolePolicy: | + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "Service": "eks.amazonaws.com" + }, + "Action": "sts:AssumeRole" + } + ] + } + providerConfigRef: + name: dev-aws + name: role + - base: + apiVersion: iam.aws.upbound.io/v1beta1 + kind: RolePolicyAttachment + spec: + forProvider: + policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy + roleSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws + name: rolePolicyAttachment + - base: + apiVersion: eks.aws.upbound.io/v1beta1 + kind: NodeGroup + spec: + forProvider: + clusterNameSelector: + matchControllerRef: true + instanceTypes: + - t3.medium + scalingConfig: + - minSize: 1 + subnetIdSelector: + matchControllerRef: true + matchLabels: + type: subnet + visibility: private + providerConfigRef: + name: dev-aws + name: eks-nodegroup + patches: + - patchSetName: common-parameters + type: PatchSet + - fromFieldPath: spec.parameters.workers-size + toFieldPath: spec.forProvider.scalingConfig[0].desiredSize + type: FromCompositeFieldPath + - fromFieldPath: spec.parameters.workers-size + toFieldPath: spec.forProvider.scalingConfig[0].maxSize + type: FromCompositeFieldPath + - fromFieldPath: spec.parameters.workload-type + toFieldPath: spec.forProvider.amiType + transforms: + - map: + gpu: x86_GPU + non-gpu: x86 + type: map + type: FromCompositeFieldPath + - fromFieldPath: spec.parameters.workernode-role + toFieldPath: spec.forProvider.nodeRoleArn + type: FromCompositeFieldPath + step: patch-and-transform +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml +apiVersion: apiextensions.crossplane.io/v1 +kind: Composition +metadata: + name: vpc +spec: + compositeTypeRef: + apiVersion: api.example/v1alpha1 + kind: XVPC + mode: "Pipeline" + pipeline: + - functionRef: + name: go-templating + input: + apiVersion: gotemplating.fn.crossplane.io/v1beta1 + inline: + template: | + {{ $claimNamespace := index $.observed.composite.resource.metadata.labels "crossplane.io/claim-namespace" }} + {{ $tenantAwsProviderConfigRef := printf "%s-aws" $claimNamespace }} + {{ $params := get .observed.composite.resource.spec "parameters" | default dict }} + --- + apiVersion: ec2.aws.crossplane.io/v1beta1 + kind: VPC + metadata: + annotations: + {{ setResourceNameAnnotation "vpc" }} + crossplane.io/external-name: {{ get $params "id" | default ( print $claimNamespace "-vpc" ) }} + spec: + forProvider: + region: {{ get $params "region" | default "east-1" }} + vpcCidrBlock: {{ get $params "vpcCIDRBlock" | default "192.168.0.0/16" }} + enableDnsSupport: true + enableDnsHostNames: true + instanceTenancy: default + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef }} + kind: GoTemplate + source: Inline + step: compose-resources +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml +apiVersion: apiextensions.crossplane.io/v1 +kind: Composition +metadata: + name: rdsinstance +spec: + compositeTypeRef: + apiVersion: api.example/v1alpha1 + kind: XRDSInstance + mode: "Pipeline" + pipeline: + - functionRef: + name: go-templating + input: + apiVersion: gotemplating.fn.crossplane.io/v1beta1 + inline: + template: | + {{ $claimNamespace := index $.observed.composite.resource.metadata.labels "crossplane.io/claim-namespace" }} + {{ $claimNamespaceTrimmed := $claimNamespace | replace "-" "" }} + {{ $tenantAwsProviderConfigRef := printf "%s-aws" $claimNamespace }} + {{ $params := get .observed.composite.resource.spec "parameters" | default dict }} + --- + apiVersion: rds.aws.upbound.io/v1beta2 + kind: Instance + metadata: + annotations: + {{ setResourceNameAnnotation "rdsInstance" }} + crossplane.io/external-name: {{ get $params "id" | default ( print $claimNamespace "-rds-instance" ) }} + spec: + forProvider: + allocatedStorage: {{ get $params "storage" | default 20 }} + autoGeneratePassword: true + autoMinorVersionUpgrade: true + backupRetentionPeriod: 14 + backupWindow: "09:46-10:16" + dbName: {{ get $params "name" | default ( print $claimNamespaceTrimmed "db" ) }} + engine: postgres + engineVersion: "16.1" # 16.3? console shows RDS 16.1-R2 (PostgreSQL 13.1-R2) + instanceClass: {{ printf "db.t3.%s" (get $params "size" | default "micro") }} + maintenanceWindow: Mon:00:00-Mon:03:00 + passwordSecretRef: + key: password + name: {{ printf "%s-rds-root" $claimNamespace }} + namespace: {{ $claimNamespace }} + publiclyAccessible: false + region: {{ printf "%s-1" (get $params "region" | default "east") }} + skipFinalSnapshot: true + storageEncrypted: true + storageType: gp2 + username: adminuser + writeConnectionSecretToRef: + name: {{ printf "%s-rds-connection-details" $claimNamespace }} + namespace: {{ $claimNamespace }} + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef }} + kind: GoTemplate + source: Inline + step: compose-resources +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml +apiVersion: apiextensions.crossplane.io/v1 +kind: Composition +metadata: + name: eksnetwork.api.example +spec: + compositeTypeRef: + apiVersion: api.example/v1alpha1 + kind: XEKSNetwork + mode: "Pipeline" + pipeline: + - functionRef: + name: go-templating + input: + apiVersion: gotemplating.fn.crossplane.io/v1beta1 + inline: + template: | + {{ $claimNamespace := index $.observed.composite.resource.metadata.labels "crossplane.io/claim-namespace" }} + {{ $tenantAwsProviderConfigRef := printf "%s-aws" $claimNamespace }} + {{ $params := get .observed.composite.resource.spec "parameters" | default dict }} + --- + {{ $vpcResourceName := "vpc" }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: VPC + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $vpcResourceName }} + spec: + forProvider: + cidrBlock: {{ $params.vpcCidrBlock | toYaml }} + enableDnsHostnames: true + enableDnsSupport: true + tags: + Name: {{ printf "%s-%s" $params.id $vpcResourceName | toYaml }} + region: {{ $params.region | toYaml }} + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + --- + {{ $igwResourceName := "internet-gateway" }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: InternetGateway + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $igwResourceName }} + spec: + forProvider: + region: {{ $params.region | toYaml }} + tags: + Name: {{ printf "%s-%s" $params.id $igwResourceName | toYaml }} + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + {{ $region := $params.region | toYaml }} + {{- range $i, $subnet := $params.subnets }} + --- + {{ $subnetResourceName := printf "subnet-%s-%s-%s" $subnet.availabilityZone $subnet.type (toString $i) }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: Subnet + metadata: + labels: + zone: {{ $subnet.availabilityZone }} + {{- if eq $subnet.type "private" }} + access: private + {{- else }} + access: public + {{- end }} + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $subnetResourceName }} + spec: + forProvider: + cidrBlock: {{ $subnet.cidrBlock | toYaml }} + {{ if eq $subnet.type "public" }} + mapPublicIpOnLaunch: true + {{ end }} + tags: + {{- if eq $subnet.type "private" }} + kubernetes.io/role/internal-elb: "1" + {{- else }} + kubernetes.io/role/elb: "1" + {{- end }} + Name: {{ printf "%s-%s" $params.id $subnetResourceName | toYaml }} + region: {{ $region }} + vpcIdSelector: + matchControllerRef: true + availabilityZone: {{ $subnet.availabilityZone | toYaml }} + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + {{- end }} + --- + {{ $routeTableResourceName := "route-table" }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: RouteTable + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $routeTableResourceName }} + spec: + forProvider: + vpcIdSelector: + matchControllerRef: true + region: {{ $params.region | toYaml }} + tags: + Name: {{ printf "%s-%s" $params.id $routeTableResourceName | toYaml }} + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + --- + {{ $publicRouteResourceName := "public-route" }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: Route + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $publicRouteResourceName }} + spec: + forProvider: + destinationCidrBlock: 0.0.0.0/0 + gatewayIdSelector: + matchControllerRef: true + routeTableIdSelector: + matchControllerRef: true + region: {{ $params.region | toYaml }} + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + --- + {{ $mainRouteTableAssociationResourceName := "main-route-table-association" }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: MainRouteTableAssociation + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $mainRouteTableAssociationResourceName }} + spec: + forProvider: + region: {{ $params.region | toYaml }} + routeTableIdSelector: + matchControllerRef: true + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + {{- range $i, $subnet := $params.subnets }} + --- + {{ $routeTableAssociationResourceName := printf "route-table-association-%s-%s-%s" $subnet.availabilityZone $subnet.type (toString $i) }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: RouteTableAssociation + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $routeTableAssociationResourceName }} + spec: + forProvider: + region: {{ $region }} + routeTableIdSelector: + matchControllerRef: true + subnetIdSelector: + matchControllerRef: true + matchLabels: + {{- if eq $subnet.type "private" }} + access: private + {{- else }} + access: public + {{- end }} + zone: {{ $subnet.availabilityZone | toYaml }} + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + {{- end }} + --- + {{ $sgResourceName := "security-group" }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: SecurityGroup + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $sgResourceName }} + spec: + forProvider: + description: Allow access to databases + name: {{ printf "%s-%s" $params.id $sgResourceName | toYaml }} + vpcIdSelector: + matchControllerRef: true + region: {{ $params.region | toYaml }} + tags: + Name: {{ printf "%s-%s" $params.id $sgResourceName | toYaml }} + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + --- + {{ $sgrpRulePostGresResourceName := "security-group-rule-postgres" }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: SecurityGroupRule + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $sgrpRulePostGresResourceName }} + spec: + forProvider: + cidrBlocks: + - 192.168.0.0/16 + description: Everywhere + fromPort: 5432 + protocol: tcp + securityGroupIdSelector: + matchControllerRef: true + toPort: 5432 + type: ingress + region: {{ $params.region | toYaml }} + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + --- + {{ $sgrpRuleMySQLResourceName := "security-group-rule-mysql" }} + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: SecurityGroupRule + metadata: + labels: + eksnetworks.api.example/network-id: {{ $params.id | toYaml }} + annotations: + {{ setResourceNameAnnotation $sgrpRuleMySQLResourceName }} + spec: + forProvider: + cidrBlocks: + - 192.168.0.0/16 + description: Everywhere + fromPort: 3306 + protocol: tcp + securityGroupIdSelector: + matchControllerRef: true + toPort: 3306 + type: ingress + region: {{ $params.region | toYaml }} + providerConfigRef: + name: {{ $tenantAwsProviderConfigRef | toYaml }} + kind: GoTemplate + source: Inline + step: compose-resources + - functionRef: + name: go-templating + input: + apiVersion: gotemplating.fn.crossplane.io/v1beta1 + inline: + template: | + {{ $observedResources := get .observed "resources" | default dict }} + {{ $params := get .observed.composite.resource.spec "parameters" | default dict }} + {{ $vpcStatus := dig "vpc" "resource" "status" dict $observedResources }} + {{ $subnetsStatus := dict }} + {{ range $i, $subnet := $params.subnets }} + {{ $subnetResourceName := printf "subnet-%s-%s-%s" $subnet.availabilityZone $subnet.type (toString $i) }} + {{ $subnetStatuses := dig $subnetResourceName "resource" "status" dict $observedResources }} + {{ $subnetsStatus = merge $subnetsStatus (dict $subnetResourceName $subnetStatuses) }} + {{ end }} + apiVersion: api.example/v1alpha1 + kind: XEKSNetwork + status: + vpc: {{ $vpcStatus | toYaml | nindent 4 }} + subnets: {{ $subnetsStatus | toYaml | nindent 4 }} + kind: GoTemplate + source: Inline + step: set-xr-status + - functionRef: + name: auto-ready + step: automatically-detect-ready-composed-resources diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml new file mode 100644 index 0000000..692781b --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml @@ -0,0 +1,26 @@ +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: EIP +metadata: + name: dev-ekscluster +spec: + deletionPolicy: "" + forProvider: + domain: vpc + region: west-2 + providerConfigRef: + name: dev-aws +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: EIP +metadata: + name: dev-ekscluster-2 +spec: + deletionPolicy: "" + forProvider: + domain: vpc + region: west-2 + providerConfigRef: + name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml new file mode 100644 index 0000000..491ade3 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml @@ -0,0 +1,30 @@ +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: InternetGateway +metadata: + name: dev-ekscluster +spec: + deletionPolicy: "" + forProvider: + region: west-2 + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: InternetGateway +metadata: + name: reference-eks-network +spec: + deletionPolicy: "" + forProvider: + region: east-1 + tags: + Name: platform-ref-eks-network-internet-gateway + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/main-route-rable-association-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/main-route-rable-association-ec2-aws-upbound-io.yaml new file mode 100644 index 0000000..7c44279 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/main-route-rable-association-ec2-aws-upbound-io.yaml @@ -0,0 +1,16 @@ +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/main-route-rable-association-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: MainRouteTableAssociation +metadata: + name: reference-eks-network +spec: + deletionPolicy: "" + forProvider: + region: east-1 + routeTableIdSelector: + matchControllerRef: true + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml new file mode 100644 index 0000000..7f248f3 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml @@ -0,0 +1,40 @@ +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: NATGateway +metadata: + name: dev-ekscluster +spec: + deletionPolicy: "" + forProvider: + allocationIdSelector: + matchLabels: + type: eip-1 + region: west-2 + subnetIdSelector: + matchLabels: + type: subnet + visibility: public + zone: west-2a + providerConfigRef: + name: dev-aws +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: NATGateway +metadata: + name: dev-ekscluster-2 +spec: + deletionPolicy: "" + forProvider: + allocationIdSelector: + matchLabels: + type: eip-2 + region: west-2 + subnetIdSelector: + matchLabels: + type: subnet + visibility: public + zone: west-2b + providerConfigRef: + name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-ec2-aws-upbound-io.yaml new file mode 100644 index 0000000..399c9ad --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-ec2-aws-upbound-io.yaml @@ -0,0 +1,17 @@ +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: Route +metadata: + name: reference-eks-network +spec: + deletionPolicy: "" + forProvider: + destinationCidrBlock: 0.0.0.0/0 + gatewayIdSelector: + matchControllerRef: true + region: east-1 + routeTableIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml new file mode 100644 index 0000000..334e813 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml @@ -0,0 +1,76 @@ +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: RouteTableAssociation +metadata: + name: reference-eks-network-public +spec: + deletionPolicy: "" + forProvider: + region: east-1 + routeTableIdSelector: + matchControllerRef: true + subnetIdSelector: + matchControllerRef: true + matchLabels: + access: public + zone: east-1a + providerConfigRef: + name: dev-aws +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: RouteTableAssociation +metadata: + name: reference-eks-network-private +spec: + deletionPolicy: "" + forProvider: + region: east-1 + routeTableIdSelector: + matchControllerRef: true + subnetIdSelector: + matchControllerRef: true + matchLabels: + access: private + zone: east-1a + providerConfigRef: + name: dev-aws +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: RouteTableAssociation +metadata: + name: reference-eks-network-public-1b +spec: + deletionPolicy: "" + forProvider: + region: east-1 + routeTableIdSelector: + matchControllerRef: true + subnetIdSelector: + matchControllerRef: true + matchLabels: + access: public + zone: east-1b + providerConfigRef: + name: dev-aws +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: RouteTableAssociation +metadata: + name: reference-eks-network-private-1b +spec: + deletionPolicy: "" + forProvider: + region: east-1 + routeTableIdSelector: + matchControllerRef: true + subnetIdSelector: + matchControllerRef: true + matchLabels: + access: private + zone: east-1b + providerConfigRef: + name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml new file mode 100644 index 0000000..6c56542 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml @@ -0,0 +1,30 @@ +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: RouteTable +metadata: + name: dev-ekscluster +spec: + deletionPolicy: "" + forProvider: + region: west-2 + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: RouteTable +metadata: + name: reference-eks-network +spec: + deletionPolicy: "" + forProvider: + region: east-1 + tags: + Name: platform-ref-eks-network-route-table + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-ec2-aws-upbound-io.yaml new file mode 100644 index 0000000..88c5e15 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-ec2-aws-upbound-io.yaml @@ -0,0 +1,18 @@ +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: SecurityGroup +metadata: + name: reference-eks-network +spec: + deletionPolicy: "" + forProvider: + description: Allow access to databases + name: platform-ref-eks-network-security-group + region: east-1 + tags: + Name: platform-ref-eks-network-security-group + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml new file mode 100644 index 0000000..4b706a3 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml @@ -0,0 +1,42 @@ +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: SecurityGroupRuleRule +metadata: + name: reference-eks-network +spec: + deletionPolicy: "" + forProvider: + cidrBlocks: + - 192.168.0.0/16 + description: Everywhere + fromPort: 3306 + protocol: tcp + region: east-1 + securityGroupIdSelector: + matchControllerRef: true + toPort: 3306 + type: ingress + providerConfigRef: + name: dev-aws +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: SecurityGroupRuleRule +metadata: + name: reference-eks-network-5432 +spec: + deletionPolicy: "" + forProvider: + cidrBlocks: + - 192.168.0.0/16 + description: Everywhere + fromPort: 5432 + protocol: tcp + region: east-1 + securityGroupIdSelector: + matchControllerRef: true + toPort: 5432 + type: ingress + providerConfigRef: + name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml new file mode 100644 index 0000000..254fa55 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml @@ -0,0 +1,146 @@ +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: Subnet +metadata: + name: dev-ekscluster +spec: + deletionPolicy: "" + forProvider: + availabilityZone: west-2a + cidrBlock: 192.168.50.0/24 + mapPublicIpOnLaunch: false + region: west-2 + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: Subnet +metadata: + name: reference-eks-network +spec: + deletionPolicy: "" + forProvider: + availabilityZone: east-1a + cidrBlock: 192.168.128.0/18 + region: east-1 + tags: + Name: platform-ref-eks-network-subnet-east-1a-private-2 + kubernetes.io/role/internal-elb: "1" + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: Subnet +metadata: + name: reference-eks-network-public-0 +spec: + deletionPolicy: "" + forProvider: + availabilityZone: east-1a + cidrBlock: 192.168.0.0/18 + mapPublicIpOnLaunch: true + region: east-1 + tags: + Name: platform-ref-eks-network-subnet-east-1a-public-0 + kubernetes.io/role/elb: "1" + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: Subnet +metadata: + name: reference-eks-network-east-1b-private-3 +spec: + deletionPolicy: "" + forProvider: + availabilityZone: east-1b + cidrBlock: 192.168.192.0/18 + region: east-1 + tags: + Name: platform-ref-eks-network-subnet-east-1b-private-3 + kubernetes.io/role/internal-elb: "1" + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: Subnet +metadata: + name: reference-eks-network-east-1b-public-1 +spec: + deletionPolicy: "" + forProvider: + availabilityZone: east-1b + cidrBlock: 192.168.64.0/18 + mapPublicIpOnLaunch: true + region: east-1 + tags: + Name: platform-ref-eks-network-subnet-east-1b-public-1 + kubernetes.io/role/elb: "1" + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: Subnet +metadata: + name: dev-ekscluster-2 +spec: + deletionPolicy: "" + forProvider: + availabilityZone: west-2b + cidrBlock: 192.168.51.0/24 + mapPublicIpOnLaunch: false + region: west-2 + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: Subnet +metadata: + name: dev-ekscluster-3 +spec: + deletionPolicy: "" + forProvider: + availabilityZone: west-2b + cidrBlock: 192.168.49.0/24 + mapPublicIpOnLaunch: true + region: west-2 + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: Subnet +metadata: + name: dev-ekscluster-4 +spec: + deletionPolicy: "" + forProvider: + availabilityZone: west-2b + cidrBlock: 192.168.49.0/24 + mapPublicIpOnLaunch: true + region: west-2 + vpcIdSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml new file mode 100644 index 0000000..11aaac6 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml @@ -0,0 +1,48 @@ +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: VPC +metadata: + name: dev-ekscluster +spec: + deletionPolicy: "" + forProvider: + cidrBlock: 192.168.48.0/20 + enableDnsHostnames: true + enableDnsSupport: true + region: west-2 + providerConfigRef: + name: dev-aws +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: VPC +metadata: + name: reference-eks-network +spec: + deletionPolicy: "" + forProvider: + cidrBlock: 192.168.0.0/16 + enableDnsHostnames: true + enableDnsSupport: true + region: east-1 + tags: + Name: platform-ref-eks-network-vpc + providerConfigRef: + name: dev-aws +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: VPC +metadata: + name: vpc-west-2 +spec: + deletionPolicy: "" + forProvider: + enableDnsHostNames: true + enableDnsSupport: true + instanceTenancy: default + region: west-2 + vpcCidrBlock: 10.0.0.0/16 + providerConfigRef: + name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/cluster-eks-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/cluster-eks-aws-upbound-io.yaml new file mode 100644 index 0000000..1ce2073 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/cluster-eks-aws-upbound-io.yaml @@ -0,0 +1,40 @@ +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/cluster-eks-aws-upbound-io.yaml +apiVersion: eks.aws.upbound.io/v1beta1 +kind: Cluster +metadata: + name: dev-ekscluster + annotations: + crossplane.io/composition-resource-name: eks-cluster + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-aws-eks" + openmcp.cloud/blueprint-building-block-version: "0.0.12" + crossplane.io/claim-namespace: dev-us + crossplane.io/composite: dev-ekscluster + ownerReferences: + - apiVersion: api.example/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: EKSCluster + name: dev-ekscluster + uid: "" +spec: + deletionPolicy: "" + forProvider: + region: west-2 + roleArn: arn:aws:iam::XXXX:role/EKS-Cluster-Role + version: "1.29" + vpcConfig: + - endpointPrivateAccess: false + endpointPublicAccess: true + subnetIdSelector: + matchLabels: + type: subnet + visibility: private + providerConfigRef: + name: dev-aws + writeConnectionSecretToRef: + name: dev-connection-secret + namespace: crossplane-system + publishConnectionDetailsTo: + {} diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/node-group-eks-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/node-group-eks-aws-upbound-io.yaml new file mode 100644 index 0000000..3ae5b5f --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/node-group-eks-aws-upbound-io.yaml @@ -0,0 +1,41 @@ +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/node-group-eks-aws-upbound-io.yaml +apiVersion: eks.aws.upbound.io/v1beta1 +kind: NodeGroup +metadata: + name: dev-ekscluster + annotations: + crossplane.io/composition-resource-name: eks-nodegroup + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-aws-eks" + openmcp.cloud/blueprint-building-block-version: "0.0.12" + crossplane.io/claim-namespace: dev-us + crossplane.io/composite: dev-ekscluster + ownerReferences: + - apiVersion: api.example/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: EKSCluster + name: dev-ekscluster + uid: "" +spec: + deletionPolicy: "" + forProvider: + amiType: x86 + clusterNameSelector: + matchControllerRef: true + instanceTypes: + - t3.medium + nodeRoleArn: arn:aws:iam::XXXX:role/EKS-WorkerNode-Role + region: west-2 + scalingConfig: + - desiredSize: 2 + maxSize: 2 + minSize: 1 + subnetIdSelector: + matchControllerRef: true + matchLabels: + type: subnet + visibility: private + providerConfigRef: + name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-iam-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-iam-aws-upbound-io.yaml new file mode 100644 index 0000000..2806fb0 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-iam-aws-upbound-io.yaml @@ -0,0 +1,38 @@ +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-iam-aws-upbound-io.yaml +apiVersion: iam.aws.upbound.io/v1beta1 +kind: Role +metadata: + name: dev-ekscluster + annotations: + crossplane.io/composition-resource-name: role + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-aws-iam" + openmcp.cloud/blueprint-building-block-version: "0.0.13" + crossplane.io/claim-namespace: dev-us + crossplane.io/composite: dev-ekscluster + ownerReferences: + - apiVersion: api.example/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: EKSCluster + name: dev-ekscluster + uid: "" +spec: + deletionPolicy: "" + forProvider: + assumeRolePolicy: | + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "Service": "eks.amazonaws.com" + }, + "Action": "sts:AssumeRole" + } + ] + } + providerConfigRef: + name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-policy-attachment-iam-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-policy-attachment-iam-aws-upbound-io.yaml new file mode 100644 index 0000000..f414976 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-policy-attachment-iam-aws-upbound-io.yaml @@ -0,0 +1,28 @@ +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-policy-attachment-iam-aws-upbound-io.yaml +apiVersion: iam.aws.upbound.io/v1beta1 +kind: RolePolicyAttachment +metadata: + name: dev-ekscluster + annotations: + crossplane.io/composition-resource-name: rolePolicyAttachment + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-aws-iam" + openmcp.cloud/blueprint-building-block-version: "0.0.13" + crossplane.io/claim-namespace: dev-us + crossplane.io/composite: dev-ekscluster + ownerReferences: + - apiVersion: api.example/v1alpha1 + blockOwnerDeletion: true + controller: true + kind: EKSCluster + name: dev-ekscluster + uid: "" +spec: + deletionPolicy: "" + forProvider: + policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy + roleSelector: + matchControllerRef: true + providerConfigRef: + name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-rdr/templates/instance-rdr-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-rdr/templates/instance-rdr-aws-upbound-io.yaml new file mode 100644 index 0000000..15753b6 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-rdr/templates/instance-rdr-aws-upbound-io.yaml @@ -0,0 +1,34 @@ +--- +# Source: provider-aws.zzzz/charts/crossplane-provider-aws-rdr/templates/instance-rdr-aws-upbound-io.yaml +apiVersion: rds.aws.upbound.io/v1beta2 +kind: Instance +metadata: + name: rds-instance +spec: + deletionPolicy: "" + forProvider: + allocatedStorage: 20 + autoGeneratePassword: true + autoMinorVersionUpgrade: true + backupRetentionPeriod: 14 + backupWindow: 09:46-10:16 + dbName: clopsdevusdb + engine: postgres + engineVersion: "16.1" + instanceClass: db.t3.micro + maintenanceWindow: Mon:00:00-Mon:03:00 + passwordSecretRef: + key: password + name: dev-rds-root + namespace: dev-us + publiclyAccessible: false + region: east-1 + skipFinalSnapshot: true + storageEncrypted: true + storageType: gp2 + username: adminuser + providerConfigRef: + name: dev-aws + writeConnectionSecretToRef: + name: dev-rds-connection-details + namespace: dev-us diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/external-secret.yaml new file mode 100644 index 0000000..a055e58 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/external-secret.yaml @@ -0,0 +1,26 @@ +--- +# Source: provider-aws.zzzz/charts/external-secrets-config/templates/external-secret.yaml +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: "btp-account-test" + namespace: "default" + labels: + openmcp.cloud/blueprint-building-block: "external-secrets-config" + openmcp.cloud/blueprint-building-block-version: "0.1.10" +spec: + refreshInterval: "15m" + secretStoreRef: + name: "hashicorp-vault" + kind: "SecretStore" + target: + name: "btp-account-test" + data: + - remoteRef: + key: "" + property: btp-cis-provider-credentials + secretKey: btp-cis-provider-credentials + - remoteRef: + key: "" + property: btp-service-account-provider-credentials + secretKey: btp-service-account-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/secret-store.yaml new file mode 100644 index 0000000..05d51eb --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/secret-store.yaml @@ -0,0 +1,24 @@ +--- +# Source: provider-aws.zzzz/charts/external-secrets-config/templates/secret-store.yaml +apiVersion: external-secrets.io/v1beta1 +kind: SecretStore +metadata: + name: "hashicorp-vault" + namespace: "default" + labels: + openmcp.cloud/blueprint-building-block: "external-secrets-config" + openmcp.cloud/blueprint-building-block-version: "0.1.10" +spec: + provider: + vault: + auth: + appRole: + path: approle + roleId: "" + secretRef: + key: token + name: hashicorp-vault-token + namespace: ns1 + path: k8s-clusters + server: https://vault.example/ + version: v2 diff --git a/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml similarity index 72% rename from manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml rename to manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml index 05c21c9..2156990 100644 --- a/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +++ b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml @@ -1,15 +1,15 @@ --- -# Source: btp-cf-env-runtime/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +# Source: provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml apiVersion: btp.sap.crossplane.io/v1alpha1 kind: ProviderConfig metadata: - name: "btp-account-provider-config" + name: "provider-config-ref-name-btp-account-mcp-blueprints" labels: openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" openmcp.cloud/blueprint-building-block-version: "0.0.18" spec: cliServerUrl: "https://cli.btp.cloud.sap" - globalAccount: "exmpl" + globalAccount: "globalaccountsubdomain" cisCredentials: secretRef: key: btp-cis-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml new file mode 100644 index 0000000..85230a8 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml @@ -0,0 +1,18 @@ +--- +# Source: provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +apiVersion: account.btp.sap.crossplane.io/v1alpha1 +kind: Subaccount +metadata: + name: subaccount1 + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" + openmcp.cloud/blueprint-building-block-version: "0.0.9" +spec: + forProvider: + description: Sub Account managed by OpenMCP & IaD + displayName: CO Managed Control Plane Blueprint Sub-Account + region: eu01 + subaccountAdminEmails: [] + subdomain: mcp-blueprint-test-1 + providerConfigRef: + name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml new file mode 100644 index 0000000..4e2f274 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml @@ -0,0 +1,18 @@ +--- +# Source: provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +apiVersion: account.btp.sap.crossplane.io/v1alpha1 +kind: Entitlement +metadata: + name: auditlog-oauth2 + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" + openmcp.cloud/blueprint-building-block-version: "0.0.9" +spec: + forProvider: + serviceName: auditlog-management + servicePlanName: default + amount: 1 + subaccountRef: + name: subaccount1 + providerConfigRef: + name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml similarity index 84% rename from manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/external-secrets-config/templates/external-secret.yaml rename to manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml index c592d40..edf3f2a 100644 --- a/manifests/dev.helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/btp-cf-env-runtime/charts/external-secrets-config/templates/external-secret.yaml +++ b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml @@ -1,5 +1,5 @@ --- -# Source: btp-cf-env-runtime/charts/external-secrets-config/templates/external-secret.yaml +# Source: provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: @@ -14,7 +14,7 @@ spec: name: "hashicorp-vault" kind: "SecretStore" target: - name: "btp-account-credentials" + name: "btp-account-mcp-blueprints" data: - remoteRef: key: btp-endpoint.example/btp-account diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml new file mode 100644 index 0000000..5f099a9 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml @@ -0,0 +1,25 @@ +--- +# Source: provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml +apiVersion: external-secrets.io/v1beta1 +kind: SecretStore +metadata: + name: "hashicorp-vault" + namespace: "default" + labels: + openmcp.cloud/blueprint-building-block: "external-secrets-config" + openmcp.cloud/blueprint-building-block-version: "0.1.10" +spec: + provider: + vault: + auth: + kubernetes: + mountPath: kubernetes + role: mcp-blueprints + secretRef: + key: token + name: vault-token-sa + namespace: default + namespace: ns1 + path: k8s-clusters + server: https://vault.example/ + version: v2 diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-gardener-shoot-kubeconfigs/templates/mcp-manifests/admin-kubeconfig-request.