upbound · haarchri · Sep 15, 2023 · Sep 14, 2023 · Sep 15, 2023 · Sep 15, 2023
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -73,4 +73,5 @@ jobs:
           password: ${{ secrets.XPKG_TOKEN }}
 
       - name: Publish Artifacts
+        if: env.XPKG_ACCESS_ID != ''
         run: make -j2 publish BRANCH_NAME=${GITHUB_REF##*/}
diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml
@@ -4,21 +4,26 @@ on:
   issue_comment:
     types: [created]
 
+env:
+  trigger-keyword: '/test-examples'
+  go-version: '1.19'
+  package-type: configuration
+
 jobs:
   debug:
     runs-on: [e2-standard-8, linux]
     steps:
       - name: Debug
         run: |
-          echo "Trigger keyword: ${{ inputs.trigger-keyword }}"
-          echo "Go version: ${{ inputs.go-version }}"
+          echo "Trigger keyword: ${{ env.trigger-keyword }}"
+          echo "Go version: ${{ env.go-version }}"
           echo "github.event.comment.author_association: ${{ github.event.comment.author_association }}"
           echo "github.event.comment.body: ${{ github.event.comment.body }}"
 
   get-example-list:
     if: ${{ (github.event.comment.author_association == 'OWNER' || github.event.comment.author_association == 'MEMBER' || github.event.comment.author_association == 'COLLABORATOR' || github.event.comment.author_association == 'CONTRIBUTOR' ) &&
             github.event.issue.pull_request &&
-            contains(github.event.comment.body, inputs.trigger-keyword ) }}
+            contains(github.event.comment.body, env.trigger-keyword ) }}
     runs-on: [e2-standard-8, linux]
     outputs:
       example_list: ${{ steps.get-example-list-name.outputs.example-list }}
@@ -45,7 +50,7 @@ jobs:
           COMMENT: ${{ github.event.comment.body }}
         id: get-example-list-name
         run: |
-          PATHS=$(echo $COMMENT | sed 's/^.*\${{ inputs.trigger-keyword }}="//g' | cut -d '"' -f 1 | sed 's/,/ /g')
+          PATHS=$(echo $COMMENT | sed 's/^.*\${{ env.trigger-keyword }}="//g' | cut -d '"' -f 1 | sed 's/,/ /g')
           EXAMPLE_LIST=""
           for P in $PATHS; do EXAMPLE_LIST="${EXAMPLE_LIST},$(find $P -name '*.yaml' | tr '\n' ',')"; done
 
@@ -75,7 +80,7 @@ jobs:
   uptest:
     if: ${{ (github.event.comment.author_association == 'OWNER' || github.event.comment.author_association == 'MEMBER' || github.event.comment.author_association == 'COLLABORATOR' || github.event.comment.author_association == 'CONTRIBUTOR' ) &&
       github.event.issue.pull_request &&
-      contains(github.event.comment.body, inputs.trigger-keyword ) }}
+      contains(github.event.comment.body, env.trigger-keyword ) }}
     runs-on: [e2-standard-8, linux]
     needs: get-example-list
 
@@ -93,7 +98,7 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3
         with:
-          go-version: ${{ inputs.go-version }}
+          go-version: ${{ env.go-version }}
 
       - name: Checkout PR
         id: checkout-pr
@@ -106,28 +111,28 @@ jobs:
           echo "commit-sha=$OUTPUT" >> $GITHUB_OUTPUT
 
       - name: Find the Go Build Cache
-        if: ${{ inputs.package-type  == 'provider' }}
+        if: ${{ env.package-type  == 'provider' }}
         id: go
         run: echo "cache=$(make go.cachedir)" >> $GITHUB_OUTPUT
 
       - name: Cache the Go Build Cache
-        if: ${{ inputs.package-type  == 'provider' }}
+        if: ${{ env.package-type  == 'provider' }}
         uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
         with:
           path: ${{ steps.go.outputs.cache }}
           key: ${{ runner.os }}-build-uptest-${{ hashFiles('**/go.sum') }}
           restore-keys: ${{ runner.os }}-build-uptest-
 
       - name: Cache Go Dependencies
-        if: ${{ inputs.package-type  == 'provider' }}
+        if: ${{ env.package-type  == 'provider' }}
         uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
         with:
           path: .work/pkg
           key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }}
           restore-keys: ${{ runner.os }}-pkg-
 
       - name: Vendor Dependencies
-        if: ${{ inputs.package-type  == 'provider' }}
+        if: ${{ env.package-type  == 'provider' }}
         run: make vendor vendor.check
 
