vynil/addons
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
unstable
addons/core/fission/datas.tf

454 lines
12 KiB
HCL
Raw Permalink Blame History

locals {
common-labels = {
"vynil.solidite.fr/owner-name" = var.instance
"vynil.solidite.fr/owner-namespace" = var.namespace
"vynil.solidite.fr/owner-category" = var.category
"vynil.solidite.fr/owner-component" = var.component
"app.kubernetes.io/managed-by" = "vynil"
"app.kubernetes.io/name" = var.component
"app.kubernetes.io/instance" = var.instance
}
rb_patch = <<-EOF
- op: replace
path: /subjects/0/namespace
value: "${var.namespace}"
EOF
pull_policy_patch = <<-EOF
- op: replace
path: /spec/template/spec/containers/0/imagePullPolicy
value: "${var.images.bundle.pull_policy}"
EOF
}
data "kustomization_overlay" "data" {
common_labels = local.common-labels
namespace = var.namespace
resources = [for file in fileset(path.module, "*.yaml"): file if file != "index.yaml" && length(regexall("ClusterRole",file))<1 && length(regexall("WebhookConfiguration",file))<1]
images {
name = "ghcr.io/fission/fission-bundle"
new_name = "${var.images.bundle.registry}/${var.images.bundle.repository}"
new_tag = "${var.images.bundle.tag}"
}
patches {
target {
kind = "Deployment"
name = "router"
}
patch = <<-EOF
- op: replace
path: /spec/template/spec/containers/0/args/3
value: "http://executor.${var.namespace}"
- op: replace
path: /spec/template/spec/containers/0/env/15/value
value: "${var.namespace}"
- op: replace
path: /spec/template/spec/containers/0/env/16/value
value: "${var.additionnal_namespaces}"
EOF
}
patches {
target {
kind = "Deployment"
name = "storagesvc"
}
patch = <<-EOF
- op: replace
path: /spec/template/spec/containers/0/env/6/value
value: "${var.namespace}"
- op: replace
path: /spec/template/spec/containers/0/env/7/value
value: "${var.additionnal_namespaces}"
EOF
}
patches {
target {
kind = "Deployment"
name = "kubewatcher"
}
patch = <<-EOF
- op: replace
path: /spec/template/spec/containers/0/args/2
value: "http://router.${var.namespace}"
- op: replace
path: /spec/template/spec/containers/0/env/4/value
value: "${var.namespace}"
- op: replace
path: /spec/template/spec/containers/0/env/5/value
value: "${var.additionnal_namespaces}"
EOF
}
patches {
target {
kind = "Deployment"
name = "timer"
}
patch = <<-EOF
- op: replace
path: /spec/template/spec/containers/0/args/2
value: "http://router.${var.namespace}"
- op: replace
path: /spec/template/spec/containers/0/env/4/value
value: "${var.namespace}"
- op: replace
path: /spec/template/spec/containers/0/env/5/value
value: "${var.additionnal_namespaces}"
EOF
}
patches {
target {
kind = "Deployment"
name = "buildermgr"
}
patch = <<-EOF
- op: replace
path: /spec/template/spec/containers/0/args/2
value: "http://storagesvc.${var.namespace}"
- op: replace
path: /spec/template/spec/containers/0/env/0/value
value: "${var.images.fetcher.registry}/${var.images.fetcher.repository}:${var.images.fetcher.tag}"
- op: replace
path: /spec/template/spec/containers/0/env/13/value
value: "${var.namespace}"
- op: replace
path: /spec/template/spec/containers/0/env/14/value
value: "${var.additionnal_namespaces}"
EOF
}
patches {
target {
kind = "Deployment"
name = "executor"
}
patch = <<-EOF
- op: replace
path: /spec/template/spec/containers/0/env/0/value
value: "${var.images.fetcher.registry}/${var.images.fetcher.repository}:${var.images.fetcher.tag}"