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-gardener-shoot-kubeconfigs/templates/mcp-manifests/admin-kubeconfig-request.yaml new file mode 100644 index 0000000..e9816bb --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-gardener-shoot-kubeconfigs/templates/mcp-manifests/admin-kubeconfig-request.yaml @@ -0,0 +1,21 @@ +--- +# Source: provider-gardener-existing/charts/crossplane-gardener-shoot-kubeconfigs/templates/mcp-manifests/admin-kubeconfig-request.yaml +apiVersion: gardener.orchestrate.cloud.sap/v1alpha1 +kind: AdminKubeconfigRequest +metadata: + name: "iad-test" + labels: + openmcp.cloud/blueprint-building-block: "crossplane-gardener-shoot-kubeconfigs" + openmcp.cloud/blueprint-building-block-version: "0.0.10" +spec: + forProvider: + validFor: 1h0s + renewAfter: 45m0s + shootRef: + name: "iad-test" + namespace: "garden-co-golden" + providerConfigRef: + name: "garden-sa-co-mcp-blueprints" + writeConnectionSecretToRef: + name: gardener-shoot-kubeconfig-iad-test + namespace: default diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml new file mode 100644 index 0000000..547e820 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml @@ -0,0 +1,16 @@ +--- +# Source: provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml +apiVersion: gardener.orchestrate.cloud.sap/v1alpha1 +kind: ProviderConfig +metadata: + name: "garden-sa-co-mcp-blueprints" + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" + openmcp.cloud/blueprint-building-block-version: "0.0.18" +spec: + credentials: + secretRef: + key: kubeconfig + name: garden-co-golden + namespace: default + source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml new file mode 100644 index 0000000..7b40cb1 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml @@ -0,0 +1,16 @@ +--- +# Source: provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml +apiVersion: helm.crossplane.io/v1beta1 +kind: ProviderConfig +metadata: + name: "gardener-shoot-iad-test" + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" + openmcp.cloud/blueprint-building-block-version: "0.0.18" +spec: + credentials: + secretRef: + key: kubeconfig + name: gardener-shoot-kubeconfig-iad-test + namespace: default + source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml new file mode 100644 index 0000000..df70493 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml @@ -0,0 +1,16 @@ +--- +# Source: provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml +apiVersion: kubernetes.crossplane.io/v1alpha1 +kind: ProviderConfig +metadata: + name: "garden-sa-co-mcp-blueprints" + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" + openmcp.cloud/blueprint-building-block-version: "0.0.18" +spec: + credentials: + secretRef: + key: kubeconfig + name: garden-co-golden + namespace: default + source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-helm/templates/helm-release.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-helm/templates/helm-release.yaml new file mode 100644 index 0000000..da659aa --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-helm/templates/helm-release.yaml @@ -0,0 +1,42 @@ +--- +# Source: provider-gardener-existing/charts/crossplane-provider-helm/templates/helm-release.yaml +apiVersion: helm.crossplane.io/v1beta1 +kind: Release +metadata: + name: gardener-shoot-iad-test-ingress-nginx + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-helm" + openmcp.cloud/blueprint-building-block-version: "0.0.11" +spec: + providerConfigRef: + name: gardener-shoot-iad-test + # rollbackLimit: 3 + forProvider: + chart: + name: ingress-nginx + repository: https://kubernetes.github.io/ingress-nginx + version: 4.10.0 + namespace: default + # insecureSkipTLSVerify: true/false + # skipCreateNamespace: true/false + # wait: true/false + # skipCRDs: true/false + values: + controller: + config: + enable-underscores-in-headers: "true" + extraArgs: + default-ssl-certificate: default/www-tls + ingressClassResource: + default: true + service: + annotations: + cert.gardener.cloud/secretname: www-tls + dns.gardener.cloud/class: garden + dns.gardener.cloud/dnsnames: "" + dns.gardener.cloud/ttl: "600" + appProtocol: false + watchIngressWithoutClass: true + defaultBackend: + enabled: true + fullnameOverride: ingress-nginx diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/external-secret.yaml new file mode 100644 index 0000000..6d3c650 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/external-secret.yaml @@ -0,0 +1,22 @@ +--- +# Source: provider-gardener-existing/charts/external-secrets-config/templates/external-secret.yaml +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: "garden-co-golden" + namespace: "default" + labels: + openmcp.cloud/blueprint-building-block: "external-secrets-config" + openmcp.cloud/blueprint-building-block-version: "0.1.10" +spec: + refreshInterval: "15m" + secretStoreRef: + name: "hashicorp-vault" + kind: "SecretStore" + target: + name: "garden-co-golden" + data: + - remoteRef: + key: btp-endpoint.example/btp-account + property: kubeconfig + secretKey: kubeconfig diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/secret-store.yaml new file mode 100644 index 0000000..59b327f --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/secret-store.yaml @@ -0,0 +1,25 @@ +--- +# Source: provider-gardener-existing/charts/external-secrets-config/templates/secret-store.yaml +apiVersion: external-secrets.io/v1beta1 +kind: SecretStore +metadata: + name: "hashicorp-vault" + namespace: "default" + labels: + openmcp.cloud/blueprint-building-block: "external-secrets-config" + openmcp.cloud/blueprint-building-block-version: "0.1.10" +spec: + provider: + vault: + auth: + kubernetes: + mountPath: kubernetes + role: openmcp-kubernetes + secretRef: + key: token + name: vault-token-sa + namespace: default + namespace: ns1 + path: mcps + server: https://vault.example/ + version: v2 diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/garden-manifests/gardener-shoot-cluster-gcp.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/garden-manifests/gardener-shoot-cluster-gcp.yaml new file mode 100644 index 0000000..cadd9e1 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/garden-manifests/gardener-shoot-cluster-gcp.yaml @@ -0,0 +1,97 @@ +--- +# Source: provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/garden-manifests/gardener-shoot-cluster-gcp.yaml +apiVersion: kubernetes.crossplane.io/v1alpha1 +kind: Object +metadata: + name: "iad-test" + labels: + openmcp.cloud/blueprint-building-block: "crossplane-gardener-shoot-clusters" + openmcp.cloud/blueprint-building-block-version: "0.0.11" +spec: + providerConfigRef: + name: "garden-co-golden" # Set to Kubernetes ProviderConfig + forProvider: + manifest: + # gardener shoot api: https://github.com/gardener/gardener/blob/master/docs/api-reference/core.md + apiVersion: core.gardener.cloud/v1beta1 + kind: Shoot + metadata: + annotations: + confirmation.gardener.cloud/deletion: "true" # otherwise it can't be destroyed using IAD + name: iad-test + namespace: garden-co-golden + + spec: + secretBindingName: gcp-sa-garden-co-golden # Set your SecretBinding name + cloudProfileName: gcp + region: "europe-west1" + purpose: "testing" + #### START hyperscaler specific stuff START #### + provider: + type: gcp + infrastructureConfig: + apiVersion: gcp.provider.extensions.gardener.cloud/v1alpha1 + kind: InfrastructureConfig + networks: + workers: 10.180.0.0/16 + controlPlaneConfig: + apiVersion: gcp.provider.extensions.gardener.cloud/v1alpha1 + kind: ControlPlaneConfig + zone: europe-west1-b + workers: + - machine: + image: + name: gardenlinux + version: 1312.3.0 + type: n2-standard-8 + maxSurge: 1 + maxUnavailable: 0 + maximum: 3 + minimum: 1 + name: worker + volume: + encrypted: true + size: 50Gi + type: pd-standard + zones: + - europe-west1-b + #### END hyperscaler specific stuff END #### + kubernetes: + version: "1.30.2" + kubeAPIServer: + enableAnonymousAuthentication: false + scheduling.k8s.io/v1alpha1: true + kubeControllerManager: + nodeCIDRMaskSize: 24 + clusterAutoscaler: + scaleDownDelayAfterAdd: 1h0m0s + scaleDownDelayAfterDelete: 10s + scaleDownDelayAfterFailure: 10m0s + scaleDownUnneededTime: 30m0s + scaleDownUtilizationThreshold: 0.5 + scanInterval: 10s + extensions: + [] + networking: + nodes: 10.180.0.0/16 + type: calico + maintenance: + autoUpdate: + kubernetesVersion: false + machineImageVersion: true + confineSpecUpdateRollout: true + timeWindow: + begin: 120000+0000 + end: 130000+0000 + hibernation: + schedules: + - end: 00 08 * * 1,2,3,4,5 + location: Europe/Berlin + start: 00 21 * * 1,2,3,4,5 + addons: + kubernetesDashboard: + enabled: false + nginxIngress: + enabled: false + resources: + [] diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/mcp-manifests/admin-kubeconfig-request.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/mcp-manifests/admin-kubeconfig-request.yaml new file mode 100644 index 0000000..0f92787 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/mcp-manifests/admin-kubeconfig-request.yaml @@ -0,0 +1,18 @@ +--- +# Source: provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/mcp-manifests/admin-kubeconfig-request.yaml +apiVersion: gardener.orchestrate.cloud.sap/v1alpha1 +kind: AdminKubeconfigRequest +metadata: + name: "iad-test" +spec: + forProvider: + validFor: 1h0s + renewAfter: 45m0s + shootRef: + name: "iad-test" + namespace: "garden-co-golden" + providerConfigRef: + name: "garden-co-golden" + writeConnectionSecretToRef: + name: gardener-shoot-kubeconfig-iad-test + namespace: default diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml new file mode 100644 index 0000000..b413679 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml @@ -0,0 +1,16 @@ +--- +# Source: provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml +apiVersion: gardener.orchestrate.cloud.sap/v1alpha1 +kind: ProviderConfig +metadata: + name: "garden-co-golden" + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" + openmcp.cloud/blueprint-building-block-version: "0.0.18" +spec: + credentials: + secretRef: + key: kubeconfig + name: garden-co-golden + namespace: default + source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml new file mode 100644 index 0000000..1e97c32 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml @@ -0,0 +1,16 @@ +--- +# Source: provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml +apiVersion: helm.crossplane.io/v1beta1 +kind: ProviderConfig +metadata: + name: "gardener-shoot-iad-test" + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" + openmcp.cloud/blueprint-building-block-version: "0.0.18" +spec: + credentials: + secretRef: + key: kubeconfig + name: gardener-shoot-kubeconfig-iad-test + namespace: default + source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml new file mode 100644 index 0000000..8dfe274 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml @@ -0,0 +1,16 @@ +--- +# Source: provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml +apiVersion: kubernetes.crossplane.io/v1alpha1 +kind: ProviderConfig +metadata: + name: "garden-co-golden" + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" + openmcp.cloud/blueprint-building-block-version: "0.0.18" +spec: + credentials: + secretRef: + key: kubeconfig + name: garden-co-golden + namespace: default + source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-helm/templates/helm-release.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-helm/templates/helm-release.yaml new file mode 100644 index 0000000..b3b8a9a --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-helm/templates/helm-release.yaml @@ -0,0 +1,42 @@ +--- +# Source: provider-gardener/charts/crossplane-provider-helm/templates/helm-release.yaml +apiVersion: helm.crossplane.io/v1beta1 +kind: Release +metadata: + name: gardener-shoot-iad-test-ingress-nginx + labels: + openmcp.cloud/blueprint-building-block: "crossplane-provider-helm" + openmcp.cloud/blueprint-building-block-version: "0.0.11" +spec: + providerConfigRef: + name: gardener-shoot-iad-test + # rollbackLimit: 3 + forProvider: + chart: + name: ingress-nginx + repository: https://kubernetes.github.io/ingress-nginx + version: 4.10.0 + namespace: default + # insecureSkipTLSVerify: true/false + # skipCreateNamespace: true/false + # wait: true/false + # skipCRDs: true/false + values: + controller: + config: + enable-underscores-in-headers: "true" + extraArgs: + default-ssl-certificate: default/www-tls + ingressClassResource: + default: true + service: + annotations: + cert.gardener.cloud/secretname: www-tls + dns.gardener.cloud/class: garden + dns.gardener.cloud/dnsnames: "" + dns.gardener.cloud/ttl: "600" + appProtocol: false + watchIngressWithoutClass: true + defaultBackend: + enabled: true + fullnameOverride: ingress-nginx diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/external-secret.yaml new file mode 100644 index 0000000..dc5bf76 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/external-secret.yaml @@ -0,0 +1,22 @@ +--- +# Source: provider-gardener/charts/external-secrets-config/templates/external-secret.yaml +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: "garden-co-golden" + namespace: "default" + labels: + openmcp.cloud/blueprint-building-block: "external-secrets-config" + openmcp.cloud/blueprint-building-block-version: "0.1.10" +spec: + refreshInterval: "15m" + secretStoreRef: + name: "hashicorp-vault" + kind: "SecretStore" + target: + name: "garden-co-golden" + data: + - remoteRef: + key: btp-endpoint.example/btp-account + property: kubeconfig + secretKey: kubeconfig diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/secret-store.yaml new file mode 100644 index 0000000..6fb4349 --- /dev/null +++ b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/secret-store.yaml @@ -0,0 +1,25 @@ +--- +# Source: provider-gardener/charts/external-secrets-config/templates/secret-store.yaml +apiVersion: external-secrets.io/v1beta1 +kind: SecretStore +metadata: + name: "hashicorp-vault" + namespace: "default" + labels: + openmcp.cloud/blueprint-building-block: "external-secrets-config" + openmcp.cloud/blueprint-building-block-version: "0.1.10" +spec: + provider: + vault: + auth: + kubernetes: + mountPath: kubernetes + role: openmcp-kubernetes + secretRef: + key: token + name: vault-token-sa + namespace: default + namespace: ns1 + path: mcps + server: https://vault.example/ + version: v2 From 403df27face0609e5c703bc5f4d0be413d72154c Mon Sep 17 00:00:00 2001 From: Wiktor Chomik Date: Fri, 30 May 2025 11:56:45 +0200 Subject: [PATCH 08/12] Revert "chore(ci): update Helm Chart helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/README.md file" This reverts commit a4c21b242be5c7c71732d1df9d5ec77d4a4a00e9. --- .../README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/README.md b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/README.md index 9faf372..08a0000 100644 --- a/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/README.md +++ b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/README.md @@ -2,7 +2,7 @@ # btp-cf-env-runtime -![Version: 0.0.26](https://img.shields.io/badge/Version-0.0.26-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) +![Version: 0.0.25](https://img.shields.io/badge/Version-0.0.25-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) A Umbrealla Helm chart which demonstrate orchestration of SAP BTP Cloud Foundry Environment. From ef3caf808f7725bba6f011c8f5ad75fd223acd6a Mon Sep 17 00:00:00 2001 From: Wiktor Chomik Date: Fri, 30 May 2025 11:56:47 +0200 Subject: [PATCH 09/12] Revert "chore(ci): update helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/Chart.yaml.version 0.0.25 -> 0.0.26" This reverts commit 72020b1ba6ea262d9dd858afac8b6707b004a5d3. --- .../Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/Chart.yaml b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/Chart.yaml index fca0a7f..2968923 100644 --- a/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/Chart.yaml +++ b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/Chart.yaml @@ -17,7 +17,7 @@ icon: "https://avatars.githubusercontent.com/u/2531208?s=200&v=4" # This is the chart version. This version number should be incremented each time # you make changes to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.26 +version: 0.0.25 # This is the version number of the application being deployed. This version # number should be incremented each time you make changes to the application. # Versions are not expected to follow Semantic Versioning. They should reflect From c89e27d9311355b1a89344c620b829e9e8c3bbb4 Mon Sep 17 00:00:00 2001 From: wchomik Date: Fri, 30 May 2025 09:57:26 +0000 Subject: [PATCH 10/12] chore(ci): update helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/Chart.yaml.version 0.0.25 -> 0.0.26 --- .../Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/Chart.yaml b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/Chart.yaml index 2968923..fca0a7f 100644 --- a/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/Chart.yaml +++ b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/Chart.yaml @@ -17,7 +17,7 @@ icon: "https://avatars.githubusercontent.com/u/2531208?s=200&v=4" # This is the chart version. This version number should be incremented each time # you make changes to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.25 +version: 0.0.26 # This is the version number of the application being deployed. This version # number should be incremented each time you make changes to the application. # Versions are not expected to follow Semantic Versioning. They should reflect From 5c110ef4e2d8e87cd0c5335ca24c184aee51b8c1 Mon Sep 17 00:00:00 2001 From: wchomik Date: Fri, 30 May 2025 09:57:27 +0000 Subject: [PATCH 11/12] chore(ci): update Helm Chart helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/README.md file --- .../README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/README.md b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/README.md index 08a0000..9faf372 100644 --- a/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/README.md +++ b/helm/umbrella/blueprints/btp-cf-env-runtime.abc.shoot.live.k8s-hana.ondemand.com/README.md @@ -2,7 +2,7 @@ # btp-cf-env-runtime -![Version: 0.0.25](https://img.shields.io/badge/Version-0.0.25-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) +![Version: 0.0.26](https://img.shields.io/badge/Version-0.0.26-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square) A Umbrealla Helm chart which demonstrate orchestration of SAP BTP Cloud Foundry Environment. From 71b66efadd2942fdb7a83d936dc67aa4391b933c Mon Sep 17 00:00:00 2001 From: wchomik Date: Fri, 30 May 2025 09:57:28 +0000 Subject: [PATCH 12/12] chore(ci): k8s manifest templated for Helm Charts --- .../btp.sap.crossplane.io.yaml | 24 - .../templates/external-secret.yaml | 26 - .../templates/secret-store.yaml | 25 - .../btp.sap.crossplane.io.yaml | 24 - .../templates/external-secret.yaml | 26 - .../templates/secret-store.yaml | 25 - .../btp.sap.crossplane.io.yaml | 24 - .../custom-chart/templates/deployment.yaml | 50 -- .../custom-chart/templates/service.yaml | 22 - .../templates/tests/test-connection.yaml | 21 - .../templates/external-secret.yaml | 26 - .../templates/secret-store.yaml | 25 - .../templates/ValidatingAdmissionPolicy.yaml | 32 - .../ValidatingAdmissionPolicyBinding.yaml | 16 - .../btp.sap.crossplane.io.yaml | 24 - .../mcp/btp-accounts/sub-accounts.yaml | 36 - .../btp-subscriptions/cloud-management.yaml | 20 - .../mcp/btp-subscriptions/entitlements.yaml | 36 - .../mcp/btp-subscriptions/servicemanager.yaml | 20 - .../mcp/btp-subscriptions/subscription.yaml | 20 - .../btp.sap.crossplane.io.yaml | 24 - .../templates/pkg-crossplane-provider.yaml | 70 -- .../mcp/btp-accounts/sub-accounts.yaml | 18 - .../mcp/btp-subscriptions/entitlements.yaml | 18 - ...mpostions-apiextensions-crossplane-io.yaml | 822 ------------------ .../templates/eip-ec2-aws-upbound-io.yaml | 26 - .../internet-gateway-ec2-aws-upbound-io.yaml | 30 - ...-rable-association-ec2-aws-upbound-io.yaml | 16 - .../nat-gateway-ec2-aws-upbound-io.yaml | 40 - .../templates/route-ec2-aws-upbound-io.yaml | 17 - ...-table-association-ec2-aws-upbound-io.yaml | 76 -- .../route-table-ec2-aws-upbound-io.yaml | 30 - .../security-group-ec2-aws-upbound-io.yaml | 18 - ...ecurity-group-rule-ec2-aws-upbound-io.yaml | 42 - .../templates/subnet-ec2-aws-upbound-io.yaml | 146 ---- .../templates/vpc-ec2-aws-upbound-io.yaml | 48 - .../templates/cluster-eks-aws-upbound-io.yaml | 40 - .../node-group-eks-aws-upbound-io.yaml | 41 - .../templates/role-iam-aws-upbound-io.yaml | 38 - ...-policy-attachment-iam-aws-upbound-io.yaml | 28 - .../instance-rdr-aws-upbound-io.yaml | 34 - .../templates/external-secret.yaml | 26 - .../templates/secret-store.yaml | 24 - .../btp.sap.crossplane.io.yaml | 24 - .../mcp/btp-accounts/sub-accounts.yaml | 18 - .../mcp/btp-subscriptions/entitlements.yaml | 18 - .../templates/external-secret.yaml | 26 - .../templates/secret-store.yaml | 25 - .../admin-kubeconfig-request.yaml | 21 - .../gardener-orchestrate-cloud-sap.yaml | 16 - .../providerConfigs/helm-crossplane-io.yaml | 16 - .../kubernetes-crossplane-io.yaml | 16 - .../templates/helm-release.yaml | 42 - .../templates/external-secret.yaml | 22 - .../templates/secret-store.yaml | 25 - .../gardener-shoot-cluster-gcp.yaml | 97 --- .../admin-kubeconfig-request.yaml | 18 - .../gardener-orchestrate-cloud-sap.yaml | 16 - .../providerConfigs/helm-crossplane-io.yaml | 16 - .../kubernetes-crossplane-io.yaml | 16 - .../templates/helm-release.yaml | 42 - .../templates/external-secret.yaml | 22 - .../templates/secret-store.yaml | 25 - 63 files changed, 2715 deletions(-) delete mode 100644 manifests/helm/umbrella/blueprints/example-base.abc.shoot.live.k8s-hana.ondemand.com/example-base/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/example-base.abc.shoot.live.k8s-hana.ondemand.com/example-base/charts/external-secrets-config/templates/external-secret.yaml delete mode 100644 manifests/helm/umbrella/blueprints/example-base.abc.shoot.live.k8s-hana.ondemand.com/example-base/charts/external-secrets-config/templates/secret-store.yaml delete mode 100644 manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/external-secret.yaml delete mode 100644 manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/secret-store.yaml delete mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/deployment.yaml delete mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/service.yaml delete mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/tests/test-connection.yaml delete mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/external-secret.yaml delete mode 100644 manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/secret-store.yaml delete mode 100644 manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicy.yaml delete mode 100644 manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicyBinding.yaml delete mode 100644 manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml delete mode 100644 manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml delete mode 100644 manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml delete mode 100644 manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml delete mode 100644 manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/subscription.yaml delete mode 100644 manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml delete mode 100644 manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml delete mode 100644 manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/main-route-rable-association-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/cluster-eks-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/node-group-eks-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-iam-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-policy-attachment-iam-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-rdr/templates/instance-rdr-aws-upbound-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/external-secret.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/secret-store.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-gardener-shoot-kubeconfigs/templates/mcp-manifests/admin-kubeconfig-request.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-helm/templates/helm-release.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/external-secret.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/secret-store.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/garden-manifests/gardener-shoot-cluster-gcp.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/mcp-manifests/admin-kubeconfig-request.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-helm/templates/helm-release.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/external-secret.yaml delete mode 100644 manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/secret-store.yaml diff --git a/manifests/helm/umbrella/blueprints/example-base.abc.shoot.live.k8s-hana.ondemand.com/example-base/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/helm/umbrella/blueprints/example-base.abc.shoot.live.k8s-hana.ondemand.com/example-base/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml deleted file mode 100644 index 1edebe6..0000000 --- a/manifests/helm/umbrella/blueprints/example-base.abc.shoot.live.k8s-hana.ondemand.com/example-base/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -# Source: example-base/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml -apiVersion: btp.sap.crossplane.io/v1alpha1 -kind: ProviderConfig -metadata: - name: "provider-config-ref-name-btp-account-mcp-blueprints" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - cliServerUrl: "https://cli.btp.cloud.sap" - globalAccount: "globalaccountsubdomain" - cisCredentials: - secretRef: - key: btp-cis-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret - serviceAccountSecret: - secretRef: - key: btp-service-account-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/example-base.abc.shoot.live.k8s-hana.ondemand.com/example-base/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/example-base.abc.shoot.live.k8s-hana.ondemand.com/example-base/charts/external-secrets-config/templates/external-secret.yaml deleted file mode 100644 index 2bf3716..0000000 --- a/manifests/helm/umbrella/blueprints/example-base.abc.shoot.live.k8s-hana.ondemand.com/example-base/charts/external-secrets-config/templates/external-secret.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# Source: example-base/charts/external-secrets-config/templates/external-secret.yaml -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: "btp-account-mcp-blueprints" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - refreshInterval: "30m" - secretStoreRef: - name: "hashicorp-vault" - kind: "SecretStore" - target: - name: "btp-account-mcp-blueprints" - data: - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-cis-provider-credentials - secretKey: btp-cis-provider-credentials - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-service-account-provider-credentials - secretKey: btp-service-account-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/example-base.abc.shoot.live.k8s-hana.ondemand.com/example-base/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/example-base.abc.shoot.live.k8s-hana.ondemand.com/example-base/charts/external-secrets-config/templates/secret-store.yaml deleted file mode 100644 index 9c8c887..0000000 --- a/manifests/helm/umbrella/blueprints/example-base.abc.shoot.live.k8s-hana.ondemand.com/example-base/charts/external-secrets-config/templates/secret-store.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -# Source: example-base/charts/external-secrets-config/templates/secret-store.yaml -apiVersion: external-secrets.io/v1beta1 -kind: SecretStore -metadata: - name: "hashicorp-vault" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - provider: - vault: - auth: - kubernetes: - mountPath: kubernetes - role: mcp-blueprints - secretRef: - key: token - name: vault-tokenreview-service-account - namespace: default - namespace: ns1 - path: k8s-clusters - server: https://vault.example/ - version: v2 diff --git a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml deleted file mode 100644 index f137ac3..0000000 --- a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -# Source: landscape-provider-cfgs-credentials/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml -apiVersion: btp.sap.crossplane.io/v1alpha1 -kind: ProviderConfig -metadata: - name: "provider-config-ref-name-btp-account-mcp-blueprints" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - cliServerUrl: "https://cli.btp.cloud.sap" - globalAccount: "globalaccountsubdomain" - cisCredentials: - secretRef: - key: btp-cis-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret - serviceAccountSecret: - secretRef: - key: btp-service-account-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/external-secret.yaml deleted file mode 100644 index 190fd33..0000000 --- a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/external-secret.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# Source: landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/external-secret.yaml -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: "btp-account-mcp-blueprints" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - refreshInterval: "15m" - secretStoreRef: - name: "hashicorp-vault" - kind: "SecretStore" - target: - name: "btp-account-mcp-blueprints" - data: - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-cis-provider-credentials - secretKey: btp-cis-provider-credentials - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-service-account-provider-credentials - secretKey: btp-service-account-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/secret-store.yaml deleted file mode 100644 index ec55947..0000000 --- a/manifests/helm/umbrella/blueprints/example-nested.zzz.shoot.live.k8s-hana.ondemand.com/landscape-provider-cfgs-credentials/landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/secret-store.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -# Source: landscape-provider-cfgs-credentials/charts/external-secrets-config/templates/secret-store.yaml -apiVersion: external-secrets.io/v1beta1 -kind: SecretStore -metadata: - name: "hashicorp-vault" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - provider: - vault: - auth: - kubernetes: - mountPath: kubernetes - role: mcp-blueprints - secretRef: - key: token - name: vault-token-sa - namespace: default - namespace: ns1 - path: k8s-clusters - server: https://vault.example/ - version: v2 diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml deleted file mode 100644 index 334306c..0000000 --- a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -# Source: include-custom-helm-charts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml -apiVersion: btp.sap.crossplane.io/v1alpha1 -kind: ProviderConfig -metadata: - name: "provider-config-ref-name-btp-account-mcp-blueprints" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - cliServerUrl: "https://cli.btp.cloud.sap" - globalAccount: "globalaccountsubdomain" - cisCredentials: - secretRef: - key: btp-cis-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret - serviceAccountSecret: - secretRef: - key: btp-service-account-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/deployment.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/deployment.yaml deleted file mode 100644 index c321e27..0000000 --- a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/deployment.yaml +++ /dev/null @@ -1,50 +0,0 @@ ---- -# Source: include-custom-helm-charts/charts/custom-chart/templates/deployment.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: helm-release-name-custom-chart - labels: - helm.sh/chart: custom-chart-0.0.2 - app.kubernetes.io/name: custom-chart - app.kubernetes.io/instance: helm-release-name - app.kubernetes.io/version: "1.16.0" - app.kubernetes.io/managed-by: Helm -spec: - replicas: 2 - selector: - matchLabels: - app.kubernetes.io/name: custom-chart - app.kubernetes.io/instance: helm-release-name - template: - metadata: - labels: - helm.sh/chart: custom-chart-0.0.2 - app.kubernetes.io/name: custom-chart - app.kubernetes.io/instance: helm-release-name - app.kubernetes.io/version: "1.16.0" - app.kubernetes.io/managed-by: Helm - spec: - serviceAccountName: default - securityContext: - {} - containers: - - name: custom-chart - securityContext: - {} - image: "nginx:1.16.0" - imagePullPolicy: Always - ports: - - name: http - containerPort: 80 - protocol: TCP - livenessProbe: - httpGet: - path: / - port: http - readinessProbe: - httpGet: - path: / - port: http - resources: - {} diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/service.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/service.yaml deleted file mode 100644 index 480ffc9..0000000 --- a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/service.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -# Source: include-custom-helm-charts/charts/custom-chart/templates/service.yaml -apiVersion: v1 -kind: Service -metadata: - name: helm-release-name-custom-chart - labels: - helm.sh/chart: custom-chart-0.0.2 - app.kubernetes.io/name: custom-chart - app.kubernetes.io/instance: helm-release-name - app.kubernetes.io/version: "1.16.0" - app.kubernetes.io/managed-by: Helm -spec: - type: ClusterIP - ports: - - port: 80 - targetPort: http - protocol: TCP - name: http - selector: - app.kubernetes.io/name: custom-chart - app.kubernetes.io/instance: helm-release-name diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/tests/test-connection.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/tests/test-connection.yaml deleted file mode 100644 index c93abe6..0000000 --- a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/custom-chart/templates/tests/test-connection.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -# Source: include-custom-helm-charts/charts/custom-chart/templates/tests/test-connection.yaml -apiVersion: v1 -kind: Pod -metadata: - name: "helm-release-name-custom-chart-test-connection" - labels: - helm.sh/chart: custom-chart-0.0.2 - app.kubernetes.io/name: custom-chart - app.kubernetes.io/instance: helm-release-name - app.kubernetes.io/version: "1.16.0" - app.kubernetes.io/managed-by: Helm - annotations: - "helm.sh/hook": test -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['helm-release-name-custom-chart:80'] - restartPolicy: Never diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/external-secret.yaml deleted file mode 100644 index a0990fc..0000000 --- a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/external-secret.