       - name: Run Uptest

diff --git a/.up/examples/aws/gitops-master-cluster.yaml b/.up/examples/aws/gitops-master-cluster.yaml
@@ -11,7 +11,7 @@ spec:
     version: "1.27"
     nodes:
       count: 3
-      size: small
+      instanceType: t3.small
     serviceSelector: gitops-master
     gitops:
       url: https://github.com/upbound/caas-cluster-configuration

diff --git a/.up/examples/aws/irsa.yaml b/.up/examples/aws/irsa.yaml
@@ -0,0 +1,26 @@
+apiVersion: aws.caas.upbound.io/v1alpha1
+kind: XIRSA
+metadata:
+  name: aws-spoke-01-kustomize-controller
+spec:
+  parameters:
+    deletionPolicy: Delete
+    id: aws-spoke-01
+    condition: StringEquals
+    policyDocument: |
+      {
+          "Version": "2012-10-17",
+          "Statement": [
+              {
+                  "Action": [
+                      "kms:Decrypt",
+                      "kms:DescribeKey"
+                  ],
+                  "Effect": "Allow",
+                  "Resource": "*"
+              }
+          ]
+      }
+    serviceAccount:
+      name: kustomize-controller
+      namespace: flux-system
diff --git a/.up/examples/aws/spoke-cluster.yaml b/.up/examples/aws/spoke-cluster.yaml
@@ -10,8 +10,12 @@ spec:
     id: aws-spoke-01
     region: eu-central-1
     version: "1.27"
+    iam:
+      roleArn: arn:aws:iam::609897127049:role/AWSReservedSSO_AdministratorAccess_d703c73ed340fde7
     nodes:
       count: 3
-      size: small
+      instanceType: t3.small
+    gitops:
+      url: https://github.com/upbound/caas-cluster-configuration
   writeConnectionSecretToRef:
     name: aws-spoke-01-kubeconfig
diff --git a/.up/examples/azure/gitops-master-cluster.yaml b/.up/examples/azure/gitops-master-cluster.yaml
@@ -7,11 +7,11 @@ metadata:
 spec:
   parameters:
     id: gitops-master
-    region: West Europe
+    region: West US
     version: "1.27.3"
     nodes:
       count: 3
-      size: small
+      instanceType: Standard_B2s
     serviceSelector: gitops-master
     gitops:
       url: https://github.com/upbound/caas-cluster-configuration

diff --git a/.up/examples/azure/spoke-cluster.yaml b/.up/examples/azure/spoke-cluster.yaml
@@ -8,10 +8,12 @@ metadata:
 spec:
   parameters:
     id: azure-spoke-02
-    region: West Europe
+    region: West US
     version: "1.27.3"
     nodes:
       count: 3
-      size: small
+      instanceType: Standard_B2s
+    gitops:
+      url: https://github.com/upbound/caas-cluster-configuration
   writeConnectionSecretToRef:
     name: azure-spoke-02-kubeconfig
diff --git a/.up/examples/gcp/gitops-master-cluster.yaml b/.up/examples/gcp/gitops-master-cluster.yaml
@@ -11,7 +11,7 @@ spec:
     version: "latest"
     nodes:
       count: 3
-      size: small
+      instanceType: n1-standard-4
     serviceSelector: gitops-master
     gitops:
       url: https://github.com/upbound/caas-cluster-configuration

diff --git a/.up/examples/gcp/spoke-cluster.yaml b/.up/examples/gcp/spoke-cluster.yaml
@@ -12,6 +12,8 @@ spec:
     version: "latest"
     nodes:
       count: 3
-      size: small
+      instanceType: n1-standard-4
+    gitops:
+      url: https://github.com/upbound/caas-cluster-configuration
   writeConnectionSecretToRef:
     name: gcp-spoke-02-kubeconfig
diff --git a/Makefile b/Makefile
@@ -11,10 +11,9 @@ PLATFORMS ?= linux_amd64
 # ====================================================================================
 # Setup Kubernetes tools
 
-UP_VERSION = v0.18.0
+UP_VERSION = v0.19.1
 UP_CHANNEL = stable
 UPTEST_VERSION = v0.5.0
-UPTEST_CLAIMS = .up/examples/aws/spoke-cluster.yaml,.up/examples/azure/spoke-cluster.yaml,.up/examples/gcp/spoke-cluster.yaml
 -include build/makelib/k8s_tools.mk
 # ====================================================================================
 # Setup XPKG
@@ -23,7 +22,7 @@ UPTEST_CLAIMS = .up/examples/aws/spoke-cluster.yaml,.up/examples/azure/spoke-clu
 # certain conventions such as the default examples root or package directory.
 XPKG_DIR = $(shell pwd)
 XPKG_EXAMPLES_DIR = .up/examples
-XPKG_IGNORE = .github/workflows/ci.yaml,.github/workflows/tag.yml,.github/workflows/e2e.yaml,test/setup.sh
+XPKG_IGNORE = .github/workflows/ci.yaml,.github/workflows/tag.yml,.github/workflows/e2e.yaml,init/*.yaml,.up/examples/aws/*.yaml,.up/examples/azure/*.yaml,.up/examples/gcp/*.yaml,.up/examples/upbound/*.yaml,.work/uptest-datasource.yaml
 
