diff --git a/examples/eks/v1beta1/cluster.yaml b/examples/eks/v1beta1/cluster.yaml index 06a3994e46..0a43585ffa 100644 --- a/examples/eks/v1beta1/cluster.yaml +++ b/examples/eks/v1beta1/cluster.yaml @@ -23,24 +23,6 @@ spec: --- -apiVersion: eks.aws.upbound.io/v1beta1 -kind: ClusterAuth -metadata: - name: auth - annotations: - meta.upbound.io/example-id: eks/v1beta1/cluster -spec: - forProvider: - region: us-west-1 - clusterNameSelector: - matchLabels: - testing.upbound.io/example-name: example - writeConnectionSecretToRef: - name: cluster-conn - namespace: upbound-system - ---- - apiVersion: iam.aws.upbound.io/v1beta1 kind: Role metadata: diff --git a/examples/eks/v1beta1/clusterauth.yaml b/examples/eks/v1beta1/clusterauth.yaml new file mode 100644 index 0000000000..c2b6c782c5 --- /dev/null +++ b/examples/eks/v1beta1/clusterauth.yaml @@ -0,0 +1,210 @@ +# SPDX-FileCopyrightText: 2024 The Crossplane Authors +# +# SPDX-License-Identifier: CC0-1.0 + + +apiVersion: eks.aws.upbound.io/v1beta1 +kind: ClusterAuth +metadata: + name: auth + annotations: + meta.upbound.io/example-id: eks/v1beta1/cluster + uptest.upbound.io/post-assert-hook: testhooks/check-clusterauth.sh +spec: + forProvider: + region: us-west-1 + clusterNameSelector: + matchLabels: + testing.upbound.io/example-name: example-clusterauth + writeConnectionSecretToRef: + name: sample-eks-cluster-conn + namespace: upbound-system + +--- + +apiVersion: eks.aws.upbound.io/v1beta1 +kind: Cluster +metadata: + annotations: + meta.upbound.io/example-id: eks/v1beta1/cluster + uptest.upbound.io/timeout: "2400" + name: sample-eks-cluster + labels: + testing.upbound.io/example-name: example-clusterauth +spec: + forProvider: + region: us-west-1 + roleArnRef: + name: sample-eks-cluster + vpcConfig: + - subnetIdRefs: + - name: sample-subnet1 + - name: sample-subnet2 + +--- + +apiVersion: iam.aws.upbound.io/v1beta1 +kind: Role +metadata: + name: sample-eks-cluster + annotations: + meta.upbound.io/example-id: eks/v1beta1/cluster +spec: + forProvider: + assumeRolePolicy: | + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "Service": "eks.amazonaws.com" + }, + "Action": "sts:AssumeRole" + } + ] + } + +--- + +apiVersion: iam.aws.upbound.io/v1beta1 +kind: RolePolicyAttachment +metadata: + name: sample-cluster-policy + annotations: + meta.upbound.io/example-id: eks/v1beta1/cluster +spec: + forProvider: + policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy + roleRef: + name: sample-eks-cluster + +--- + +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: Subnet +metadata: + name: sample-subnet1 + annotations: + meta.upbound.io/example-id: eks/v1beta1/cluster +spec: + forProvider: + region: us-west-1 + mapPublicIpOnLaunch: true + availabilityZone: us-west-1b + vpcIdRef: + name: sample-vpc + cidrBlock: 172.16.10.0/24 + +--- + +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: Subnet +metadata: + name: sample-subnet2 + annotations: + meta.upbound.io/example-id: eks/v1beta1/cluster +spec: + forProvider: + region: us-west-1 + mapPublicIpOnLaunch: true + availabilityZone: us-west-1a + vpcIdRef: + name: sample-vpc + cidrBlock: 172.16.11.0/24 + +--- + +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: Subnet +metadata: + name: private-subnet + annotations: + meta.upbound.io/example-id: eks/v1beta1/cluster +spec: + forProvider: + region: us-west-1 + availabilityZone: us-west-1b + vpcIdRef: + name: sample-vpc + cidrBlock: 172.16.12.0/24 + +--- + +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: RouteTable +metadata: + name: example + annotations: + meta.upbound.io/example-id: eks/v1beta1/cluster +spec: + forProvider: + region: us-west-1 + tags: + Name: example + vpcIdRef: + name: sample-vpc + +--- + +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: RouteTableAssociation +metadata: + name: example + annotations: + meta.upbound.io/example-id: eks/v1beta1/cluster +spec: + forProvider: + region: us-west-1 + routeTableIdRef: + name: example + subnetIdRef: + name: private-subnet + +--- + +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: VPC +metadata: + name: sample-vpc + annotations: + meta.upbound.io/example-id: eks/v1beta1/cluster +spec: + forProvider: + enableDnsHostnames: true + region: us-west-1 + cidrBlock: 172.16.0.0/16 + tags: + Name: DemoVpc + +--- + +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: InternetGateway +metadata: + name: example + annotations: + meta.upbound.io/example-id: eks/v1beta1/cluster +spec: + forProvider: + region: us-west-1 + vpcIdRef: + name: sample-vpc + +--- + +apiVersion: ec2.aws.upbound.io/v1beta1 +kind: DefaultRouteTable +metadata: + name: example + annotations: + meta.upbound.io/example-id: eks/v1beta1/cluster +spec: + forProvider: + defaultRouteTableIdRef: + name: sample-vpc + region: us-west-1 + route: + - gatewayIdRef: + name: example + cidrBlock: 0.0.0.0/0 diff --git a/examples/eks/v1beta1/testhooks/check-clusterauth.sh b/examples/eks/v1beta1/testhooks/check-clusterauth.sh new file mode 100644 index 0000000000..65f803e8b9 --- /dev/null +++ b/examples/eks/v1beta1/testhooks/check-clusterauth.sh @@ -0,0 +1,18 @@ +#!/usr/bin/env bash +set -aeuo pipefail + +# SPDX-FileCopyrightText: 2024 The Crossplane Authors +# +# SPDX-License-Identifier: CC0-1.0 + +echo "obtain kubeconfig from ClusterAuth connection secret" +${KUBECTL} -n upbound-system get secret sample-eks-cluster-conn -o go-template='{{ .data.kubeconfig | base64decode }}' > sampleclusterkube +echo "checking kubectl version" +${KUBECTL} --kubeconfig ./sampleclusterkube version +echo "checking cluster-info" +${KUBECTL} --kubeconfig ./sampleclusterkube cluster-info +echo "listing nodes" +${KUBECTL} --kubeconfig ./sampleclusterkube get nodes +echo "listing pods" +${KUBECTL} --kubeconfig ./sampleclusterkube get pods +