github.com/oam-dev/kubevela@v1.9.11/pkg/stdlib/pkgs/terraform.cue (about) 1 #LoadTerraformComponents: { 2 #provider: "terraform" 3 #do: "load-terraform-components" 4 5 outputs: { 6 components: [...multicluster.#Component] 7 } 8 } 9 10 #GetConnectionStatus: { 11 #provider: "terraform" 12 #do: "get-connection-status" 13 14 inputs: { 15 componentName: string 16 } 17 18 outputs: { 19 healthy?: bool 20 } 21 } 22 23 #PrepareTerraformEnvBinding: #Steps & { 24 inputs: { 25 env: string 26 policy: string 27 } 28 env_: inputs.env 29 policy_: inputs.policy 30 31 prepare: multicluster.#PrepareEnvBinding & { 32 inputs: { 33 env: env_ 34 policy: policy_ 35 } 36 } @step(1) 37 loadTerraformComponents: #LoadTerraformComponents @step(2) 38 terraformComponentMap: { 39 for _, comp in loadTerraformComponents.outputs.components { 40 "\(comp.name)": comp 41 } 42 ... 43 } 44 components_: [ for comp in prepare.outputs.components if terraformComponentMap["\(comp.name)"] != _|_ {comp}] 45 outputs: { 46 components: components_ 47 decisions: prepare.outputs.decisions 48 } 49 } 50 51 #loadSecretInfo: { 52 component: {...} 53 appNamespace: string 54 name: string 55 namespace: string 56 env: string 57 if component.properties != _|_ && component.properties.writeConnectionSecretToRef != _|_ { 58 if component.properties.writeConnectionSecretToRef.name != _|_ { 59 name: component.properties.writeConnectionSecretToRef.name 60 } 61 if component.properties.writeConnectionSecretToRef.name == _|_ { 62 name: component.name 63 } 64 if component.properties.writeConnectionSecretToRef.namespace != _|_ { 65 namespace: component.properties.writeConnectionSecretToRef.namespace 66 } 67 if component.properties.writeConnectionSecretToRef.namespace == _|_ { 68 namespace: appNamespace 69 } 70 } 71 envName: "\(name)-\(env)" 72 } 73 74 #bindTerraformComponentToCluster: #Steps & { 75 comp: {...} 76 secret: {...} 77 env: string 78 decisions: [...{...}] 79 80 status: terraform.#GetConnectionStatus & { 81 inputs: componentName: "\(comp.name)-\(env)" 82 } @step(1) 83 84 read: kube.#Read & { 85 value: { 86 apiVersion: "v1" 87 kind: "Secret" 88 metadata: { 89 name: secret.envName 90 namespace: secret.namespace 91 ... 92 } 93 ... 94 } 95 } @step(2) 96 97 wait: { 98 #do: "wait" 99 continue: status.outputs.healthy && read.err == _|_ 100 } @step(3) 101 102 sync: #Steps & { 103 for decision in decisions { 104 "\(decision.cluster)-\(decision.namespace)": kube.#Apply & { 105 cluster: decision.cluster 106 value: { 107 apiVersion: "v1" 108 kind: "Secret" 109 metadata: { 110 name: secret.name 111 if decision.namespace != _|_ && decision.namespace != "" { 112 namespace: decision.namespace 113 } 114 if decision.namespace == _|_ || decision.namespace == "" { 115 namespace: secret.namespace 116 } 117 ... 118 } 119 type: "Opaque" 120 data: read.value.data 121 ... 122 } 123 } 124 } 125 } @step(4) 126 } 127 128 #DeployCloudResource: { 129 #do: "steps" 130 131 env: string 132 name: string 133 policy: string 134 namespace: string 135 136 env_: env 137 policy_: policy 138 prepareDeploy: #PrepareTerraformEnvBinding & { 139 inputs: { 140 env: env_ 141 policy: policy_ 142 } 143 } @step(1) 144 145 deploy: #Steps & { 146 for comp in prepareDeploy.outputs.components { 147 "\(comp.name)": #Steps & { 148 149 secretMeta: #loadSecretInfo & { 150 component: comp 151 env: env_ 152 appNamespace: namespace 153 } 154 155 apply: #ApplyComponent & { 156 value: { 157 name: "\(comp.name)-\(env)" 158 properties: { 159 writeConnectionSecretToRef: { 160 name: secretMeta.envName 161 namespace: secretMeta.namespace 162 } 163 if comp.properties != _|_ { 164 for k, v in comp.properties { 165 if k != "writeConnectionSecretToRef" { 166 "\(k)": v 167 } 168 } 169 } 170 ... 171 } 172 for k, v in comp { 173 if k != "name" && k != "properties" { 174 "\(k)": v 175 } 176 } 177 ... 178 } 179 } @step(1) 180 181 comp_: comp 182 bind: #bindTerraformComponentToCluster & { 183 comp: comp_ 184 secret: secretMeta 185 env: env_ 186 decisions: prepareDeploy.outputs.decisions 187 } @step(2) 188 189 secret: bind.read.value 190 191 update: kube.#Apply & { 192 value: { 193 metadata: { 194 for k, v in secret.metadata { 195 if k != "labels" { 196 "\(k)": v 197 } 198 } 199 labels: { 200 "app.oam.dev/name": name 201 "app.oam.dev/namespace": namespace 202 "app.oam.dev/component": comp.name 203 "app.oam.dev/env-name": env 204 "app.oam.dev/sync-alias": secretMeta.name 205 if secret.metadata.labels != _|_ { 206 for k, v in secret.metadata.labels { 207 if k != "app.oam.dev/name" && k != "app.oam.dev/sync-alias" && k != "app.oam.dev/env-name" { 208 "\(k)": v 209 } 210 } 211 } 212 ... 213 } 214 } 215 for k, v in secret { 216 if k != "metadata" { 217 "\(k)": v 218 } 219 } 220 ... 221 } 222 } @step(6) 223 } 224 } 225 ... 226 } @step(2) 227 } 228 229 #ShareCloudResource: { 230 #do: "steps" 231 232 env: string 233 name: string 234 policy: string 235 namespace: string 236 namespace_: namespace 237 placements: [...multicluster.#PlacementDecision] 238 239 env_: env 240 policy_: policy 241 prepareBind: #PrepareTerraformEnvBinding & { 242 inputs: { 243 env: env_ 244 policy: policy_ 245 } 246 } @step(1) 247 248 decisions_: [ for placement in placements { 249 namespace: *"" | string 250 if placement.namespace != _|_ { 251 namespace: placement.namespace 252 } 253 if placement.namespace == _|_ { 254 namespace: namespace_ 255 } 256 cluster: *"local" | string 257 if placement.cluster != _|_ { 258 cluster: placement.cluster 259 } 260 }] 261 262 deploy: #Steps & { 263 for comp in prepareBind.outputs.components { 264 "\(comp.name)": #Steps & { 265 secretMeta: #loadSecretInfo & { 266 component: comp 267 env: env_ 268 appNamespace: namespace 269 } 270 comp_: comp 271 bind: #bindTerraformComponentToCluster & { 272 comp: comp_ 273 secret: secretMeta 274 env: env_ 275 decisions: decisions_ 276 } @step(1) 277 } 278 } 279 } @step(2) 280 }