- op: replace
path: /spec/template/spec/containers/0/env/17/value
value: "${var.namespace}"
- op: replace
path: /spec/template/spec/containers/0/env/18/value
value: "${var.additionnal_namespaces}"
EOF
}
patches {
target {
kind = "Deployment"
name = "mqtrigger-keda"
}
patch = <<-EOF
- op: replace
path: /spec/template/spec/containers/0/args/2
value: "http://router.${var.namespace}"
- op: replace
path: /spec/template/spec/containers/0/env/2/value
value: "${var.images.keda-kafka.registry}/${var.images.keda-kafka.repository}:${var.images.keda-kafka.tag}"
- op: replace
path: /spec/template/spec/containers/0/env/3/value
value: "${var.images.keda-rabbitmq.registry}/${var.images.keda-rabbitmq.repository}:${var.images.keda-rabbitmq.tag}"
- op: replace
path: /spec/template/spec/containers/0/env/4/value
value: "${var.images.keda-aws-kinesis.registry}/${var.images.keda-aws-kinesis.repository}:${var.images.keda-aws-kinesis.tag}"
- op: replace
path: /spec/template/spec/containers/0/env/5/value
value: "${var.images.keda-aws-sqs.registry}/${var.images.keda-aws-sqs.repository}:${var.images.keda-aws-sqs.tag}"
- op: replace
path: /spec/template/spec/containers/0/env/6/value
value: "${var.images.keda-nats-streaming.registry}/${var.images.keda-nats-streaming.repository}:${var.images.keda-nats-streaming.tag}"
- op: replace
path: /spec/template/spec/containers/0/env/7/value
value: "${var.images.keda-nats-jetstream.registry}/${var.images.keda-nats-jetstream.repository}:${var.images.keda-nats-jetstream.tag}"
- op: replace
path: /spec/template/spec/containers/0/env/8/value
value: "${var.images.keda-gcp-pubsub.registry}/${var.images.keda-gcp-pubsub.repository}:${var.images.keda-gcp-pubsub.tag}"
- op: replace
path: /spec/template/spec/containers/0/env/9/value
value: "${var.images.keda-redis.registry}/${var.images.keda-redis.repository}:${var.images.keda-redis.tag}"
- op: replace
path: /spec/template/spec/containers/0/env/12/value
value: "${var.namespace}"
- op: replace
path: /spec/template/spec/containers/0/env/13/value
value: "${var.additionnal_namespaces}"
EOF
}
patches {
target {
kind = "Deployment"
name = "buildermgr"
}
patch = local.pull_policy_patch
}
patches {
target {
kind = "Deployment"
name = "executor"
}
patch = local.pull_policy_patch
}
patches {
target {
kind = "Deployment"
name = "mqtrigger-keda"
}
patch = local.pull_policy_patch
}
patches {
target {
kind = "Deployment"
name = "kubewatcher"
}
patch = local.pull_policy_patch
}
patches {
target {
kind = "Deployment"
name = "webhook"
}
patch = local.pull_policy_patch
}
patches {
target {
kind = "Deployment"
name = "timer"
}
patch = local.pull_policy_patch
}
patches {
target {
kind = "Deployment"
name = "storagesvc"
}
patch = local.pull_policy_patch
}
patches {
target {
kind = "Deployment"
name = "router"
}
patch = local.pull_policy_patch
}
patches {
target {
kind = "PersistentVolumeClaim"
name = "fission-storage-pvc"
}
patch = <<-EOF
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: fission-storage-pvc
spec:
accessModes:
- "${var.storage.volume.access_mode}"
resources:
requests:
storage: "${var.storage.volume.size}"
EOF
}
}
data "kustomization_overlay" "data_no_ns" {
common_labels = local.common-labels
resources = [for file in fileset(path.module, "*.yaml"): file if file != "index.yaml" && (length(regexall("ClusterRole",file))>0 || length(regexall("WebhookConfiguration",file))>0)]
