diff --git a/eks-anywhere-common/Addons/Partner/StormForge/external-secret.yaml b/eks-anywhere-common/Addons/Partner/StormForge/external-secret.yaml new file mode 100644 index 00000000..eaa91168 --- /dev/null +++ b/eks-anywhere-common/Addons/Partner/StormForge/external-secret.yaml @@ -0,0 +1,22 @@ +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: stormforge-external-secret + namespace: stormforge +spec: + refreshInterval: 5m + secretStoreRef: + name: eksa-secret-store + kind: ClusterSecretStore + target: + name: stormforge-auth-secret + data: + - secretKey: clientID + remoteRef: + key: stormforge-secrets + property: clientID + - secretKey: clientSecret + remoteRef: + key: stormforge-secrets + property: clientSecret diff --git a/eks-anywhere-common/Addons/Partner/StormForge/namespace.yaml b/eks-anywhere-common/Addons/Partner/StormForge/namespace.yaml new file mode 100644 index 00000000..8f498a29 --- /dev/null +++ b/eks-anywhere-common/Addons/Partner/StormForge/namespace.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: stormforge + labels: + aws.conformance.vendor: stormforge + aws.conformance.vendor-solution: optimize-live + aws.conformance.vendor-solution-version: 2.16.1 diff --git a/eks-anywhere-common/Addons/Partner/StormForge/stormforge-agent-release.yaml b/eks-anywhere-common/Addons/Partner/StormForge/stormforge-agent-release.yaml new file mode 100644 index 00000000..eaf5abae --- /dev/null +++ b/eks-anywhere-common/Addons/Partner/StormForge/stormforge-agent-release.yaml @@ -0,0 +1,32 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: stormforge-agent-release + namespace: stormforge +spec: + releaseName: stormforge-agent + chart: + spec: + chart: stormforge-agent + reconcileStrategy: ChartVersion + sourceRef: + kind: HelmRepository + name: stormforge-charts + namespace: flux-system + version: 2.16.1 + interval: 5m0s + targetNamespace: stormforge + valuesFrom: + - kind: ConfigMap + name: stormforge-clustername + valuesKey: clusterName + targetPath: clusterName + - kind: Secret + name: stormforge-auth-secret + valuesKey: clientID + targetPath: authorization.clientID + - kind: Secret + name: stormforge-auth-secret + valuesKey: clientSecret + targetPath: authorization.clientSecret diff --git a/eks-anywhere-common/Addons/Partner/StormForge/stormforge-applier-release.yaml b/eks-anywhere-common/Addons/Partner/StormForge/stormforge-applier-release.yaml new file mode 100644 index 00000000..355ed847 --- /dev/null +++ b/eks-anywhere-common/Addons/Partner/StormForge/stormforge-applier-release.yaml @@ -0,0 +1,19 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: stormforge-applier-release + namespace: stormforge +spec: + releaseName: stormforge-applier + chart: + spec: + chart: stormforge-applier + reconcileStrategy: ChartVersion + sourceRef: + kind: HelmRepository + name: stormforge-charts + namespace: flux-system + version: 2.6.0 + interval: 5m0s + targetNamespace: stormforge diff --git a/eks-anywhere-common/Addons/Partner/StormForge/stormforge-cluster-name.yaml b/eks-anywhere-common/Addons/Partner/StormForge/stormforge-cluster-name.yaml new file mode 100644 index 00000000..b12d3855 --- /dev/null +++ b/eks-anywhere-common/Addons/Partner/StormForge/stormforge-cluster-name.yaml @@ -0,0 +1,56 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: stormforge-configmaps-admin + namespace: stormforge +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: stormforge-configmaps-admin + namespace: stormforge +rules: +- apiGroups: [""] # "" indicates the core API group + resources: ["configmaps"] + verbs: ["*"] # full access +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: stormforge-configmaps-admin + namespace: stormforge +subjects: + - kind: ServiceAccount + name: stormforge-configmaps-admin + namespace: stormforge +roleRef: + kind: Role + name: stormforge-configmaps-admin + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: stormforge-cluster-name + namespace: stormforge +spec: + template: + spec: + restartPolicy: Never + serviceAccountName: stormforge-configmaps-admin + containers: + - name: generate-name + image: bitnami/kubectl:1.31 + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + command: + - '/bin/sh' + - '-c' + - | + cm_name=stormforge-clustername + cluster_name="eksa-test-$(LC_ALL=C tr -dc a-z0-9