diff --git a/README.md b/README.md index e12f04c..f68e6d9 100644 --- a/README.md +++ b/README.md @@ -2,11 +2,16 @@ A repository that includes YAML manifests. Manifests can define GCP resources in `config connector` format or the Kubernetes components and resources. Refer to this repo for additionnal information. TODO: add link +- The `/*/configcontroller` folder is where GCP resources are defined using their `config connector` schema. +- The `/*/kubernetes//**/` folder is where resources that have to be provisionned in a kubernetes `namespace` are defined. The `x-fleet-id` is the GCP project-id where the kubernetes clusters are deployed with character "x" as the environment code because this folder will contain the configuration for all environments. + + The GKE clusters are joined to an [Anthos Fleet](https://cloud.google.com/anthos/fleet-management/docs). This enables Anthos policy controller, Anthos config management and Anthos service mesh(future). + ## csync The `/csync` contains the configuration for what the ConfigSync operator should be observing. For example, It is within this configuration that you specify the `repo url`, the `folder`, the `branch` and the `tag`. -Contributing: +### Contributing - Any modification should be implemented within the `source-customization` folder. @@ -14,20 +19,16 @@ Contributing: The `/tier1` folder is where the core landing zone resources that enables the underneath structure to work. -Contributing: +### Contributing - Any modification should be implemented within the `source-customization` folder. -## Permissions +### Permissions A pull request affecting `/*` will include the Security Admin and Platform admin as required reviewers. -## Tags - -Tags are generated only when changes are affecting the `/tier1` folder. This functionality is possible because of the `version-tagging` pipeline. - -The tags will be created by that pipeline job after commits are merge to the `main` branch. +## Branch Protection -### **IMPORTANT** +The main branch of this repository is protected meaning that pushing a new commit to it will be denied. To implement changes, A Pull Request has to be completed. -We recommend using those tags in the `setters-version.yaml` under the `/csync/source-customization` folder to define what has to be observed by the configsync operator. +Every other branches configured to be observed by ConfigSync will also have a branch protection rule defined. diff --git a/bootstrap/.gitkeep b/bootstrap/dev/.gitkeep similarity index 100% rename from bootstrap/.gitkeep rename to bootstrap/dev/.gitkeep diff --git a/csync/deploy/.gitkeep b/bootstrap/preprod/.gitkeep similarity index 100% rename from csync/deploy/.gitkeep rename to bootstrap/preprod/.gitkeep diff --git a/csync/deploy/dev/.gitkeep b/bootstrap/prod/.gitkeep similarity index 100% rename from csync/deploy/dev/.gitkeep rename to bootstrap/prod/.gitkeep diff --git a/csync/tier1/configcontroller/csync-tier1-ctlr.md b/csync/tier1/configcontroller/csync-tier1-ctlr.md new file mode 100644 index 0000000..fee7359 --- /dev/null +++ b/csync/tier1/configcontroller/csync-tier1-ctlr.md @@ -0,0 +1,3 @@ +# Bookmark + +A simple bookmark to help you identify the parent folders diff --git a/csync/deploy/experimentation/.gitkeep b/csync/tier1/configcontroller/deploy/.gitkeep similarity index 100% rename from csync/deploy/experimentation/.gitkeep rename to csync/tier1/configcontroller/deploy/.gitkeep diff --git a/csync/deploy/preprod/.gitkeep b/csync/tier1/configcontroller/deploy/dev/.gitkeep similarity index 100% rename from csync/deploy/preprod/.gitkeep rename to