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# Source: include-custom-helm-charts/charts/external-secrets-config/templates/external-secret.yaml -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: "btp-account-mcp-blueprints" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - refreshInterval: "15m" - secretStoreRef: - name: "hashicorp-vault" - kind: "SecretStore" - target: - name: "btp-account-mcp-blueprints" - data: - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-cis-provider-credentials - secretKey: btp-cis-provider-credentials - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-service-account-provider-credentials - secretKey: btp-service-account-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/secret-store.yaml deleted file mode 100644 index a5989e8..0000000 --- a/manifests/helm/umbrella/blueprints/include-custom-helm-charts.abc.shoot.live.k8s-hana.ondemand.com/include-custom-helm-charts/charts/external-secrets-config/templates/secret-store.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -# Source: include-custom-helm-charts/charts/external-secrets-config/templates/secret-store.yaml -apiVersion: external-secrets.io/v1beta1 -kind: SecretStore -metadata: - name: "hashicorp-vault" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - provider: - vault: - auth: - kubernetes: - mountPath: kubernetes - role: mcp-blueprints - secretRef: - key: token - name: vault-token-sa - namespace: default - namespace: ns1 - path: k8s-clusters - server: https://vault.example/ - version: v2 diff --git a/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicy.yaml b/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicy.yaml deleted file mode 100644 index f1bb076..0000000 --- a/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicy.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -# Source: k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicy.yaml -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingAdmissionPolicy -metadata: - name: crossplane-helm-provider-config-if-secret-exists - labels: - openmcp.cloud/blueprint-building-block: "k8s-validating-admission-policy" - openmcp.cloud/blueprint-building-block-version: "0.0.5" -spec: - failurePolicy: Fail - matchConstraints: - resourceRules: - - apiGroups: - - "" - apiVersions: - - v1 - operations: - - DELETE - resources: - - secrets - paramKind: - apiVersion: helm.crossplane.io/v1beta1 - kind: ProviderConfig - validations: - - expression: "( \nhas(params.spec) && \nhas(params.spec.credentials) && \nhas(params.spec.credentials.secretRef) - && \nhas(params.spec.credentials.secretRef.name) && \noldObject.metadata.name - != params.spec.credentials.secretRef.name &&\noldObject.metadata.namespace != - params.spec.credentials.secretRef.namespace\n)\n" - messageExpression: '''Secret %s cannot be deleted because its referenced in Kind:%s - (%s) %s''.format([oldObject.metadata.name,params.kind,params.apiVersion,params.metadata.name])' - reason: Invalid diff --git a/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicyBinding.yaml b/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicyBinding.yaml deleted file mode 100644 index c63c7fc..0000000 --- a/manifests/helm/umbrella/blueprints/k8s-validating-admission-policy/k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicyBinding.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: k8s-validating-admission-policy/charts/k8s-validating-admission-policy/templates/ValidatingAdmissionPolicyBinding.yaml -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingAdmissionPolicyBinding -metadata: - name: crossplane-helm-provider-config-secret-binding - labels: - openmcp.cloud/blueprint-building-block: "k8s-validating-admission-policy" - openmcp.cloud/blueprint-building-block-version: "0.0.5" -spec: - paramRef: - parameterNotFoundAction: Allow - selector: {} - policyName: crossplane-helm-provider-config-if-secret-exists - validationActions: - - Deny diff --git a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml deleted file mode 100644 index 12c9fda..0000000 --- a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml -apiVersion: btp.sap.crossplane.io/v1alpha1 -kind: ProviderConfig -metadata: - name: "btp-account-provider-config" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - cliServerUrl: "https://cli.btp.cloud.sap" - globalAccount: "example1-aabb-1234-o987-3xampl3qwer6" - cisCredentials: - secretRef: - key: data - name: cis-provider-secret - namespace: default - source: Secret - serviceAccountSecret: - secretRef: - key: credentials - name: sa-provider-secret - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml deleted file mode 100644 index d21c16d..0000000 --- a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +++ /dev/null @@ -1,36 +0,0 @@ ---- -# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Subaccount -metadata: - name: subaccount1 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - description: 'Sub Account managed by OpenMCP & IaD from OpenMCP #2' - displayName: 'MCP #1 Blueprint Sub-Account #1' - region: eu01 - subaccountAdmins: [] - subdomain: blueprint-test-1 - providerConfigRef: - name: "btp-account-provider-config" ---- -# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Subaccount -metadata: - name: subaccount2 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - description: 'Sub Account managed by OpenMCP & IaD from OpenMCP #2 new' - displayName: 'MCP #1 Blueprint Sub-Account #2' - region: eu01 - subaccountAdmins: [] - subdomain: blueprint-test-2 - providerConfigRef: - name: "btp-account-provider-config" diff --git a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml deleted file mode 100644 index a1ed4bd..0000000 --- a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/cloud-management.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: CloudManagement -metadata: - name: subaccount1 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - providerConfigRef: - name: btp-account-provider-config - forProvider: - serviceManagerRef: - name: subaccount1 - subaccountRef: - name: subaccount1 - writeConnectionSecretToRef: - name: cis-btp-account-provider-config-subaccount1 - namespace: default diff --git a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml deleted file mode 100644 index b5baa51..0000000 --- a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +++ /dev/null @@ -1,36 +0,0 @@ ---- -# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Entitlement -metadata: - name: auditlog-viewer - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - serviceName: auditlog-viewer - servicePlanName: free - enable: true - subaccountRef: - name: subaccount1 - providerConfigRef: - name: "btp-account-provider-config" ---- -# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Entitlement -metadata: - name: cis-local - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - serviceName: cis - servicePlanName: local - enable: true - subaccountRef: - name: subaccount1 - providerConfigRef: - name: "btp-account-provider-config" diff --git a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml deleted file mode 100644 index 3664c61..0000000 --- a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/servicemanager.yaml -apiVersion: account.btp.sap.crossplane.io/v1beta1 -kind: ServiceManager -metadata: - name: subaccount1 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - writeConnectionSecretToRef: - # !!! TODO: Make this configurable !!! - name: btp-service-manager-btp-account-provider-config-subaccount1 - # !!! TODO: Make this configurable !!! - namespace: default - forProvider: - subaccountRef: - name: subaccount1 - providerConfigRef: - name: "btp-account-provider-config" diff --git a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/subscription.yaml b/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/subscription.yaml deleted file mode 100644 index 7b07fd4..0000000 --- a/manifests/helm/umbrella/blueprints/migration-test-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/subscription.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -# Source: migration-test-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/subscription.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Subscription -metadata: - name: subaccount1-auditlog-viewer - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - providerConfigRef: - name: btp-account-provider-config - forProvider: - appName: auditlog-viewer - planName: free - cloudManagementRef: - name: subaccount1 - writeConnectionSecretToRef: - name: auditlog-viewer - namespace: default diff --git a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml deleted file mode 100644 index e7cb133..0000000 --- a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml -apiVersion: btp.sap.crossplane.io/v1alpha1 -kind: ProviderConfig -metadata: - name: "provider-config-ref-name-btp-account-mcp-blueprints" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - cliServerUrl: "https://cli.btp.cloud.sap" - globalAccount: "globalaccountsubdomain" - cisCredentials: - secretRef: - key: btp-cis-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret - serviceAccountSecret: - secretRef: - key: btp-service-account-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml b/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml deleted file mode 100644 index 67a9ebb..0000000 --- a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml +++ /dev/null @@ -1,70 +0,0 @@ ---- -# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml -apiVersion: pkg.crossplane.io/v1 -kind: Provider -metadata: - name: provider-ias - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-pkgs" - openmcp.cloud/blueprint-building-block-version: "0.0.13" -spec: - package: ocm/crossplane/provider-ias:0.2.2 - packagePullPolicy: IfNotPresent - packagePullSecrets: - - name: pull-secret ---- -# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml -apiVersion: pkg.crossplane.io/v1 -kind: Provider -metadata: - name: provider-gardener-auth - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-pkgs" - openmcp.cloud/blueprint-building-block-version: "0.0.13" -spec: - package: ocm/crossplane/provider-gardener-auth:0.0.4 - packagePullPolicy: IfNotPresent - packagePullSecrets: - - name: pull-secret ---- -# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml -apiVersion: pkg.crossplane.io/v1 -kind: Provider -metadata: - name: provider-kubernetes - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-pkgs" - openmcp.cloud/blueprint-building-block-version: "0.0.13" -spec: - package: xpkg.upbound.io/crossplane-contrib/provider-kubernetes:v0.15.0 - packagePullPolicy: IfNotPresent - packagePullSecrets: - - name: pull-secret ---- -# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml -apiVersion: pkg.crossplane.io/v1 -kind: Provider -metadata: - name: provider-helm - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-pkgs" - openmcp.cloud/blueprint-building-block-version: "0.0.13" -spec: - package: xpkg.upbound.io/crossplane-contrib/provider-helm:v0.19.0 - packagePullPolicy: IfNotPresent - packagePullSecrets: - - name: pull-secret ---- -# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-pkgs/templates/pkg-crossplane-provider.yaml -apiVersion: pkg.crossplane.io/v1 -kind: Provider -metadata: - name: provider-btp - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-pkgs" - openmcp.cloud/blueprint-building-block-version: "0.0.13" -spec: - package: ghcr.io/sap/crossplane-provider-btp/crossplane/provider-btp:v1.0.2 - packagePullPolicy: IfNotPresent - packagePullSecrets: - - name: pull-secret diff --git a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml b/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml deleted file mode 100644 index 33588e0..0000000 --- a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Subaccount -metadata: - name: subaccount1 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - description: Sub Account managed by OpenMCP & IaD - displayName: CO Managed Control Plane Blueprint Sub-Account - region: eu01 - subaccountAdminEmails: [] - subdomain: mcp-blueprint-test-1 - providerConfigRef: - name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml b/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml deleted file mode 100644 index 2a19a4b..0000000 --- a/manifests/helm/umbrella/blueprints/ocm-package-provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: ocm-package-provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Entitlement -metadata: - name: auditlog-oauth2 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - serviceName: auditlog-management - servicePlanName: default - amount: 1 - subaccountRef: - name: subaccount1 - providerConfigRef: - name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml deleted file mode 100644 index 533e29c..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml +++ /dev/null @@ -1,822 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml -apiVersion: apiextensions.crossplane.io/v1 -kind: Composition -metadata: - name: nosqls.aws.api.example -spec: - compositeTypeRef: - apiVersion: aws.api.example/v1alpha1 - kind: NoSQL - resources: - - base: - apiVersion: s3.aws.upbound.io/v1beta1 - kind: Bucket - metadata: - name: basic-bucket - spec: - forProvider: - region: east-2 - providerConfigRef: - name: default - name: s3Bucket - patches: - - fromFieldPath: spec.location - toFieldPath: spec.forProvider.region - transforms: - - map: - EU: eu-north-1 - US: east-2 - type: map - type: FromCompositeFieldPath - - base: - apiVersion: dynamodb.aws.upbound.io/v1beta1 - kind: Table - metadata: - name: nosql-database - spec: - forProvider: - attribute: - - name: S3ID - type: S - hashKey: S3ID - readCapacity: 1 - region: east-2 - writeCapacity: 1 - name: dynamoDB - patches: - - fromFieldPath: spec.location - toFieldPath: spec.forProvider.region - transforms: - - map: - EU: eu-north-1 - US: east-2 - type: map - type: FromCompositeFieldPath ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml -apiVersion: apiextensions.crossplane.io/v1 -kind: Composition -metadata: - name: eks-cluster -spec: - compositeTypeRef: - apiVersion: api.example/v1alpha1 - kind: EKSCluster - mode: "Pipeline" - writeConnectionSecretsToNamespace: "crossplane-system" - pipeline: - - functionRef: - name: patch-and-transform - input: - apiVersion: pt.fn.crossplane.io/v1beta1 - kind: Resources - patchSets: - - name: common-parameters - patches: - - fromFieldPath: spec.parameters.region - toFieldPath: spec.forProvider.region - type: FromCompositeFieldPath - resources: - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: VPC - spec: - forProvider: - enableDnsHostnames: true - enableDnsSupport: true - providerConfigRef: - name: dev-aws - name: vpc - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.vpc-cidrBlock - toFieldPath: spec.forProvider.cidrBlock - type: FromCompositeFieldPath - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: InternetGateway - metadata: - labels: - type: igw - spec: - forProvider: - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: internetgateway - patches: - - patchSetName: common-parameters - type: PatchSet - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: Subnet - metadata: - labels: - type: subnet - visibility: public - spec: - forProvider: - mapPublicIpOnLaunch: true - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: subnet-public-1 - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.subnet1-public-cidrBlock - toFieldPath: spec.forProvider.cidrBlock - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.subnet1-public-availabilityZone - toFieldPath: spec.forProvider.availabilityZone - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.subnet1-public-availabilityZone - toFieldPath: metadata.labels.zone - type: FromCompositeFieldPath - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: Subnet - metadata: - labels: - type: subnet - visibility: public - spec: - forProvider: - mapPublicIpOnLaunch: true - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: subnet-public-2 - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.subnet2-public-cidrBlock - toFieldPath: spec.forProvider.cidrBlock - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.subnet2-public-availabilityZone - toFieldPath: spec.forProvider.availabilityZone - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.subnet2-public-availabilityZone - toFieldPath: metadata.labels.zone - type: FromCompositeFieldPath - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: Subnet - metadata: - labels: - type: subnet - visibility: private - spec: - forProvider: - mapPublicIpOnLaunch: false - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: subnet-private-1 - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.subnet1-private-cidrBlock - toFieldPath: spec.forProvider.cidrBlock - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.subnet1-private-availabilityZone - toFieldPath: spec.forProvider.availabilityZone - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.subnet1-private-availabilityZone - toFieldPath: metadata.labels.zone - type: FromCompositeFieldPath - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: Subnet - metadata: - labels: - type: subnet - visibility: private - spec: - forProvider: - mapPublicIpOnLaunch: false - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: subnet-private-2 - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.subnet2-private-cidrBlock - toFieldPath: spec.forProvider.cidrBlock - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.subnet2-private-availabilityZone - toFieldPath: spec.forProvider.availabilityZone - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.subnet2-private-availabilityZone - toFieldPath: metadata.labels.zone - type: FromCompositeFieldPath - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: EIP - metadata: - labels: - type: eip-1 - spec: - forProvider: - domain: vpc - providerConfigRef: - name: dev-aws - name: elastic-ip-1 - patches: - - patchSetName: common-parameters - type: PatchSet - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: EIP - metadata: - labels: - type: eip-2 - spec: - forProvider: - domain: vpc - providerConfigRef: - name: dev-aws - name: elastic-ip-2 - patches: - - patchSetName: common-parameters - type: PatchSet - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: NATGateway - metadata: - labels: - type: natgw-1 - spec: - forProvider: - allocationIdSelector: - matchLabels: - type: eip-1 - subnetIdSelector: - matchLabels: - type: subnet - visibility: public - providerConfigRef: - name: dev-aws - name: natgateway-1 - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.subnet1-public-availabilityZone - toFieldPath: spec.forProvider.subnetIdSelector.matchLabels.zone - type: FromCompositeFieldPath - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: NATGateway - metadata: - labels: - type: natgw-2 - spec: - forProvider: - allocationIdSelector: - matchLabels: - type: eip-2 - subnetIdSelector: - matchLabels: - type: subnet - visibility: public - providerConfigRef: - name: dev-aws - name: natgateway-2 - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.subnet2-public-availabilityZone - toFieldPath: spec.forProvider.subnetIdSelector.matchLabels.zone - type: FromCompositeFieldPath - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: RouteTable - spec: - forProvider: - region: PATCHED - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: routetable-public - patches: - - patchSetName: common-parameters - type: PatchSet - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: RouteTable - spec: - forProvider: - region: PATCHED - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: routetable-private-1 - patches: - - patchSetName: common-parameters - type: PatchSet - - base: - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: RouteTable - spec: - forProvider: - region: PATCHED - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: routetable-private-2 - patches: - - patchSetName: common-parameters - type: PatchSet - - base: - apiVersion: eks.aws.upbound.io/v1beta1 - kind: Cluster - spec: - forProvider: - vpcConfig: - - endpointPrivateAccess: false - endpointPublicAccess: true - subnetIdSelector: - matchLabels: - type: subnet - visibility: private - providerConfigRef: - name: dev-aws - writeConnectionSecretToRef: - name: dev-connection-secret - namespace: crossplane-system - connectionDetails: - - fromConnectionSecretKey: kubeconfig - name: kubeconfig-value - type: FromConnectionSecretKey - name: eks-cluster - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.k8s-version - toFieldPath: spec.forProvider.version - type: FromCompositeFieldPath - - fromFieldPath: metadata.uid - toFieldPath: spec.writeConnectionSecretToRef.name - transforms: - - string: - fmt: '%s-ekscluster-connection' - type: Format - type: string - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.cluster-role - toFieldPath: spec.forProvider.roleArn - type: FromCompositeFieldPath - - base: - apiVersion: iam.aws.upbound.io/v1beta1 - kind: Role - spec: - forProvider: - assumeRolePolicy: | - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": { - "Service": "eks.amazonaws.com" - }, - "Action": "sts:AssumeRole" - } - ] - } - providerConfigRef: - name: dev-aws - name: role - - base: - apiVersion: iam.aws.upbound.io/v1beta1 - kind: RolePolicyAttachment - spec: - forProvider: - policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy - roleSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws - name: rolePolicyAttachment - - base: - apiVersion: eks.aws.upbound.io/v1beta1 - kind: NodeGroup - spec: - forProvider: - clusterNameSelector: - matchControllerRef: true - instanceTypes: - - t3.medium - scalingConfig: - - minSize: 1 - subnetIdSelector: - matchControllerRef: true - matchLabels: - type: subnet - visibility: private - providerConfigRef: - name: dev-aws - name: eks-nodegroup - patches: - - patchSetName: common-parameters - type: PatchSet - - fromFieldPath: spec.parameters.workers-size - toFieldPath: spec.forProvider.scalingConfig[0].desiredSize - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.workers-size - toFieldPath: spec.forProvider.scalingConfig[0].maxSize - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.workload-type - toFieldPath: spec.forProvider.amiType - transforms: - - map: - gpu: x86_GPU - non-gpu: x86 - type: map - type: FromCompositeFieldPath - - fromFieldPath: spec.parameters.workernode-role - toFieldPath: spec.forProvider.nodeRoleArn - type: FromCompositeFieldPath - step: patch-and-transform ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml -apiVersion: apiextensions.crossplane.io/v1 -kind: Composition -metadata: - name: vpc -spec: - compositeTypeRef: - apiVersion: api.example/v1alpha1 - kind: XVPC - mode: "Pipeline" - pipeline: - - functionRef: - name: go-templating - input: - apiVersion: gotemplating.fn.crossplane.io/v1beta1 - inline: - template: | - {{ $claimNamespace := index $.observed.composite.resource.metadata.labels "crossplane.io/claim-namespace" }} - {{ $tenantAwsProviderConfigRef := printf "%s-aws" $claimNamespace }} - {{ $params := get .observed.composite.resource.spec "parameters" | default dict }} - --- - apiVersion: ec2.aws.crossplane.io/v1beta1 - kind: VPC - metadata: - annotations: - {{ setResourceNameAnnotation "vpc" }} - crossplane.io/external-name: {{ get $params "id" | default ( print $claimNamespace "-vpc" ) }} - spec: - forProvider: - region: {{ get $params "region" | default "east-1" }} - vpcCidrBlock: {{ get $params "vpcCIDRBlock" | default "192.168.0.0/16" }} - enableDnsSupport: true - enableDnsHostNames: true - instanceTenancy: default - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef }} - kind: GoTemplate - source: Inline - step: compose-resources ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml -apiVersion: apiextensions.crossplane.io/v1 -kind: Composition -metadata: - name: rdsinstance -spec: - compositeTypeRef: - apiVersion: api.example/v1alpha1 - kind: XRDSInstance - mode: "Pipeline" - pipeline: - - functionRef: - name: go-templating - input: - apiVersion: gotemplating.fn.crossplane.io/v1beta1 - inline: - template: | - {{ $claimNamespace := index $.observed.composite.resource.metadata.labels "crossplane.io/claim-namespace" }} - {{ $claimNamespaceTrimmed := $claimNamespace | replace "-" "" }} - {{ $tenantAwsProviderConfigRef := printf "%s-aws" $claimNamespace }} - {{ $params := get .observed.composite.resource.spec "parameters" | default dict }} - --- - apiVersion: rds.aws.upbound.io/v1beta2 - kind: Instance - metadata: - annotations: - {{ setResourceNameAnnotation "rdsInstance" }} - crossplane.io/external-name: {{ get $params "id" | default ( print $claimNamespace "-rds-instance" ) }} - spec: - forProvider: - allocatedStorage: {{ get $params "storage" | default 20 }} - autoGeneratePassword: true - autoMinorVersionUpgrade: true - backupRetentionPeriod: 14 - backupWindow: "09:46-10:16" - dbName: {{ get $params "name" | default ( print $claimNamespaceTrimmed "db" ) }} - engine: postgres - engineVersion: "16.1" # 16.3? console shows RDS 16.1-R2 (PostgreSQL 13.1-R2) - instanceClass: {{ printf "db.t3.%s" (get $params "size" | default "micro") }} - maintenanceWindow: Mon:00:00-Mon:03:00 - passwordSecretRef: - key: password - name: {{ printf "%s-rds-root" $claimNamespace }} - namespace: {{ $claimNamespace }} - publiclyAccessible: false - region: {{ printf "%s-1" (get $params "region" | default "east") }} - skipFinalSnapshot: true - storageEncrypted: true - storageType: gp2 - username: adminuser - writeConnectionSecretToRef: - name: {{ printf "%s-rds-connection-details" $claimNamespace }} - namespace: {{ $claimNamespace }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef }} - kind: GoTemplate - source: Inline - step: compose-resources ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-apiextensions-composition/templates/compostions-apiextensions-crossplane-io.yaml -apiVersion: apiextensions.crossplane.io/v1 -kind: Composition -metadata: - name: eksnetwork.api.example -spec: - compositeTypeRef: - apiVersion: api.example/v1alpha1 - kind: XEKSNetwork - mode: "Pipeline" - pipeline: - - functionRef: - name: go-templating - input: - apiVersion: gotemplating.fn.crossplane.io/v1beta1 - inline: - template: | - {{ $claimNamespace := index $.observed.composite.resource.metadata.labels "crossplane.io/claim-namespace" }} - {{ $tenantAwsProviderConfigRef := printf "%s-aws" $claimNamespace }} - {{ $params := get .observed.composite.resource.spec "parameters" | default dict }} - --- - {{ $vpcResourceName := "vpc" }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: VPC - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $vpcResourceName }} - spec: - forProvider: - cidrBlock: {{ $params.vpcCidrBlock | toYaml }} - enableDnsHostnames: true - enableDnsSupport: true - tags: - Name: {{ printf "%s-%s" $params.id $vpcResourceName | toYaml }} - region: {{ $params.region | toYaml }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - --- - {{ $igwResourceName := "internet-gateway" }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: InternetGateway - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $igwResourceName }} - spec: - forProvider: - region: {{ $params.region | toYaml }} - tags: - Name: {{ printf "%s-%s" $params.id $igwResourceName | toYaml }} - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - {{ $region := $params.region | toYaml }} - {{- range $i, $subnet := $params.subnets }} - --- - {{ $subnetResourceName := printf "subnet-%s-%s-%s" $subnet.availabilityZone $subnet.type (toString $i) }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: Subnet - metadata: - labels: - zone: {{ $subnet.availabilityZone }} - {{- if eq $subnet.type "private" }} - access: private - {{- else }} - access: public - {{- end }} - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $subnetResourceName }} - spec: - forProvider: - cidrBlock: {{ $subnet.cidrBlock | toYaml }} - {{ if eq $subnet.type "public" }} - mapPublicIpOnLaunch: true - {{ end }} - tags: - {{- if eq $subnet.type "private" }} - kubernetes.io/role/internal-elb: "1" - {{- else }} - kubernetes.io/role/elb: "1" - {{- end }} - Name: {{ printf "%s-%s" $params.id $subnetResourceName | toYaml }} - region: {{ $region }} - vpcIdSelector: - matchControllerRef: true - availabilityZone: {{ $subnet.availabilityZone | toYaml }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - {{- end }} - --- - {{ $routeTableResourceName := "route-table" }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: RouteTable - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $routeTableResourceName }} - spec: - forProvider: - vpcIdSelector: - matchControllerRef: true - region: {{ $params.region | toYaml }} - tags: - Name: {{ printf "%s-%s" $params.id $routeTableResourceName | toYaml }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - --- - {{ $publicRouteResourceName := "public-route" }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: Route - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $publicRouteResourceName }} - spec: - forProvider: - destinationCidrBlock: 0.0.0.0/0 - gatewayIdSelector: - matchControllerRef: true - routeTableIdSelector: - matchControllerRef: true - region: {{ $params.region | toYaml }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - --- - {{ $mainRouteTableAssociationResourceName := "main-route-table-association" }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: MainRouteTableAssociation - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $mainRouteTableAssociationResourceName }} - spec: - forProvider: - region: {{ $params.region | toYaml }} - routeTableIdSelector: - matchControllerRef: true - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - {{- range $i, $subnet := $params.subnets }} - --- - {{ $routeTableAssociationResourceName := printf "route-table-association-%s-%s-%s" $subnet.availabilityZone $subnet.type (toString $i) }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: RouteTableAssociation - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $routeTableAssociationResourceName }} - spec: - forProvider: - region: {{ $region }} - routeTableIdSelector: - matchControllerRef: true - subnetIdSelector: - matchControllerRef: true - matchLabels: - {{- if eq $subnet.type "private" }} - access: private - {{- else }} - access: public - {{- end }} - zone: {{ $subnet.availabilityZone | toYaml }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - {{- end }} - --- - {{ $sgResourceName := "security-group" }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: SecurityGroup - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $sgResourceName }} - spec: - forProvider: - description: Allow access to databases - name: {{ printf "%s-%s" $params.id $sgResourceName | toYaml }} - vpcIdSelector: - matchControllerRef: true - region: {{ $params.region | toYaml }} - tags: - Name: {{ printf "%s-%s" $params.id $sgResourceName | toYaml }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - --- - {{ $sgrpRulePostGresResourceName := "security-group-rule-postgres" }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: SecurityGroupRule - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $sgrpRulePostGresResourceName }} - spec: - forProvider: - cidrBlocks: - - 192.168.0.0/16 - description: Everywhere - fromPort: 5432 - protocol: tcp - securityGroupIdSelector: - matchControllerRef: true - toPort: 5432 - type: ingress - region: {{ $params.region | toYaml }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - --- - {{ $sgrpRuleMySQLResourceName := "security-group-rule-mysql" }} - apiVersion: ec2.aws.upbound.io/v1beta1 - kind: SecurityGroupRule - metadata: - labels: - eksnetworks.api.example/network-id: {{ $params.id | toYaml }} - annotations: - {{ setResourceNameAnnotation $sgrpRuleMySQLResourceName }} - spec: - forProvider: - cidrBlocks: - - 192.168.0.0/16 - description: Everywhere - fromPort: 3306 - protocol: tcp - securityGroupIdSelector: - matchControllerRef: true - toPort: 3306 - type: ingress - region: {{ $params.region | toYaml }} - providerConfigRef: - name: {{ $tenantAwsProviderConfigRef | toYaml }} - kind: GoTemplate - source: Inline - step: compose-resources - - functionRef: - name: go-templating - input: - apiVersion: gotemplating.fn.crossplane.io/v1beta1 - inline: - template: | - {{ $observedResources := get .observed "resources" | default dict }} - {{ $params := get .observed.composite.resource.spec "parameters" | default dict }} - {{ $vpcStatus := dig "vpc" "resource" "status" dict $observedResources }} - {{ $subnetsStatus := dict }} - {{ range $i, $subnet := $params.subnets }} - {{ $subnetResourceName := printf "subnet-%s-%s-%s" $subnet.availabilityZone $subnet.type (toString $i) }} - {{ $subnetStatuses := dig $subnetResourceName "resource" "status" dict $observedResources }} - {{ $subnetsStatus = merge $subnetsStatus (dict $subnetResourceName $subnetStatuses) }} - {{ end }} - apiVersion: api.example/v1alpha1 - kind: XEKSNetwork - status: - vpc: {{ $vpcStatus | toYaml | nindent 4 }} - subnets: {{ $subnetsStatus | toYaml | nindent 4 }} - kind: GoTemplate - source: Inline - step: set-xr-status - - functionRef: - name: auto-ready - step: automatically-detect-ready-composed-resources diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml deleted file mode 100644 index 692781b..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: EIP -metadata: - name: dev-ekscluster -spec: - deletionPolicy: "" - forProvider: - domain: vpc - region: west-2 - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/eip-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: EIP -metadata: - name: dev-ekscluster-2 -spec: - deletionPolicy: "" - forProvider: - domain: vpc - region: west-2 - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml deleted file mode 100644 index 491ade3..