fix

2023-10-01 09:45:28 +02:00
parent a374fe5e66
commit f15202de63
13 changed files with 785 additions and 57 deletions
--- a/share/division/datas.tf
+++ b/share/division/datas.tf
@@ -0,0 +1,22 @@
+locals {
+  common-labels = {
+    "vynil.solidite.fr/owner-name" = var.instance
+    "vynil.solidite.fr/owner-namespace" = var.namespace
+    "vynil.solidite.fr/owner-category" = var.category
+    "vynil.solidite.fr/owner-component" = var.component
+    "app.kubernetes.io/managed-by" = "vynil"
+    "app.kubernetes.io/name" = var.component
+    "app.kubernetes.io/instance" = var.instance
+  }
+}
+
+data "kubernetes_secret_v1" "authentik" {
+  metadata {
+    name      = "authentik"
+    namespace = var.namespace
+  }
+}
+
+data "kustomization_overlay" "data" {
+  resources = []
+}
--- a/share/division/groups.tf
+++ b/share/division/groups.tf
@@ -0,0 +1,24 @@
+locals {
+  sorted-team-names = reverse(distinct(sort([
+    for team in var.teams: team.name
+  ])))
+  sorted-teams = flatten([
+    for name in local.sorted-team-names: [
+      for team in var.teams:
+        team if team.name == name
+    ]
+  ])
+}
+
+resource "authentik_group" "division" {
+  name         = "div-${var.instance}"
+  parent       = var.parent
+  attributes   = jsonencode(merge([for app in var.apps: {"${app}" = true}]))
+}
+
+resource "authentik_group" "teams" {
+  count        = length(local.sorted-teams)
+  name         = "team-${var.instance}-${local.sorted-teams[count.index].name}"
+  parent       = "div-${var.instance}"
+  attributes   = jsonencode(merge([for app in local.sorted-teams[count.index].apps: {"${app}" = true}]))
+}
--- a/share/division/index.yaml
+++ b/share/division/index.yaml
@@ -0,0 +1,53 @@
+---
+apiVersion: vinyl.solidite.fr/v1beta1
+kind: Component
+category: share
+metadata:
+  name: division
+  description: null
+options:
+  parent:
+    default: employes
+    enum:
+    - employes
+    - clients
+    - fournisseurs
+    examples:
+    - employes
+    type: string
+  teams:
+    default: []
+    items:
+      properties:
+        apps:
+          default: []
+          items:
+            type: string
+          type: array
+        name:
+          default: ''
+          type: string
+      type: object
+    type: array
+  domain:
+    default: your-company
+    examples:
+    - your-company
+    type: string
+  apps:
+    default: []
+    items:
+      type: string
+    type: array
+dependencies:
+- dist: null
+  category: share
+  component: accounts-management
+providers:
+  kubernetes: true
+  authentik: true
+  kubectl: true
+  postgresql: null
+  restapi: null
+  http: true
+tfaddtype: null