csync/tier1/configcontroller/deploy/dev/.gitkeep diff --git a/csync/deploy/prod/.gitkeep b/csync/tier1/configcontroller/deploy/experimentation/.gitkeep similarity index 100% rename from csync/deploy/prod/.gitkeep rename to csync/tier1/configcontroller/deploy/experimentation/.gitkeep diff --git a/csync/source-base/.gitkeep b/csync/tier1/configcontroller/deploy/preprod/.gitkeep similarity index 100% rename from csync/source-base/.gitkeep rename to csync/tier1/configcontroller/deploy/preprod/.gitkeep diff --git a/csync/source-customization/dev/.gitkeep b/csync/tier1/configcontroller/deploy/prod/.gitkeep similarity index 100% rename from csync/source-customization/dev/.gitkeep rename to csync/tier1/configcontroller/deploy/prod/.gitkeep diff --git a/csync/source-customization/experimentation/.gitkeep b/csync/tier1/configcontroller/source-base/.gitkeep similarity index 100% rename from csync/source-customization/experimentation/.gitkeep rename to csync/tier1/configcontroller/source-base/.gitkeep diff --git a/csync/source-base/root-sync-git/Kptfile b/csync/tier1/configcontroller/source-base/root-sync-git/Kptfile similarity index 87% rename from csync/source-base/root-sync-git/Kptfile rename to csync/tier1/configcontroller/source-base/root-sync-git/Kptfile index 043af62..2aabca8 100644 --- a/csync/source-base/root-sync-git/Kptfile +++ b/csync/tier1/configcontroller/source-base/root-sync-git/Kptfile @@ -7,7 +7,7 @@ metadata: info: description: | Landing Zone v2 package - A package to setup a git repository root sync + A package to setup a t1 git repository root sync pipeline: mutators: - image: gcr.io/kpt-fn/apply-setters:v0.2 diff --git a/csync/source-base/root-sync-git/README.md b/csync/tier1/configcontroller/source-base/root-sync-git/README.md similarity index 100% rename from csync/source-base/root-sync-git/README.md rename to csync/tier1/configcontroller/source-base/root-sync-git/README.md diff --git a/csync/source-base/root-sync-git/root-sync-git.yaml b/csync/tier1/configcontroller/source-base/root-sync-git/root-sync-git.yaml similarity index 79% rename from csync/source-base/root-sync-git/root-sync-git.yaml rename to csync/tier1/configcontroller/source-base/root-sync-git/root-sync-git.yaml index 8a8d3e3..4ae11da 100644 --- a/csync/source-base/root-sync-git/root-sync-git.yaml +++ b/csync/tier1/configcontroller/source-base/root-sync-git/root-sync-git.yaml @@ -2,14 +2,14 @@ apiVersion: configsync.gke.io/v1beta1 kind: RootSync metadata: - name: id-folder # kpt-set: ${id}-${folder} + name: id-t1 # kpt-set: ${id}-t1 namespace: config-management-system spec: sourceFormat: unstructured git: repo: https://AZDO-ORG@dev.azure.com/AZDO-ORG/AZDO-PROJECT/_git/REPO-NAME # kpt-set: ${repo-url} branch: main # kpt-set: ${repo-branch} - dir: deploy/env # kpt-set: ${repo-dir} + dir: tier1/configcontroller/deploy/ # kpt-set: ${repo-dir} revision: HEAD # kpt-set: ${version} auth: token secretRef: diff --git a/csync/source-base/root-sync-git/setters-version.yaml b/csync/tier1/configcontroller/source-base/root-sync-git/setters-version.yaml similarity index 100% rename from csync/source-base/root-sync-git/setters-version.yaml rename to csync/tier1/configcontroller/source-base/root-sync-git/setters-version.yaml diff --git a/csync/source-base/root-sync-git/setters.yaml b/csync/tier1/configcontroller/source-base/root-sync-git/setters.yaml similarity index 54% rename from csync/source-base/root-sync-git/setters.yaml rename to csync/tier1/configcontroller/source-base/root-sync-git/setters.yaml index 4d6652d..5258017 100644 --- a/csync/source-base/root-sync-git/setters.yaml +++ b/csync/tier1/configcontroller/source-base/root-sync-git/setters.yaml @@ -6,17 +6,11 @@ metadata: config.kubernetes.io/local-config: 'true' data: # Used for naming of the root-sync - ## id : - ### tier1: 'experimentation' or 'env' - ### tier2: [client-name] - ### tier34: [project-id] (we replace environment code with “x”) - id: id1 - ## Folder: 'csync' or 'tier1' or 'tier2' - ## 'tier3' or 'tier4' are used only with RepoSync - folder: tier1 + ## id is 'experimentation' or 'env' + id: id # Git repo values repo-url: https://AZDO-ORG@dev.azure.com/AZDO-ORG/AZDO-PROJECT/_git/REPO-NAME # repo-url: https://github.com/GITHUB-ORG/REPO-NAME # Alternate, GitHub repo-branch: main - repo-dir: tier1/deploy/env + repo-dir: tier1/configcontroller/deploy/ diff --git a/csync/source-customization/preprod/.gitkeep b/csync/tier1/configcontroller/source-customization/dev/.gitkeep similarity index 100% rename from csync/source-customization/preprod/.gitkeep rename to csync/tier1/configcontroller/source-customization/dev/.gitkeep diff --git a/csync/source-customization/dev/root-sync-git/setters-version.yaml b/csync/tier1/configcontroller/source-customization/dev/root-sync-git/setters-version.yaml similarity index 100% rename from csync/source-customization/dev/root-sync-git/setters-version.yaml rename to csync/tier1/configcontroller/source-customization/dev/root-sync-git/setters-version.yaml diff --git a/csync/source-customization/dev/root-sync-git/setters.yaml b/csync/tier1/configcontroller/source-customization/dev/root-sync-git/setters.yaml similarity index 56% rename from csync/source-customization/dev/root-sync-git/setters.yaml rename to csync/tier1/configcontroller/source-customization/dev/root-sync-git/setters.yaml index caf3f6c..d554f8e 100644 --- a/csync/source-customization/dev/root-sync-git/setters.yaml +++ b/csync/tier1/configcontroller/source-customization/dev/root-sync-git/setters.yaml @@ -6,17 +6,11 @@ metadata: config.kubernetes.io/local-config: 'true' data: # Used for naming of the root-sync - ## id : - ### tier1: 'experimentation' or 'env' - ### tier2: [client-name] - ### tier34: [project-id] (we replace environment code with “x”) + ## id is 'experimentation' or 'env' id: env - ## Folder: 'csync' or 'tier1' or 'tier2' - ## 'tier3' or 'tier4' are used only with RepoSync - folder: tier1 # Git repo values repo-url: https://AZDO-ORG@dev.azure.com/AZDO-ORG/AZDO-PROJECT/_git/REPO-NAME # repo-url: https://github.com/GITHUB-ORG/REPO-NAME # Alternate, GitHub repo-branch: main - repo-dir: tier1/deploy/dev + repo-dir: tier1/configcontroller/deploy/dev diff --git a/csync/source-customization/prod/.gitkeep b/csync/tier1/configcontroller/source-customization/experimentation/.gitkeep similarity index 100% rename from csync/source-customization/prod/.gitkeep rename to csync/tier1/configcontroller/source-customization/experimentation/.gitkeep diff --git a/csync/source-customization/experimentation/root-sync-git/setters-version.yaml b/csync/tier1/configcontroller/source-customization/experimentation/root-sync-git/setters-version.yaml similarity index 100% rename from csync/source-customization/experimentation/root-sync-git/setters-version.yaml rename to csync/tier1/configcontroller/source-customization/experimentation/root-sync-git/setters-version.yaml diff --git a/csync/source-customization/experimentation/root-sync-git/setters.yaml b/csync/tier1/configcontroller/source-customization/experimentation/root-sync-git/setters.yaml similarity index 56% rename from csync/source-customization/experimentation/root-sync-git/setters.yaml rename to csync/tier1/configcontroller/source-customization/experimentation/root-sync-git/setters.yaml