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: InternetGateway -metadata: - name: dev-ekscluster -spec: - deletionPolicy: "" - forProvider: - region: west-2 - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/internet-gateway-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: InternetGateway -metadata: - name: reference-eks-network -spec: - deletionPolicy: "" - forProvider: - region: east-1 - tags: - Name: platform-ref-eks-network-internet-gateway - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/main-route-rable-association-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/main-route-rable-association-ec2-aws-upbound-io.yaml deleted file mode 100644 index 7c44279..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/main-route-rable-association-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/main-route-rable-association-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: MainRouteTableAssociation -metadata: - name: reference-eks-network -spec: - deletionPolicy: "" - forProvider: - region: east-1 - routeTableIdSelector: - matchControllerRef: true - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml deleted file mode 100644 index 7f248f3..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,40 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: NATGateway -metadata: - name: dev-ekscluster -spec: - deletionPolicy: "" - forProvider: - allocationIdSelector: - matchLabels: - type: eip-1 - region: west-2 - subnetIdSelector: - matchLabels: - type: subnet - visibility: public - zone: west-2a - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/nat-gateway-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: NATGateway -metadata: - name: dev-ekscluster-2 -spec: - deletionPolicy: "" - forProvider: - allocationIdSelector: - matchLabels: - type: eip-2 - region: west-2 - subnetIdSelector: - matchLabels: - type: subnet - visibility: public - zone: west-2b - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-ec2-aws-upbound-io.yaml deleted file mode 100644 index 399c9ad..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Route -metadata: - name: reference-eks-network -spec: - deletionPolicy: "" - forProvider: - destinationCidrBlock: 0.0.0.0/0 - gatewayIdSelector: - matchControllerRef: true - region: east-1 - routeTableIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml deleted file mode 100644 index 334e813..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,76 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: RouteTableAssociation -metadata: - name: reference-eks-network-public -spec: - deletionPolicy: "" - forProvider: - region: east-1 - routeTableIdSelector: - matchControllerRef: true - subnetIdSelector: - matchControllerRef: true - matchLabels: - access: public - zone: east-1a - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: RouteTableAssociation -metadata: - name: reference-eks-network-private -spec: - deletionPolicy: "" - forProvider: - region: east-1 - routeTableIdSelector: - matchControllerRef: true - subnetIdSelector: - matchControllerRef: true - matchLabels: - access: private - zone: east-1a - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: RouteTableAssociation -metadata: - name: reference-eks-network-public-1b -spec: - deletionPolicy: "" - forProvider: - region: east-1 - routeTableIdSelector: - matchControllerRef: true - subnetIdSelector: - matchControllerRef: true - matchLabels: - access: public - zone: east-1b - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-association-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: RouteTableAssociation -metadata: - name: reference-eks-network-private-1b -spec: - deletionPolicy: "" - forProvider: - region: east-1 - routeTableIdSelector: - matchControllerRef: true - subnetIdSelector: - matchControllerRef: true - matchLabels: - access: private - zone: east-1b - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml deleted file mode 100644 index 6c56542..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: RouteTable -metadata: - name: dev-ekscluster -spec: - deletionPolicy: "" - forProvider: - region: west-2 - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/route-table-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: RouteTable -metadata: - name: reference-eks-network -spec: - deletionPolicy: "" - forProvider: - region: east-1 - tags: - Name: platform-ref-eks-network-route-table - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-ec2-aws-upbound-io.yaml deleted file mode 100644 index 88c5e15..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: SecurityGroup -metadata: - name: reference-eks-network -spec: - deletionPolicy: "" - forProvider: - description: Allow access to databases - name: platform-ref-eks-network-security-group - region: east-1 - tags: - Name: platform-ref-eks-network-security-group - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml deleted file mode 100644 index 4b706a3..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,42 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: SecurityGroupRuleRule -metadata: - name: reference-eks-network -spec: - deletionPolicy: "" - forProvider: - cidrBlocks: - - 192.168.0.0/16 - description: Everywhere - fromPort: 3306 - protocol: tcp - region: east-1 - securityGroupIdSelector: - matchControllerRef: true - toPort: 3306 - type: ingress - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/security-group-rule-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: SecurityGroupRuleRule -metadata: - name: reference-eks-network-5432 -spec: - deletionPolicy: "" - forProvider: - cidrBlocks: - - 192.168.0.0/16 - description: Everywhere - fromPort: 5432 - protocol: tcp - region: east-1 - securityGroupIdSelector: - matchControllerRef: true - toPort: 5432 - type: ingress - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml deleted file mode 100644 index 254fa55..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,146 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Subnet -metadata: - name: dev-ekscluster -spec: - deletionPolicy: "" - forProvider: - availabilityZone: west-2a - cidrBlock: 192.168.50.0/24 - mapPublicIpOnLaunch: false - region: west-2 - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Subnet -metadata: - name: reference-eks-network -spec: - deletionPolicy: "" - forProvider: - availabilityZone: east-1a - cidrBlock: 192.168.128.0/18 - region: east-1 - tags: - Name: platform-ref-eks-network-subnet-east-1a-private-2 - kubernetes.io/role/internal-elb: "1" - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Subnet -metadata: - name: reference-eks-network-public-0 -spec: - deletionPolicy: "" - forProvider: - availabilityZone: east-1a - cidrBlock: 192.168.0.0/18 - mapPublicIpOnLaunch: true - region: east-1 - tags: - Name: platform-ref-eks-network-subnet-east-1a-public-0 - kubernetes.io/role/elb: "1" - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Subnet -metadata: - name: reference-eks-network-east-1b-private-3 -spec: - deletionPolicy: "" - forProvider: - availabilityZone: east-1b - cidrBlock: 192.168.192.0/18 - region: east-1 - tags: - Name: platform-ref-eks-network-subnet-east-1b-private-3 - kubernetes.io/role/internal-elb: "1" - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Subnet -metadata: - name: reference-eks-network-east-1b-public-1 -spec: - deletionPolicy: "" - forProvider: - availabilityZone: east-1b - cidrBlock: 192.168.64.0/18 - mapPublicIpOnLaunch: true - region: east-1 - tags: - Name: platform-ref-eks-network-subnet-east-1b-public-1 - kubernetes.io/role/elb: "1" - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Subnet -metadata: - name: dev-ekscluster-2 -spec: - deletionPolicy: "" - forProvider: - availabilityZone: west-2b - cidrBlock: 192.168.51.0/24 - mapPublicIpOnLaunch: false - region: west-2 - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Subnet -metadata: - name: dev-ekscluster-3 -spec: - deletionPolicy: "" - forProvider: - availabilityZone: west-2b - cidrBlock: 192.168.49.0/24 - mapPublicIpOnLaunch: true - region: west-2 - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/subnet-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: Subnet -metadata: - name: dev-ekscluster-4 -spec: - deletionPolicy: "" - forProvider: - availabilityZone: west-2b - cidrBlock: 192.168.49.0/24 - mapPublicIpOnLaunch: true - region: west-2 - vpcIdSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml deleted file mode 100644 index 11aaac6..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: VPC -metadata: - name: dev-ekscluster -spec: - deletionPolicy: "" - forProvider: - cidrBlock: 192.168.48.0/20 - enableDnsHostnames: true - enableDnsSupport: true - region: west-2 - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: VPC -metadata: - name: reference-eks-network -spec: - deletionPolicy: "" - forProvider: - cidrBlock: 192.168.0.0/16 - enableDnsHostnames: true - enableDnsSupport: true - region: east-1 - tags: - Name: platform-ref-eks-network-vpc - providerConfigRef: - name: dev-aws ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-ec2/templates/vpc-ec2-aws-upbound-io.yaml -apiVersion: ec2.aws.upbound.io/v1beta1 -kind: VPC -metadata: - name: vpc-west-2 -spec: - deletionPolicy: "" - forProvider: - enableDnsHostNames: true - enableDnsSupport: true - instanceTenancy: default - region: west-2 - vpcCidrBlock: 10.0.0.0/16 - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/cluster-eks-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/cluster-eks-aws-upbound-io.yaml deleted file mode 100644 index 1ce2073..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/cluster-eks-aws-upbound-io.yaml +++ /dev/null @@ -1,40 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/cluster-eks-aws-upbound-io.yaml -apiVersion: eks.aws.upbound.io/v1beta1 -kind: Cluster -metadata: - name: dev-ekscluster - annotations: - crossplane.io/composition-resource-name: eks-cluster - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-aws-eks" - openmcp.cloud/blueprint-building-block-version: "0.0.12" - crossplane.io/claim-namespace: dev-us - crossplane.io/composite: dev-ekscluster - ownerReferences: - - apiVersion: api.example/v1alpha1 - blockOwnerDeletion: true - controller: true - kind: EKSCluster - name: dev-ekscluster - uid: "" -spec: - deletionPolicy: "" - forProvider: - region: west-2 - roleArn: arn:aws:iam::XXXX:role/EKS-Cluster-Role - version: "1.29" - vpcConfig: - - endpointPrivateAccess: false - endpointPublicAccess: true - subnetIdSelector: - matchLabels: - type: subnet - visibility: private - providerConfigRef: - name: dev-aws - writeConnectionSecretToRef: - name: dev-connection-secret - namespace: crossplane-system - publishConnectionDetailsTo: - {} diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/node-group-eks-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/node-group-eks-aws-upbound-io.yaml deleted file mode 100644 index 3ae5b5f..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/node-group-eks-aws-upbound-io.yaml +++ /dev/null @@ -1,41 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-eks/templates/node-group-eks-aws-upbound-io.yaml -apiVersion: eks.aws.upbound.io/v1beta1 -kind: NodeGroup -metadata: - name: dev-ekscluster - annotations: - crossplane.io/composition-resource-name: eks-nodegroup - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-aws-eks" - openmcp.cloud/blueprint-building-block-version: "0.0.12" - crossplane.io/claim-namespace: dev-us - crossplane.io/composite: dev-ekscluster - ownerReferences: - - apiVersion: api.example/v1alpha1 - blockOwnerDeletion: true - controller: true - kind: EKSCluster - name: dev-ekscluster - uid: "" -spec: - deletionPolicy: "" - forProvider: - amiType: x86 - clusterNameSelector: - matchControllerRef: true - instanceTypes: - - t3.medium - nodeRoleArn: arn:aws:iam::XXXX:role/EKS-WorkerNode-Role - region: west-2 - scalingConfig: - - desiredSize: 2 - maxSize: 2 - minSize: 1 - subnetIdSelector: - matchControllerRef: true - matchLabels: - type: subnet - visibility: private - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-iam-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-iam-aws-upbound-io.yaml deleted file mode 100644 index 2806fb0..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-iam-aws-upbound-io.yaml +++ /dev/null @@ -1,38 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-iam-aws-upbound-io.yaml -apiVersion: iam.aws.upbound.io/v1beta1 -kind: Role -metadata: - name: dev-ekscluster - annotations: - crossplane.io/composition-resource-name: role - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-aws-iam" - openmcp.cloud/blueprint-building-block-version: "0.0.13" - crossplane.io/claim-namespace: dev-us - crossplane.io/composite: dev-ekscluster - ownerReferences: - - apiVersion: api.example/v1alpha1 - blockOwnerDeletion: true - controller: true - kind: EKSCluster - name: dev-ekscluster - uid: "" -spec: - deletionPolicy: "" - forProvider: - assumeRolePolicy: | - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": { - "Service": "eks.amazonaws.com" - }, - "Action": "sts:AssumeRole" - } - ] - } - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-policy-attachment-iam-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-policy-attachment-iam-aws-upbound-io.yaml deleted file mode 100644 index f414976..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-policy-attachment-iam-aws-upbound-io.yaml +++ /dev/null @@ -1,28 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-iam/templates/role-policy-attachment-iam-aws-upbound-io.yaml -apiVersion: iam.aws.upbound.io/v1beta1 -kind: RolePolicyAttachment -metadata: - name: dev-ekscluster - annotations: - crossplane.io/composition-resource-name: rolePolicyAttachment - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-aws-iam" - openmcp.cloud/blueprint-building-block-version: "0.0.13" - crossplane.io/claim-namespace: dev-us - crossplane.io/composite: dev-ekscluster - ownerReferences: - - apiVersion: api.example/v1alpha1 - blockOwnerDeletion: true - controller: true - kind: EKSCluster - name: dev-ekscluster - uid: "" -spec: - deletionPolicy: "" - forProvider: - policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy - roleSelector: - matchControllerRef: true - providerConfigRef: - name: dev-aws diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-rdr/templates/instance-rdr-aws-upbound-io.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-rdr/templates/instance-rdr-aws-upbound-io.yaml deleted file mode 100644 index 15753b6..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/crossplane-provider-aws-rdr/templates/instance-rdr-aws-upbound-io.yaml +++ /dev/null @@ -1,34 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/crossplane-provider-aws-rdr/templates/instance-rdr-aws-upbound-io.yaml -apiVersion: rds.aws.upbound.io/v1beta2 -kind: Instance -metadata: - name: rds-instance -spec: - deletionPolicy: "" - forProvider: - allocatedStorage: 20 - autoGeneratePassword: true - autoMinorVersionUpgrade: true - backupRetentionPeriod: 14 - backupWindow: 09:46-10:16 - dbName: clopsdevusdb - engine: postgres - engineVersion: "16.1" - instanceClass: db.t3.micro - maintenanceWindow: Mon:00:00-Mon:03:00 - passwordSecretRef: - key: password - name: dev-rds-root - namespace: dev-us - publiclyAccessible: false - region: east-1 - skipFinalSnapshot: true - storageEncrypted: true - storageType: gp2 - username: adminuser - providerConfigRef: - name: dev-aws - writeConnectionSecretToRef: - name: dev-rds-connection-details - namespace: dev-us diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/external-secret.yaml deleted file mode 100644 index a055e58..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/external-secret.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/external-secrets-config/templates/external-secret.yaml -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: "btp-account-test" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - refreshInterval: "15m" - secretStoreRef: - name: "hashicorp-vault" - kind: "SecretStore" - target: - name: "btp-account-test" - data: - - remoteRef: - key: "" - property: btp-cis-provider-credentials - secretKey: btp-cis-provider-credentials - - remoteRef: - key: "" - property: btp-service-account-provider-credentials - secretKey: btp-service-account-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/secret-store.yaml deleted file mode 100644 index 05d51eb..0000000 --- a/manifests/helm/umbrella/blueprints/provider-aws.abc.shoot.live.k8s-hana.ondemand.com/provider-aws.zzzz/charts/external-secrets-config/templates/secret-store.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -# Source: provider-aws.zzzz/charts/external-secrets-config/templates/secret-store.yaml -apiVersion: external-secrets.io/v1beta1 -kind: SecretStore -metadata: - name: "hashicorp-vault" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - provider: - vault: - auth: - appRole: - path: approle - roleId: "" - secretRef: - key: token - name: hashicorp-vault-token - namespace: ns1 - path: k8s-clusters - server: https://vault.example/ - version: v2 diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml deleted file mode 100644 index 2156990..0000000 --- a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -# Source: provider-btp-accounts/charts/crossplane-provider-configs/templates/mcp/providerConfigs/btp.sap.crossplane.io.yaml -apiVersion: btp.sap.crossplane.io/v1alpha1 -kind: ProviderConfig -metadata: - name: "provider-config-ref-name-btp-account-mcp-blueprints" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - cliServerUrl: "https://cli.btp.cloud.sap" - globalAccount: "globalaccountsubdomain" - cisCredentials: - secretRef: - key: btp-cis-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret - serviceAccountSecret: - secretRef: - key: btp-service-account-provider-credentials - name: btp-account-mcp-blueprints - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml deleted file mode 100644 index 85230a8..0000000 --- a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-accounts/sub-accounts.