patches {
target {
kind = "ClusterRoleBinding"
name = "buildermgr"
}
patch = local.rb_patch
}
patches {
target {
kind = "ClusterRoleBinding"
name = "buildermgr-fission-cr"
}
patch = local.rb_patch
}
patches {
target {
kind = "ClusterRoleBinding"
name = "executor"
}
patch = local.rb_patch
}
patches {
target {
kind = "ClusterRoleBinding"
name = "executor-fission-cr"
}
patch = local.rb_patch
}
patches {
target {
kind = "ClusterRoleBinding"
name = "fission-builder"
}
patch = local.rb_patch
}
patches {
target {
kind = "ClusterRoleBinding"
name = "fission-fetcher"
}
patch = local.rb_patch
}
patches {
target {
kind = "ClusterRoleBinding"
name = "fission-fetcher-websocket"
}
patch = local.rb_patch
}
patches {
target {
kind = "ClusterRoleBinding"
name = "fluentbit"
}
patch = local.rb_patch
}
patches {
target {
kind = "ClusterRoleBinding"
name = "keda"
}
patch = local.rb_patch
}
patches {
target {
kind = "ClusterRoleBinding"
name = "keda-fission-cr"
}
patch = local.rb_patch
}
patches {
target {
kind = "ClusterRoleBinding"
name = "kubewatcher"
}
patch = local.rb_patch
}
patches {
target {
kind = "ClusterRoleBinding"
name = "kubewatcher-fission-cr"
}
patch = local.rb_patch
}
patches {
target {
kind = "ClusterRoleBinding"
name = "kubewatcher-fission-cr"
}
patch = local.rb_patch
}
patches {
target {
kind = "ClusterRoleBinding"
name = "router"
}
patch = local.rb_patch
}
patches {
target {
kind = "ClusterRoleBinding"
name = "router-fission-cr"
}
patch = local.rb_patch
}
patches {
target {
kind = "ClusterRoleBinding"
name = "storagesvc-fission-cr"
}
patch = local.rb_patch
}
patches {
target {
kind = "ClusterRoleBinding"
name = "timer"
}
patch = local.rb_patch
}
patches {
target {
kind = "ClusterRoleBinding"
name = "timer-fission-cr"
}
patch = local.rb_patch
}
patches {
target {
kind = "MutatingWebhookConfiguration"
name = "mutating-webhook-configuration"
}
patch = <<-EOF
- op: replace
path: /webhooks/0/clientConfig/service/namespace
value: "${var.namespace}"
EOF
}
patches {
target {
kind = "ValidatingWebhookConfiguration"
name = "validating-webhook-configuration"
}
patch = <<-EOF
- op: replace
path: /webhooks/0/clientConfig/service/namespace
value: "${var.namespace}"
- op: replace
path: /webhooks/1/clientConfig/service/namespace
value: "${var.namespace}"
- op: replace
path: /webhooks/2/clientConfig/service/namespace
value: "${var.namespace}"
- op: replace
path: /webhooks/3/clientConfig/service/namespace
value: "${var.namespace}"
- op: replace
path: /webhooks/4/clientConfig/service/namespace
value: "${var.namespace}"
- op: replace
path: /webhooks/5/clientConfig/service/namespace
value: "${var.namespace}"
- op: replace
path: /webhooks/6/clientConfig/service/namespace
value: "${var.namespace}"
EOF
}
patches {
target {
kind = "MutatingWebhookConfiguration"
name = "mutating-webhook-configuration"
}
patch = <<-EOF
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: "${var.namespace}/fission-webhook-certs"
name: mutating-webhook-configuration
EOF
}
patches {
target {
kind = "ValidatingWebhookConfiguration"
name = "validating-webhook-configuration"
}
patch = <<-EOF
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: "${var.namespace}/fission-webhook-certs"
name: validating-webhook-configuration
EOF
}
}
Reference in New Issue View Git Blame Copy Permalink