index 73ed585..8a4b7f4 100644 --- a/csync/source-customization/experimentation/root-sync-git/setters.yaml +++ b/csync/tier1/configcontroller/source-customization/experimentation/root-sync-git/setters.yaml @@ -6,17 +6,11 @@ metadata: config.kubernetes.io/local-config: 'true' data: # Used for naming of the root-sync - ## id : - ### tier1: 'experimentation' or 'env' - ### tier2: [client-name] - ### tier34: [project-id] (we replace environment code with “x”) + ## id is 'experimentation' or 'env' id: experimentation - ## Folder: 'csync' or 'tier1' or 'tier2' - ## 'tier3' or 'tier4' are used only with RepoSync - folder: tier1 # Git repo values repo-url: https://AZDO-ORG@dev.azure.com/AZDO-ORG/AZDO-PROJECT/_git/REPO-NAME # repo-url: https://github.com/GITHUB-ORG/REPO-NAME # Alternate, GitHub repo-branch: main - repo-dir: tier1/deploy/experimentation + repo-dir: tier1/configcontroller/deploy/experimentation diff --git a/tier1/deploy/.gitkeep b/csync/tier1/configcontroller/source-customization/preprod/.gitkeep similarity index 100% rename from tier1/deploy/.gitkeep rename to csync/tier1/configcontroller/source-customization/preprod/.gitkeep diff --git a/csync/source-customization/preprod/root-sync-git/setters-version.yaml b/csync/tier1/configcontroller/source-customization/preprod/root-sync-git/setters-version.yaml similarity index 100% rename from csync/source-customization/preprod/root-sync-git/setters-version.yaml rename to csync/tier1/configcontroller/source-customization/preprod/root-sync-git/setters-version.yaml diff --git a/csync/source-customization/prod/root-sync-git/setters.yaml b/csync/tier1/configcontroller/source-customization/preprod/root-sync-git/setters.yaml similarity index 56% rename from csync/source-customization/prod/root-sync-git/setters.yaml rename to csync/tier1/configcontroller/source-customization/preprod/root-sync-git/setters.yaml index ec3a169..23397fb 100644 --- a/csync/source-customization/prod/root-sync-git/setters.yaml +++ b/csync/tier1/configcontroller/source-customization/preprod/root-sync-git/setters.yaml @@ -6,17 +6,11 @@ metadata: config.kubernetes.io/local-config: 'true' data: # Used for naming of the root-sync - ## id : - ### tier1: 'experimentation' or 'env' - ### tier2: [client-name] - ### tier34: [project-id] (we replace environment code with “x”) + ## id is 'experimentation' or 'env' id: env - ## Folder: 'csync' or 'tier1' or 'tier2' - ## 'tier3' or 'tier4' are used only with RepoSync - folder: tier1 # Git repo values repo-url: https://AZDO-ORG@dev.azure.com/AZDO-ORG/AZDO-PROJECT/_git/REPO-NAME # repo-url: https://github.com/GITHUB-ORG/REPO-NAME # Alternate, GitHub repo-branch: main - repo-dir: tier1/deploy/prod + repo-dir: tier1/configcontroller/deploy/preprod diff --git a/tier1/deploy/dev/.gitkeep b/csync/tier1/configcontroller/source-customization/prod/.gitkeep similarity index 100% rename from tier1/deploy/dev/.gitkeep rename to csync/tier1/configcontroller/source-customization/prod/.gitkeep diff --git a/csync/source-customization/prod/root-sync-git/setters-version.yaml b/csync/tier1/configcontroller/source-customization/prod/root-sync-git/setters-version.yaml similarity index 100% rename from csync/source-customization/prod/root-sync-git/setters-version.yaml rename to csync/tier1/configcontroller/source-customization/prod/root-sync-git/setters-version.yaml diff --git a/csync/source-customization/preprod/root-sync-git/setters.yaml b/csync/tier1/configcontroller/source-customization/prod/root-sync-git/setters.yaml similarity index 55% rename from csync/source-customization/preprod/root-sync-git/setters.yaml rename to