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Subaccount -metadata: - name: subaccount1 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - description: Sub Account managed by OpenMCP & IaD - displayName: CO Managed Control Plane Blueprint Sub-Account - region: eu01 - subaccountAdminEmails: [] - subdomain: mcp-blueprint-test-1 - providerConfigRef: - name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml deleted file mode 100644 index 4e2f274..0000000 --- a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: provider-btp-accounts/charts/crossplane-provider-sap-btp-account/templates/mcp/btp-subscriptions/entitlements.yaml -apiVersion: account.btp.sap.crossplane.io/v1alpha1 -kind: Entitlement -metadata: - name: auditlog-oauth2 - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-sap-btp-account" - openmcp.cloud/blueprint-building-block-version: "0.0.9" -spec: - forProvider: - serviceName: auditlog-management - servicePlanName: default - amount: 1 - subaccountRef: - name: subaccount1 - providerConfigRef: - name: "provider-config-ref-name-btp-account-mcp-blueprints" diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml deleted file mode 100644 index edf3f2a..0000000 --- a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# Source: provider-btp-accounts/charts/external-secrets-config/templates/external-secret.yaml -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: "btp-account-mcp-blueprints" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - refreshInterval: "15m" - secretStoreRef: - name: "hashicorp-vault" - kind: "SecretStore" - target: - name: "btp-account-mcp-blueprints" - data: - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-cis-provider-credentials - secretKey: btp-cis-provider-credentials - - remoteRef: - key: btp-endpoint.example/btp-account - property: btp-service-account-provider-credentials - secretKey: btp-service-account-provider-credentials diff --git a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml deleted file mode 100644 index 5f099a9..0000000 --- a/manifests/helm/umbrella/blueprints/provider-btp-accounts.abc.shoot.live.k8s-hana.ondemand.com/provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -# Source: provider-btp-accounts/charts/external-secrets-config/templates/secret-store.yaml -apiVersion: external-secrets.io/v1beta1 -kind: SecretStore -metadata: - name: "hashicorp-vault" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - provider: - vault: - auth: - kubernetes: - mountPath: kubernetes - role: mcp-blueprints - secretRef: - key: token - name: vault-token-sa - namespace: default - namespace: ns1 - path: k8s-clusters - server: https://vault.example/ - version: v2 diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-gardener-shoot-kubeconfigs/templates/mcp-manifests/admin-kubeconfig-request.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-gardener-shoot-kubeconfigs/templates/mcp-manifests/admin-kubeconfig-request.yaml deleted file mode 100644 index e9816bb..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-gardener-shoot-kubeconfigs/templates/mcp-manifests/admin-kubeconfig-request.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -# Source: provider-gardener-existing/charts/crossplane-gardener-shoot-kubeconfigs/templates/mcp-manifests/admin-kubeconfig-request.yaml -apiVersion: gardener.orchestrate.cloud.sap/v1alpha1 -kind: AdminKubeconfigRequest -metadata: - name: "iad-test" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-gardener-shoot-kubeconfigs" - openmcp.cloud/blueprint-building-block-version: "0.0.10" -spec: - forProvider: - validFor: 1h0s - renewAfter: 45m0s - shootRef: - name: "iad-test" - namespace: "garden-co-golden" - providerConfigRef: - name: "garden-sa-co-mcp-blueprints" - writeConnectionSecretToRef: - name: gardener-shoot-kubeconfig-iad-test - namespace: default diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml deleted file mode 100644 index 547e820..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml -apiVersion: gardener.orchestrate.cloud.sap/v1alpha1 -kind: ProviderConfig -metadata: - name: "garden-sa-co-mcp-blueprints" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - credentials: - secretRef: - key: kubeconfig - name: garden-co-golden - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml deleted file mode 100644 index 7b40cb1..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml -apiVersion: helm.crossplane.io/v1beta1 -kind: ProviderConfig -metadata: - name: "gardener-shoot-iad-test" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - credentials: - secretRef: - key: kubeconfig - name: gardener-shoot-kubeconfig-iad-test - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml deleted file mode 100644 index df70493..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: provider-gardener-existing/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml -apiVersion: kubernetes.crossplane.io/v1alpha1 -kind: ProviderConfig -metadata: - name: "garden-sa-co-mcp-blueprints" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - credentials: - secretRef: - key: kubeconfig - name: garden-co-golden - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-helm/templates/helm-release.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-helm/templates/helm-release.yaml deleted file mode 100644 index da659aa..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/crossplane-provider-helm/templates/helm-release.yaml +++ /dev/null @@ -1,42 +0,0 @@ ---- -# Source: provider-gardener-existing/charts/crossplane-provider-helm/templates/helm-release.yaml -apiVersion: helm.crossplane.io/v1beta1 -kind: Release -metadata: - name: gardener-shoot-iad-test-ingress-nginx - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-helm" - openmcp.cloud/blueprint-building-block-version: "0.0.11" -spec: - providerConfigRef: - name: gardener-shoot-iad-test - # rollbackLimit: 3 - forProvider: - chart: - name: ingress-nginx - repository: https://kubernetes.github.io/ingress-nginx - version: 4.10.0 - namespace: default - # insecureSkipTLSVerify: true/false - # skipCreateNamespace: true/false - # wait: true/false - # skipCRDs: true/false - values: - controller: - config: - enable-underscores-in-headers: "true" - extraArgs: - default-ssl-certificate: default/www-tls - ingressClassResource: - default: true - service: - annotations: - cert.gardener.cloud/secretname: www-tls - dns.gardener.cloud/class: garden - dns.gardener.cloud/dnsnames: "" - dns.gardener.cloud/ttl: "600" - appProtocol: false - watchIngressWithoutClass: true - defaultBackend: - enabled: true - fullnameOverride: ingress-nginx diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/external-secret.yaml deleted file mode 100644 index 6d3c650..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/external-secret.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -# Source: provider-gardener-existing/charts/external-secrets-config/templates/external-secret.yaml -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: "garden-co-golden" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - refreshInterval: "15m" - secretStoreRef: - name: "hashicorp-vault" - kind: "SecretStore" - target: - name: "garden-co-golden" - data: - - remoteRef: - key: btp-endpoint.example/btp-account - property: kubeconfig - secretKey: kubeconfig diff --git a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/secret-store.yaml deleted file mode 100644 index 59b327f..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener-existing.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener-existing/charts/external-secrets-config/templates/secret-store.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -# Source: provider-gardener-existing/charts/external-secrets-config/templates/secret-store.yaml -apiVersion: external-secrets.io/v1beta1 -kind: SecretStore -metadata: - name: "hashicorp-vault" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - provider: - vault: - auth: - kubernetes: - mountPath: kubernetes - role: openmcp-kubernetes - secretRef: - key: token - name: vault-token-sa - namespace: default - namespace: ns1 - path: mcps - server: https://vault.example/ - version: v2 diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/garden-manifests/gardener-shoot-cluster-gcp.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/garden-manifests/gardener-shoot-cluster-gcp.yaml deleted file mode 100644 index cadd9e1..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/garden-manifests/gardener-shoot-cluster-gcp.yaml +++ /dev/null @@ -1,97 +0,0 @@ ---- -# Source: provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/garden-manifests/gardener-shoot-cluster-gcp.yaml -apiVersion: kubernetes.crossplane.io/v1alpha1 -kind: Object -metadata: - name: "iad-test" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-gardener-shoot-clusters" - openmcp.cloud/blueprint-building-block-version: "0.0.11" -spec: - providerConfigRef: - name: "garden-co-golden" # Set to Kubernetes ProviderConfig - forProvider: - manifest: - # gardener shoot api: https://github.com/gardener/gardener/blob/master/docs/api-reference/core.md - apiVersion: core.gardener.cloud/v1beta1 - kind: Shoot - metadata: - annotations: - confirmation.gardener.cloud/deletion: "true" # otherwise it can't be destroyed using IAD - name: iad-test - namespace: garden-co-golden - - spec: - secretBindingName: gcp-sa-garden-co-golden # Set your SecretBinding name - cloudProfileName: gcp - region: "europe-west1" - purpose: "testing" - #### START hyperscaler specific stuff START #### - provider: - type: gcp - infrastructureConfig: - apiVersion: gcp.provider.extensions.gardener.cloud/v1alpha1 - kind: InfrastructureConfig - networks: - workers: 10.180.0.0/16 - controlPlaneConfig: - apiVersion: gcp.provider.extensions.gardener.cloud/v1alpha1 - kind: ControlPlaneConfig - zone: europe-west1-b - workers: - - machine: - image: - name: gardenlinux - version: 1312.3.0 - type: n2-standard-8 - maxSurge: 1 - maxUnavailable: 0 - maximum: 3 - minimum: 1 - name: worker - volume: - encrypted: true - size: 50Gi - type: pd-standard - zones: - - europe-west1-b - #### END hyperscaler specific stuff END #### - kubernetes: - version: "1.30.2" - kubeAPIServer: - enableAnonymousAuthentication: false - scheduling.k8s.io/v1alpha1: true - kubeControllerManager: - nodeCIDRMaskSize: 24 - clusterAutoscaler: - scaleDownDelayAfterAdd: 1h0m0s - scaleDownDelayAfterDelete: 10s - scaleDownDelayAfterFailure: 10m0s - scaleDownUnneededTime: 30m0s - scaleDownUtilizationThreshold: 0.5 - scanInterval: 10s - extensions: - [] - networking: - nodes: 10.180.0.0/16 - type: calico - maintenance: - autoUpdate: - kubernetesVersion: false - machineImageVersion: true - confineSpecUpdateRollout: true - timeWindow: - begin: 120000+0000 - end: 130000+0000 - hibernation: - schedules: - - end: 00 08 * * 1,2,3,4,5 - location: Europe/Berlin - start: 00 21 * * 1,2,3,4,5 - addons: - kubernetesDashboard: - enabled: false - nginxIngress: - enabled: false - resources: - [] diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/mcp-manifests/admin-kubeconfig-request.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/mcp-manifests/admin-kubeconfig-request.yaml deleted file mode 100644 index 0f92787..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/mcp-manifests/admin-kubeconfig-request.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Source: provider-gardener/charts/crossplane-gardener-shoot-clusters/templates/mcp-manifests/admin-kubeconfig-request.yaml -apiVersion: gardener.orchestrate.cloud.sap/v1alpha1 -kind: AdminKubeconfigRequest -metadata: - name: "iad-test" -spec: - forProvider: - validFor: 1h0s - renewAfter: 45m0s - shootRef: - name: "iad-test" - namespace: "garden-co-golden" - providerConfigRef: - name: "garden-co-golden" - writeConnectionSecretToRef: - name: gardener-shoot-kubeconfig-iad-test - namespace: default diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml deleted file mode 100644 index b413679..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/gardener-orchestrate-cloud-sap.yaml -apiVersion: gardener.orchestrate.cloud.sap/v1alpha1 -kind: ProviderConfig -metadata: - name: "garden-co-golden" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - credentials: - secretRef: - key: kubeconfig - name: garden-co-golden - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml deleted file mode 100644 index 1e97c32..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/helm-crossplane-io.yaml -apiVersion: helm.crossplane.io/v1beta1 -kind: ProviderConfig -metadata: - name: "gardener-shoot-iad-test" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - credentials: - secretRef: - key: kubeconfig - name: gardener-shoot-kubeconfig-iad-test - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml deleted file mode 100644 index 8dfe274..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Source: provider-gardener/charts/crossplane-provider-configs/templates/mcp/providerConfigs/kubernetes-crossplane-io.yaml -apiVersion: kubernetes.crossplane.io/v1alpha1 -kind: ProviderConfig -metadata: - name: "garden-co-golden" - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-configs" - openmcp.cloud/blueprint-building-block-version: "0.0.18" -spec: - credentials: - secretRef: - key: kubeconfig - name: garden-co-golden - namespace: default - source: Secret diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-helm/templates/helm-release.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-helm/templates/helm-release.yaml deleted file mode 100644 index b3b8a9a..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/crossplane-provider-helm/templates/helm-release.yaml +++ /dev/null @@ -1,42 +0,0 @@ ---- -# Source: provider-gardener/charts/crossplane-provider-helm/templates/helm-release.yaml -apiVersion: helm.crossplane.io/v1beta1 -kind: Release -metadata: - name: gardener-shoot-iad-test-ingress-nginx - labels: - openmcp.cloud/blueprint-building-block: "crossplane-provider-helm" - openmcp.cloud/blueprint-building-block-version: "0.0.11" -spec: - providerConfigRef: - name: gardener-shoot-iad-test - # rollbackLimit: 3 - forProvider: - chart: - name: ingress-nginx - repository: https://kubernetes.github.io/ingress-nginx - version: 4.10.0 - namespace: default - # insecureSkipTLSVerify: true/false - # skipCreateNamespace: true/false - # wait: true/false - # skipCRDs: true/false - values: - controller: - config: - enable-underscores-in-headers: "true" - extraArgs: - default-ssl-certificate: default/www-tls - ingressClassResource: - default: true - service: - annotations: - cert.gardener.cloud/secretname: www-tls - dns.gardener.cloud/class: garden - dns.gardener.cloud/dnsnames: "" - dns.gardener.cloud/ttl: "600" - appProtocol: false - watchIngressWithoutClass: true - defaultBackend: - enabled: true - fullnameOverride: ingress-nginx diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/external-secret.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/external-secret.yaml deleted file mode 100644 index dc5bf76..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/external-secret.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -# Source: provider-gardener/charts/external-secrets-config/templates/external-secret.yaml -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: "garden-co-golden" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - refreshInterval: "15m" - secretStoreRef: - name: "hashicorp-vault" - kind: "SecretStore" - target: - name: "garden-co-golden" - data: - - remoteRef: - key: btp-endpoint.example/btp-account - property: kubeconfig - secretKey: kubeconfig diff --git a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/secret-store.yaml b/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/secret-store.yaml deleted file mode 100644 index 6fb4349..0000000 --- a/manifests/helm/umbrella/blueprints/provider-gardener.abc.shoot.live.k8s-hana.ondemand.com/provider-gardener/charts/external-secrets-config/templates/secret-store.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -# Source: provider-gardener/charts/external-secrets-config/templates/secret-store.yaml -apiVersion: external-secrets.io/v1beta1 -kind: SecretStore -metadata: - name: "hashicorp-vault" - namespace: "default" - labels: - openmcp.cloud/blueprint-building-block: "external-secrets-config" - openmcp.cloud/blueprint-building-block-version: "0.1.10" -spec: - provider: - vault: - auth: - kubernetes: - mountPath: kubernetes - role: openmcp-kubernetes - secretRef: - key: token - name: vault-token-sa - namespace: default - namespace: ns1 - path: mcps - server: https://vault.example/ - version: v2