Update xpkg.upbound.io/upbound/provider-azure-storage Docker tag to v… #94
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: provision-azure | |
| on: [push] | |
| env: | |
| KIND_NODE_VERSION: v1.29.0 | |
| RG_NAME: rg-crossplane | |
| # Azure | |
| ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} | |
| ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} | |
| ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} | |
| ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} | |
| jobs: | |
| crossplane-provision-azure: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@master | |
| # Using branch unique name for our bucket to prevent interfering jobs | |
| # But we need to split out the branch name, see https://stackoverflow.com/a/73467112/4964553 | |
| # otherwise we'll run into errors like: 'compose resources: cannot associate composed resources with Composition resource templates: cannot get composed resource: invalid resource name "spring2024-bucket-renovate/xpkg.upbound.io-upbound-provider-aws-s3-1.x": [may not contain '/']' | |
| - name: Split branch name | |
| env: | |
| BRANCH: ${{ github.ref_name }} | |
| id: split | |
| run: echo "::set-output name=branchbucketsuffix::${BRANCH##*/}" | |
| - name: Spin up kind | |
| run: | | |
| echo "### Create kind cluster" | |
| kind create cluster --image "kindest/node:$KIND_NODE_VERSION" --wait 5m | |
| echo "### Let's try to access our kind cluster via kubectl" | |
| kubectl get nodes | |
| - name: Install crossplane via Helm & install crossplane CLI | |
| run: | | |
| echo "### Install crossplane via Helm" | |
| helm dependency update crossplane-install | |
| helm upgrade --install crossplane --namespace crossplane-system crossplane-install --create-namespace | |
| echo "### Install crossplane CLI" | |
| curl -sL "https://raw.githubusercontent.com/crossplane/crossplane/master/install.sh" | sh | |
| sudo mv crossplane /usr/local/bin | |
| - name: Check crossplane status | |
| run: | | |
| helm list -n crossplane-system | |
| echo "### Wait for crossplane to become ready before installing Providers" | |
| kubectl wait --for=condition=ready pod -l app=crossplane --namespace crossplane-system --timeout=120s | |
| kubectl get all -n crossplane-system | |
| - name: Configure crossplane to access Azure | |
| run: | | |
| echo "### Create crossplane-azure-provider-key.json file" | |
| echo "{ | |
| \"clientId\": \"$ARM_CLIENT_ID\", | |
| \"clientSecret\": \"$ARM_CLIENT_SECRET\", | |
| \"subscriptionId\": \"$ARM_SUBSCRIPTION_ID\", | |
| \"tenantId\": \"$ARM_TENANT_ID\", | |
| \"activeDirectoryEndpointUrl\": \"https://login.microsoftonline.com\", | |
| \"resourceManagerEndpointUrl\": \"https://management.azure.com/\", | |
| \"activeDirectoryGraphResourceId\": \"https://graph.windows.net/\", | |
| \"sqlManagementEndpointUrl\": \"https://management.core.windows.net:8443/\", | |
| \"galleryEndpointUrl\": \"https://gallery.azure.com/\", | |
| \"managementEndpointUrl\": \"https://management.core.windows.net/\" | |
| }" > crossplane-azure-provider-key.json | |
| echo "### Create Azure Provider secret" | |
| kubectl create secret generic azure-account-creds -n crossplane-system --from-file=creds=./crossplane-azure-provider-key.json | |
| echo "### Install the crossplane Azure Provider (now using Upbound official Azure Provider Families)" | |
| kubectl apply -f upbound/provider-azure-storage/config/provider-azure-storage.yaml | |
| kubectl get provider.pkg.crossplane.io | |
| echo "### Wait until Azure Provider is up and running" | |
| kubectl wait --for=condition=healthy --timeout=120s provider/upbound-provider-azure-storage | |
| echo "### Create ProviderConfig to consume the Secret containing Azure credentials" | |
| kubectl apply -f upbound/provider-azure-storage/config/provider-config-azure.yaml | |
| echo "### Get overall provider status" | |
| kubectl get provider | |
| # Not using kubectl apply -f upbound/provider-azure-storage/claim.yaml currently to prevent jobs from interfering with each other | |
| - name: Create XRD, Composite & Claim to create ResourceGroup & StorageAccount | |
| run: | | |
| echo "### Create CompositeResourceDefinition (XRD)" | |
| kubectl apply -f upbound/provider-azure-storage/definition.yaml | |
| kubectl get xrd | |
| echo "### Wait for XRD to become Offered" | |
| kubectl wait --for=condition=Offered --timeout=120s xrd xstoragesazure.crossplane.jonashackt.io | |
| echo "### Create Composition" | |
| kubectl apply -f upbound/provider-azure-storage/composition.yaml | |
| echo "### Create Claim, which should create ResourceGroup & StorageAccount" | |
| kubectl apply -f - <<EOF | |
| apiVersion: crossplane.jonashackt.io/v1alpha1 | |
| kind: StorageAzure | |
| metadata: | |
| namespace: default | |
| name: managed-storage-account | |
| spec: | |
| compositionRef: | |
| name: storageazure-composition | |
| parameters: | |
| location: West Europe | |
| resourceGroupName: "$RG_NAME-${{ steps.split.outputs.branchbucketsuffix }}" | |
| storageAccountName: account4c8672d | |
| EOF | |
| echo "### Show crossplane overall status" | |
| kubectl get crossplane | |
| echo "### Trace status of Azure ResourceGroup & Storage Account" | |
| crossplane beta trace storageazure.crossplane.jonashackt.io/managed-storage-account -o wide | |
| echo "### Wait until ResourceGroup is ready" | |
| kubectl wait --for=condition=ready --timeout=180s resourcegroup "$RG_NAME-${{ steps.split.outputs.branchbucketsuffix }}" | |
| echo "### Wait 3 mins until Claim & XR (Composite) are ready" | |
| kubectl wait --for=condition=ready --timeout=360s storageazure.crossplane.jonashackt.io/managed-storage-account | |
| echo "### Trace status of Azure ResourceGroup & Storage Account" | |
| crossplane beta trace storageazure.crossplane.jonashackt.io/managed-storage-account -o wide | |
| - name: Delete Resources | |
| run: | | |
| echo "### Remove CompositeResourceClaim to delete Storage Account and Resource Group" | |
| kubectl delete -f upbound/provider-azure-storage/claim.yaml |