From 394fbd6d30f3cba4d116749066493e0cf9e0389c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Huss?= Date: Sun, 15 Oct 2023 13:57:17 +0200 Subject: [PATCH] fix --- meta/domain-auth/divisions.tf | 15 +- meta/domain-auth/index.yaml | 415 +++++++++++------------ meta/domain-devspaces/index.yaml | 438 ++++++++++++------------- meta/domain-devspaces/organisations.tf | 7 +- share/accounts-management/groups.tf | 6 +- share/accounts-management/index.yaml | 65 ++-- share/division/groups.tf | 4 +- share/division/index.yaml | 39 +-- 8 files changed, 503 insertions(+), 486 deletions(-) diff --git a/meta/domain-auth/divisions.tf b/meta/domain-auth/divisions.tf index db694a5..8ef3eba 100644 --- a/meta/domain-auth/divisions.tf +++ b/meta/domain-auth/divisions.tf @@ -5,7 +5,10 @@ locals { sorted-div-clients = flatten([ for name in local.sorted-div-clients-names: [ for div in var.clients.divisions: - div if div.name == name + merge({ + "apps" = [] + "teams" = [] + }, div) if div.name == name ] ]) sorted-div-employes-names = reverse(distinct(sort([ @@ -14,7 +17,10 @@ locals { sorted-div-employes = flatten([ for name in local.sorted-div-employes-names: [ for div in var.employes.divisions: - div if div.name == name + merge({ + "apps" = [] + "teams" = [] + }, div) if div.name == name ] ]) sorted-div-fournisseurs-names = reverse(distinct(sort([ @@ -23,7 +29,10 @@ locals { sorted-div-fournisseurs = flatten([ for name in local.sorted-div-fournisseurs-names: [ for div in var.fournisseurs.divisions: - div if div.name == name + merge({ + "apps" = [] + "teams" = [] + }, div) if div.name == name ] ]) } diff --git a/meta/domain-auth/index.yaml b/meta/domain-auth/index.yaml index da64503..b2d6a48 100644 --- a/meta/domain-auth/index.yaml +++ b/meta/domain-auth/index.yaml @@ -6,231 +6,231 @@ metadata: name: domain-auth description: null options: - authentik-ldap: + employes: default: - enable: false + apps: [] + divisions: [] + enable: true examples: - - enable: false - type: object + - apps: [] + divisions: [] + enable: true properties: + apps: + default: [] + items: + type: string + type: array + divisions: + default: [] + items: + properties: + apps: + items: + type: string + type: array + name: + type: string + teams: + items: + type: object + type: array + type: object + type: array enable: + default: true type: boolean - default: false - domain: - default: your-company - examples: - - your-company - type: string - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string + type: object domain-name: default: your_company.com examples: - your_company.com type: string - ingress-class: - default: traefik - examples: - - traefik - type: string - storage-classes: - default: - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - examples: - - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - type: object - properties: - BlockReadWriteMany: - type: string - default: '' - BlockReadWriteOnce: - type: string - default: '' - FilesystemReadWriteMany: - type: string - default: '' - FilesystemReadWriteOnce: - type: string - default: '' - distributions: - default: - domain: domain - core: core - examples: - - domain: domain - core: core - type: object - properties: - core: - type: string - default: core - domain: - type: string - default: domain - authentik: - default: - enable: true - examples: - - enable: true - type: object - properties: - enable: - type: boolean - default: true - clients: - default: - enable: false - apps: [] - divisions: [] - properties: - enable: - type: boolean - default: false - apps: - type: array - items: - type: string - default: [] - divisions: - type: array - items: - type: object - properties: - name: - type: string - apps: - type: array - items: - type: string - teams: - type: array - items: - type: object - default: [] - examples: - - enable: false - apps: [] - divisions: [] - type: object - employes: - default: - enable: true - apps: [] - divisions: [] - properties: - enable: - type: boolean - default: true - apps: - type: array - items: - type: string - default: [] - divisions: - type: array - items: - type: object - properties: - name: - type: string - apps: - type: array - items: - type: string - teams: - type: array - items: - type: object - default: [] - examples: - - enable: true - apps: [] - divisions: [] - type: object - fournisseurs: - default: - enable: false - apps: [] - divisions: [] - properties: - enable: - type: boolean - default: false - apps: - type: array - items: - type: string - default: [] - divisions: - type: array - items: - type: object - properties: - name: - type: string - apps: - type: array - items: - type: string - teams: - type: array - items: - type: object - default: [] - examples: - - enable: false - apps: [] - divisions: [] - type: object - backups: - default: - enable: false - endpoint: '' - secret-name: backup-settings - key-id-key: s3-id - secret-key: s3-secret - examples: - - enable: false - endpoint: '' - secret-name: backup-settings - key-id-key: s3-id - secret-key: s3-secret - type: object - properties: - enable: - type: boolean - default: false - endpoint: - type: string - default: '' - key-id-key: - type: string - default: s3-id - secret-key: - type: string - default: s3-secret - secret-name: - type: string - default: backup-settings authentik-forward: default: enable: false examples: - enable: false - type: object properties: enable: - type: boolean default: false + type: boolean + type: object + fournisseurs: + default: + apps: [] + divisions: [] + enable: false + examples: + - apps: [] + divisions: [] + enable: false + properties: + apps: + default: [] + items: + type: string + type: array + divisions: + default: [] + items: + properties: + apps: + items: + type: string + type: array + name: + type: string + teams: + items: + type: object + type: array + type: object + type: array + enable: + default: false + type: boolean + type: object + clients: + default: + apps: [] + divisions: [] + enable: false + examples: + - apps: [] + divisions: [] + enable: false + properties: + apps: + default: [] + items: + type: string + type: array + divisions: + default: [] + items: + properties: + apps: + items: + type: string + type: array + name: + type: string + teams: + items: + type: object + type: array + type: object + type: array + enable: + default: false + type: boolean + type: object + storage-classes: + default: + BlockReadWriteMany: '' + BlockReadWriteOnce: '' + FilesystemReadWriteMany: '' + FilesystemReadWriteOnce: '' + examples: + - BlockReadWriteMany: '' + BlockReadWriteOnce: '' + FilesystemReadWriteMany: '' + FilesystemReadWriteOnce: '' + properties: + BlockReadWriteMany: + default: '' + type: string + BlockReadWriteOnce: + default: '' + type: string + FilesystemReadWriteMany: + default: '' + type: string + FilesystemReadWriteOnce: + default: '' + type: string + type: object + ingress-class: + default: traefik + examples: + - traefik + type: string + authentik: + default: + enable: true + examples: + - enable: true + properties: + enable: + default: true + type: boolean + type: object + authentik-ldap: + default: + enable: false + examples: + - enable: false + properties: + enable: + default: false + type: boolean + type: object + backups: + default: + enable: false + endpoint: '' + key-id-key: s3-id + secret-key: s3-secret + secret-name: backup-settings + examples: + - enable: false + endpoint: '' + key-id-key: s3-id + secret-key: s3-secret + secret-name: backup-settings + properties: + enable: + default: false + type: boolean + endpoint: + default: '' + type: string + key-id-key: + default: s3-id + type: string + secret-key: + default: s3-secret + type: string + secret-name: + default: backup-settings + type: string + type: object + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + domain: + default: your-company + examples: + - your-company + type: string + distributions: + default: + core: core + domain: domain + examples: + - core: core + domain: domain + properties: + core: + default: core + type: string + domain: + default: domain + type: string + type: object dependencies: [] providers: kubernetes: true @@ -239,4 +239,5 @@ providers: postgresql: null restapi: null http: null + gitea: null tfaddtype: false diff --git a/meta/domain-devspaces/index.yaml b/meta/domain-devspaces/index.yaml index 401937e..7faf7f2 100644 --- a/meta/domain-devspaces/index.yaml +++ b/meta/domain-devspaces/index.yaml @@ -6,84 +6,57 @@ metadata: name: domain-devspaces description: null options: - organisations: - default: [] - examples: - - [] - items: - properties: - datasets: - default: [] - items: - properties: - databases: - default: [] - items: - properties: - name: - default: db - type: string - type: object - type: array - engine: - default: pg - type: string - name: - default: '' - type: string - type: object - type: array - name: - default: '' - type: string - stages: - default: [] - items: - properties: - name: - default: prod - type: string - type: object - type: array - type: object - type: array - images: + apps: default: - codeserver: - pullPolicy: IfNotPresent - registry: docker.io - repository: sebt3/code-server - tag: 4.15 + dbgate: + enable: false + okd: + enable: false + superset: + enable: false + yaade: + enable: false examples: - - codeserver: - pullPolicy: IfNotPresent - registry: docker.io - repository: sebt3/code-server - tag: 4.15 + - dbgate: + enable: false + okd: + enable: false + superset: + enable: false + yaade: + enable: false properties: - codeserver: + dbgate: default: - pullPolicy: IfNotPresent - registry: docker.io - repository: sebt3/code-server - tag: 4.15 + enable: false properties: - pullPolicy: - default: IfNotPresent - enum: - - Always - - Never - - IfNotPresent - type: string - registry: - default: docker.io - type: string - repository: - default: sebt3/code-server - type: string - tag: - default: 4.15 - type: number + enable: + default: false + type: boolean + type: object + okd: + default: + enable: false + properties: + enable: + default: false + type: boolean + type: object + superset: + default: + enable: false + properties: + enable: + default: false + type: boolean + type: object + yaade: + default: + enable: false + properties: + enable: + default: false + type: boolean type: object type: object stations-sub-domain: @@ -91,6 +64,46 @@ options: examples: - code type: string + storage-classes: + default: + BlockReadWriteMany: '' + BlockReadWriteOnce: '' + FilesystemReadWriteMany: '' + FilesystemReadWriteOnce: '' + examples: + - BlockReadWriteMany: '' + BlockReadWriteOnce: '' + FilesystemReadWriteMany: '' + FilesystemReadWriteOnce: '' + properties: + BlockReadWriteMany: + default: '' + type: string + BlockReadWriteOnce: + default: '' + type: string + FilesystemReadWriteMany: + default: '' + type: string + FilesystemReadWriteOnce: + default: '' + type: string + type: object + app-group: + default: dev + examples: + - dev + type: string + domain-name: + default: your_company.com + examples: + - your_company.com + type: string + ingress-class: + default: traefik + examples: + - traefik + type: string external-pgs: default: [] examples: @@ -150,69 +163,105 @@ options: default: backup-settings type: string type: object - apps: - default: - dbgate: - enable: false - okd: - enable: false - superset: - enable: false - yaade: - enable: false + external-marias: + default: [] examples: - - dbgate: - enable: false - okd: - enable: false - superset: - enable: false - yaade: - enable: false + - [] + items: + properties: + name: + default: '' + type: string + namespace: + default: '' + type: string + secret: + properties: + key: + default: '' + type: string + name: + default: '' + type: string + type: object + username: + default: '' + type: string + type: object + type: array + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + images: + default: + codeserver: + pullPolicy: IfNotPresent + registry: docker.io + repository: sebt3/code-server + tag: 4.15 + examples: + - codeserver: + pullPolicy: IfNotPresent + registry: docker.io + repository: sebt3/code-server + tag: 4.15 properties: - dbgate: + codeserver: default: - enable: false + pullPolicy: IfNotPresent + registry: docker.io + repository: sebt3/code-server + tag: 4.15 properties: - enable: - default: false - type: boolean - type: object - okd: - default: - enable: false - properties: - enable: - default: false - type: boolean - type: object - superset: - default: - enable: false - properties: - enable: - default: false - type: boolean - type: object - yaade: - default: - enable: false - properties: - enable: - default: false - type: boolean + pullPolicy: + default: IfNotPresent + enum: + - Always + - Never + - IfNotPresent + type: string + registry: + default: docker.io + type: string + repository: + default: sebt3/code-server + type: string + tag: + default: 4.15 + type: number type: object type: object - domain-name: - default: your_company.com + external-mongos: + default: [] examples: - - your_company.com - type: string - ingress-class: - default: traefik - examples: - - traefik - type: string + - [] + items: + properties: + dbname: + default: '' + type: string + name: + default: '' + type: string + namespace: + default: '' + type: string + secret: + properties: + key: + default: '' + type: string + name: + default: '' + type: string + type: object + username: + default: '' + type: string + type: object + type: array distributions: default: core: core @@ -249,96 +298,6 @@ options: examples: - your-company type: string - external-mongos: - default: [] - examples: - - [] - items: - properties: - dbname: - default: '' - type: string - name: - default: '' - type: string - namespace: - default: '' - type: string - secret: - properties: - key: - default: '' - type: string - name: - default: '' - type: string - type: object - username: - default: '' - type: string - type: object - type: array - app-group: - default: dev - examples: - - dev - type: string - external-marias: - default: [] - examples: - - [] - items: - properties: - name: - default: '' - type: string - namespace: - default: '' - type: string - secret: - properties: - key: - default: '' - type: string - name: - default: '' - type: string - type: object - username: - default: '' - type: string - type: object - type: array - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - storage-classes: - default: - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' - examples: - - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' - properties: - BlockReadWriteMany: - default: '' - type: string - BlockReadWriteOnce: - default: '' - type: string - FilesystemReadWriteMany: - default: '' - type: string - FilesystemReadWriteOnce: - default: '' - type: string - type: object external-redis: default: [] examples: @@ -353,6 +312,47 @@ options: type: string type: object type: array + organisations: + default: [] + examples: + - [] + items: + properties: + datasets: + default: [] + items: + properties: + databases: + default: [] + items: + properties: + name: + default: db + type: string + type: object + type: array + engine: + default: pg + type: string + name: + default: '' + type: string + type: object + type: array + name: + default: '' + type: string + stages: + default: [] + items: + properties: + name: + default: prod + type: string + type: object + type: array + type: object + type: array dependencies: [] providers: kubernetes: true diff --git a/meta/domain-devspaces/organisations.tf b/meta/domain-devspaces/organisations.tf index b8244e4..36e9783 100644 --- a/meta/domain-devspaces/organisations.tf +++ b/meta/domain-devspaces/organisations.tf @@ -25,8 +25,11 @@ resource "kubectl_manifest" "organisations" { component: "organisation" options: ${jsonencode(merge( local.global, - { "stages" = []}, - { for k, v in local.sorted-organisations[count.index] : k => v if !contains(["name","organisations"], k) } + { + "stages" = [] + "datasets" = [] + }, + { for k, v in local.sorted-organisations[count.index] : k => v if !contains(["name"], k) } ))} EOF } diff --git a/share/accounts-management/groups.tf b/share/accounts-management/groups.tf index 3bc7fc7..acd6726 100644 --- a/share/accounts-management/groups.tf +++ b/share/accounts-management/groups.tf @@ -1,16 +1,16 @@ resource "authentik_group" "employes" { name = "employes" - attributes = jsonencode({for app in var.employes.apps: app => true}) + attributes = jsonencode({for app in lookup(var.employes, "apps", []): app => true}) } resource "authentik_group" "fournisseurs" { count = var.fournisseurs.enable ? 1 : 0 name = "fournisseurs" - attributes = jsonencode({for app in var.fournisseurs.apps: app => true}) + attributes = jsonencode({for app in lookup(var.fournisseurs, "apps", []): app => true}) } resource "authentik_group" "clients" { count = var.clients.enable ? 1 : 0 name = "clients" - attributes = jsonencode({for app in var.clients.apps: app => true}) + attributes = jsonencode({for app in lookup(var.clients, "apps", []): app => true}) } diff --git a/share/accounts-management/index.yaml b/share/accounts-management/index.yaml index 3380f01..22ca2bd 100644 --- a/share/accounts-management/index.yaml +++ b/share/accounts-management/index.yaml @@ -6,6 +6,18 @@ metadata: name: accounts-management description: null options: + employes: + default: + apps: [] + examples: + - apps: [] + properties: + apps: + default: [] + items: + type: string + type: array + type: object domain: default: your-company examples: @@ -13,49 +25,37 @@ options: type: string clients: default: - enable: false apps: [] + enable: false + examples: + - apps: [] + enable: false properties: - enable: - type: boolean - default: false apps: - type: array + default: [] items: type: string - default: [] - examples: - - enable: false - apps: [] + type: array + enable: + default: false + type: boolean type: object fournisseurs: default: + apps: [] enable: false - apps: [] - properties: - enable: - type: boolean - default: false - apps: - type: array - items: - type: string - default: [] - examples: - - enable: false - apps: [] - type: object - employes: - default: - apps: [] - properties: - apps: - type: array - items: - type: string - default: [] examples: - apps: [] + enable: false + properties: + apps: + default: [] + items: + type: string + type: array + enable: + default: false + type: boolean type: object dependencies: - dist: null @@ -68,4 +68,5 @@ providers: postgresql: null restapi: null http: true + gitea: null tfaddtype: true diff --git a/share/division/groups.tf b/share/division/groups.tf index 90cd487..d71c063 100644 --- a/share/division/groups.tf +++ b/share/division/groups.tf @@ -5,7 +5,9 @@ locals { sorted-teams = flatten([ for name in local.sorted-team-names: [ for team in var.teams: - team if team.name == name + merge({ + "apps" = [] + }, team) if team.name == name ] ]) } diff --git a/share/division/index.yaml b/share/division/index.yaml index 08bd3f2..adbecda 100644 --- a/share/division/index.yaml +++ b/share/division/index.yaml @@ -6,25 +6,6 @@ metadata: name: division description: null options: - teams: - default: [] - items: - properties: - apps: - default: [] - items: - type: string - type: array - name: - default: '' - type: string - type: object - type: array - domain: - default: your-company - examples: - - your-company - type: string parent: default: employes enum: @@ -39,6 +20,25 @@ options: items: type: string type: array + domain: + default: your-company + examples: + - your-company + type: string + teams: + default: [] + items: + properties: + apps: + default: [] + items: + type: string + type: array + name: + default: '' + type: string + type: object + type: array dependencies: - dist: null category: share @@ -50,4 +50,5 @@ providers: postgresql: null restapi: null http: true + gitea: null tfaddtype: true