 XPKG_REG_ORGS ?= xpkg.upbound.io/upbound
 # NOTE(hasheddan): skip promoting on xpkg.upbound.io as channel tags are
@@ -68,7 +67,7 @@ build.init: $(UP)
 #   You can check the basic implementation here: https://github.com/upbound/uptest/blob/main/internal/templates/01-delete.yaml.tmpl.
 uptest: $(UPTEST) $(KUBECTL) $(KUTTL)
 	@$(INFO) running automated tests
-	@KUBECTL=$(KUBECTL) KUTTL=$(KUTTL) $(UPTEST) e2e $(UPTEST_CLAIMS) --setup-script=test/setup.sh --default-timeout=4800 || $(FAIL)
+	@KUBECTL=$(KUBECTL) KUTTL=$(KUTTL) $(UPTEST) e2e "${UPTEST_EXAMPLE_LIST}" --setup-script=test/setup.sh --default-timeout=3200 || $(FAIL)
 	@$(OK) running automated tests
 
 # This target requires the following environment variables to be set:

diff --git a/apis/aws/composition.yaml b/apis/aws/composition.yaml
@@ -57,8 +57,12 @@ spec:
           toFieldPath: spec.parameters.version
         - fromFieldPath: spec.parameters.nodes.count
           toFieldPath: spec.parameters.nodes.count
-        - fromFieldPath: spec.parameters.nodes.size
-          toFieldPath: spec.parameters.nodes.size
+        - fromFieldPath: spec.parameters.nodes.instanceType
+          toFieldPath: spec.parameters.nodes.instanceType
+        - fromFieldPath: spec.parameters.iam.roleArn
+          toFieldPath: spec.parameters.iam.roleArn
+        - fromFieldPath: spec.parameters.iam.userArn
+          toFieldPath: spec.parameters.iam.userArn
         - fromFieldPath: status.subnetIds
           toFieldPath: spec.parameters.subnetIds
           policy:
@@ -69,13 +73,15 @@ spec:
       name: compositeClusterServices
       patches:
         - fromFieldPath: spec.parameters.deletionPolicy
-          toFieldPath: spec.parameters.deletionPolicy
+          toFieldPath: spec.deletionPolicy
         - fromFieldPath: spec.parameters.id
           toFieldPath: spec.providerConfigRef.name
         - fromFieldPath: spec.parameters.services.operators.flux.version
           toFieldPath: spec.operators.flux.version
         - fromFieldPath: spec.parameters.gitops.url
           toFieldPath: spec.gitops.url
+        - fromFieldPath: spec.parameters.gitops.path
+          toFieldPath: spec.gitops.path
         - fromFieldPath: spec.parameters.gitops.kubeConfigSecretRef.name
           toFieldPath: spec.gitops.kubeConfigSecretRef.name
         - fromFieldPath: spec.parameters.gitops.kubeConfigSecretRef.namespace

diff --git a/apis/aws/definition.yaml b/apis/aws/definition.yaml
@@ -33,6 +33,16 @@ spec:
                   region:
                     type: string
                     description: Region is the region you'd like your resource to be created in.
+                  iam:
+                    type: object
+                    description: IAM configuration to connect as ClusterAdmin.
+                    properties:
+                      roleArn:
+                        description: The IAM Role ARN to connect as ClusterAdmin.
+                        type: string
+                      userArn:
+                        description: The IAM User ARN to connect as ClusterAdmin.
+                        type: string
                   networkSelector:
                     type: string
                     description: NetworkSelector employs a specific type of network architecture.
@@ -73,23 +83,23 @@ spec:
                       count:
                         type: integer
                         description: Desired node count, from 1 to 100.
-                      size:
+                      instanceType:
                         type: string
-                        description: Size of node.
-                        enum:
-                        - small
-                        - medium
-                        - large
+                        description: instance types associated with the Node Group.
+                        default: t3.small
                     required:
                     - count
-                    - size
+                    - instanceType
                   gitops:
                     type: object
                     description: GitOps configure external gitops system for mcp controlplane
                     properties:
                       url:
                         type: string
                         description: Url for GitOps Sync.
+                      path:
+                        type: string
+                        description: path in Repo for GitOps Sync.
                       kubeConfigSecretRef:
                         type: object
                         description: location for kubeconfig mcp controlplane
@@ -104,7 +114,6 @@ spec:
                         - name
                         - namespace
                     required:
-                    - kubeConfigSecretRef
                     - url
                   services:
                     type: object