set PR automatin for EKS cluster w/ external credentials

pluralsh · Dec 16, 2024 · 2d4e393 · 2d4e393
1 parent ea9292d
commit 2d4e393
Show file tree

Hide file tree

Showing 3 changed files with 59 additions and 54 deletions.
diff --git a/catalogs/infra/cluster/stack.yaml → catalogs/infra/cluster/aws/stack.yaml b/catalogs/infra/cluster/stack.yaml → catalogs/infra/cluster/aws/stack.yaml
@@ -2,6 +2,7 @@ apiVersion: deployments.plural.sh/v1alpha1
 kind: InfrastructureStack
 metadata:
   name: cluster-{{ context.name }}
+  namespace: infra
 spec:
   name: cluster-{{ context.name }}
   detach: false
@@ -19,7 +20,7 @@ spec:
     namespace: infra
   git:
     ref: main
-    folder: terraform/modules/clusters/{{ context.cloud }}
+    folder: terraform/modules/clusters/aws
   environment:
   - name: TF_VAR_cluster
     value: {{ context.name }}
@@ -29,3 +30,11 @@ spec:
     value: {{ context.tier }}
   - name: TF_VAR_region
     value: {{ context.region }}
+  - name: AWS_ACCESS_KEY_ID
+    secretKeyRef:
+      name: {{ context.credentialSecret }}
+      key: AWS_ACCESS_KEY_ID
+  - name: AWS_SECRET_ACCESS_KEY
+    secretKeyRef:
+      name: {{ context.credentialSecret }}
+      key: AWS_SECRET_ACCESS_KEY
diff --git a/setup/catalogs/infra/cluster-eks.yaml b/setup/catalogs/infra/cluster-eks.yaml
@@ -0,0 +1,49 @@
+apiVersion: deployments.plural.sh/v1alpha1
+kind: PrAutomation
+metadata:
+  name: cluster-eks
+spec:
+  name: cluster-eks
+  documentation: |
+    Sets up a PR to provision EKS cluster for a fleet + stage
+  creates:
+    git:
+      ref: sebastian/prod-2981-set-up-catalog-pipeline # TODO set to main
+      folder: catalogs/infra/cluster
+    templates:
+      - source: aws/stack.yaml
+        destination: "services/infra/clusters/aws/stacks/{{ context.name }}.yaml"
+        external: true
+      - source: cluster.yaml
+        destination: "services/infra/clusters/aws/{{ context.name }}.yaml"
+        external: true
+      - source: servicedeployment.yaml
+        destination: "bootstrap/infra/clusters/servicedeployment.yaml"
+        external: true
+  repositoryRef:
+    name: scaffolds
+  catalogRef:
+    name: infra
+  scmConnectionRef:
+    name: plural  # you'll need to add this ScmConnection manually before this is functional
+  title: "Adding EKS cluster: {{ context.name }}"
+  message: "Adding EKS cluster {{ context.name }} and registering it with Plural"
+  configuration:
+    - name: name
+      type: STRING
+      documentation: Name of the cluster.
+    - name: fleet
+      type: STRING
+      documentation: Name for the fleet you want this cluster to belong to.
+    - name: tier
+      type: ENUM
+      documentation: What tier to place this cluster in.
+      values:
+        - dev
+        - prd
+    - name: region
+      type: STRING
+      documentation: Region where the cluster should be created.
+    - name: credentialSecret
+      type: STRING
+      documentation: Name of the Kubernetes secret on the mgmt cluster in the infra namespace with the credentials that can be used to access the AWS cloud. It should contain 'AWS_ACCESS_KEY_ID' and 'AWS_SECRET_ACCESS_KEY' keys.
diff --git a/setup/catalogs/infra/cluster.yaml b/setup/catalogs/infra/cluster.yaml