csync/tier1/configcontroller/source-customization/prod/root-sync-git/setters.yaml index d247062..32eaceb 100644 --- a/csync/source-customization/preprod/root-sync-git/setters.yaml +++ b/csync/tier1/configcontroller/source-customization/prod/root-sync-git/setters.yaml @@ -6,17 +6,11 @@ metadata: config.kubernetes.io/local-config: 'true' data: # Used for naming of the root-sync - ## id : - ### tier1: 'experimentation' or 'env' - ### tier2: [client-name] - ### tier34: [project-id] (we replace environment code with “x”) + ## id is 'experimentation' or 'env' id: env - ## Folder: 'csync' or 'tier1' or 'tier2' - ## 'tier3' or 'tier4' are used only with RepoSync - folder: tier1 # Git repo values repo-url: https://AZDO-ORG@dev.azure.com/AZDO-ORG/AZDO-PROJECT/_git/REPO-NAME # repo-url: https://github.com/GITHUB-ORG/REPO-NAME # Alternate, GitHub repo-branch: main - repo-dir: tier1/deploy/preprod + repo-dir: tier1/configcontroller/deploy/prod diff --git a/tier1/deploy/experimentation/.gitkeep b/csync/tier1/kubernetes/.gitkeep similarity index 100% rename from tier1/deploy/experimentation/.gitkeep rename to csync/tier1/kubernetes/.gitkeep diff --git a/tier1/deploy/preprod/.gitkeep b/tier1/configcontroller/deploy/.gitkeep similarity index 100% rename from tier1/deploy/preprod/.gitkeep rename to tier1/configcontroller/deploy/.gitkeep diff --git a/tier1/deploy/prod/.gitkeep b/tier1/configcontroller/deploy/dev/.gitkeep similarity index 100% rename from tier1/deploy/prod/.gitkeep rename to tier1/configcontroller/deploy/dev/.gitkeep diff --git a/tier1/source-base/.gitkeep b/tier1/configcontroller/deploy/experimentation/.gitkeep similarity index 100% rename from tier1/source-base/.gitkeep rename to tier1/configcontroller/deploy/experimentation/.gitkeep diff --git a/tier1/source-customization/dev/.gitkeep b/tier1/configcontroller/deploy/preprod/.gitkeep similarity index 100% rename from tier1/source-customization/dev/.gitkeep rename to tier1/configcontroller/deploy/preprod/.gitkeep diff --git a/tier1/source-customization/experimentation/.gitkeep b/tier1/configcontroller/deploy/prod/.gitkeep similarity index 100% rename from tier1/source-customization/experimentation/.gitkeep rename to tier1/configcontroller/deploy/prod/.gitkeep diff --git a/tier1/source-customization/preprod/.gitkeep b/tier1/configcontroller/source-base/.gitkeep similarity index 100% rename from tier1/source-customization/preprod/.gitkeep rename to tier1/configcontroller/source-base/.gitkeep diff --git a/tier1/source-customization/prod/.gitkeep b/tier1/configcontroller/source-customization/dev/.gitkeep similarity index 100% rename from tier1/source-customization/prod/.gitkeep rename to tier1/configcontroller/source-customization/dev/.gitkeep diff --git a/tier1/configcontroller/source-customization/experimentation/.gitkeep b/tier1/configcontroller/source-customization/experimentation/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/tier1/configcontroller/source-customization/preprod/.gitkeep b/tier1/configcontroller/source-customization/preprod/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/tier1/configcontroller/source-customization/prod/.gitkeep b/tier1/configcontroller/source-customization/prod/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/tier1/configcontroller/tier1-ctlr.md b/tier1/configcontroller/tier1-ctlr.md new file mode 100644 index 0000000..fee7359 --- /dev/null +++ b/tier1/configcontroller/tier1-ctlr.md @@ -0,0 +1,3 @@ +# Bookmark + +A simple bookmark to help you identify the parent folders diff --git a/tier1/kubernetes/.gitkeep b/tier1/kubernetes/.gitkeep new file mode 100644 index 0000000..e69de29