mathod/crossplane
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

+ s3 composition

Browse Source
This commit is contained in:
Mathod
2025-11-30 01:50:18 +01:00
parent e3816d8948
commit 9f04b70cd9
3 changed files with 167 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

150
providers/provider-family-aws/resources/s3/compositions/composition.yaml
View File

@@ -0,0 +1,150 @@
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: s3bucket.aws.mathod.io
labels:
provider: aws
type: s3
spec:
compositeTypeRef:
apiVersion: mathod.io/v1alpha1
kind: XObjectStorage
mode: Pipeline
pipeline:
- step: patch-and-transform
functionRef:
name: function-patch-and-transform
input:
apiVersion: pt.fn.crossplane.io/v1beta1
kind: Resources
resources:
# Bucket S3
- name: s3-bucket
base:
apiVersion: s3.aws.m.upbound.io/v1beta1
kind: Bucket
spec:
forProvider:
region: eu-west-1
providerConfigRef:
name: aws-provider
patches:
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.bucketName
toFieldPath: metadata.name
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.region
toFieldPath: spec.forProvider.region
- type: ToCompositeFieldPath
fromFieldPath: status.atProvider.arn
toFieldPath: status.bucketArn
- type: ToCompositeFieldPath
fromFieldPath: status.atProvider.bucketDomainName
toFieldPath: status.bucketDomain
# Configuration du versioning
- name: bucket-versioning
base:
apiVersion: s3.aws.m.upbound.io/v1beta1
kind: BucketVersioning
spec:
forProvider:
bucketRef:
name: ""
versioningConfiguration:
- status: Disabled
providerConfigRef:
name: aws-provider
patches:
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.bucketName
toFieldPath: spec.forProvider.bucketRef.name
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.versioning
toFieldPath: spec.forProvider.versioningConfiguration[0].status
transforms:
- type: map
map:
"true": Enabled
"false": Suspended
# Configuration du chiffrement
- name: bucket-encryption
base:
apiVersion: s3.aws.m.upbound.io/v1beta1
kind: BucketServerSideEncryptionConfiguration
spec:
forProvider:
bucketRef:
name: ""
rule:
- applyServerSideEncryptionByDefault:
- sseAlgorithm: AES256
providerConfigRef:
name: aws-provider
patches:
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.bucketName
toFieldPath: spec.forProvider.bucketRef.name
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.encryption
toFieldPath: spec.forProvider.rule[0].applyServerSideEncryptionByDefault[0].sseAlgorithm
transforms:
- type: map
map:
"true": AES256
"false": ""
# Bloquer l'accès public
- name: bucket-public-access-block
base:
apiVersion: s3.aws.m.upbound.io/v1beta1
kind: BucketPublicAccessBlock
spec:
forProvider:
bucketRef:
name: ""
blockPublicAcls: true
blockPublicPolicy: true
ignorePublicAcls: true
restrictPublicBuckets: true
providerConfigRef:
name: aws-provider
patches:
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.bucketName
toFieldPath: spec.forProvider.bucketRef.name
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.publicAccess
toFieldPath: spec.forProvider.blockPublicAcls
transforms:
- type: map
map:
"true": false
"false": true
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.publicAccess
toFieldPath: spec.forProvider.blockPublicPolicy
transforms:
- type: map
map:
"true": false
"false": true
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.publicAccess
toFieldPath: spec.forProvider.ignorePublicAcls
transforms:
- type: map
map:
"true": false
"false": true
- type: FromCompositeFieldPath
fromFieldPath: spec.parameters.publicAccess
toFieldPath: spec.forProvider.restrictPublicBuckets
transforms:
- type: map
map:
"true": false
"false": true

4
providers/provider-family-aws/resources/s3/compositions/definition.yaml
View File

@@ -1,10 +1,10 @@
apiVersion: apiextensions.crossplane.io/v2 apiVersion: apiextensions.crossplane.io/v2
kind: CompositeResourceDefinition kind: CompositeResourceDefinition
metadata: metadata:
name: xobjectstorages.mathod.io #(1)! name: xobjectstorages.mathod.io
spec: spec:
scope: Namespaced scope: Namespaced
group: mathod.io #(2)! group: mathod.io
names: names:
kind: XObjectStorage kind: XObjectStorage
plural: xobjectstorages plural: xobjectstorages

15
providers/provider-family-aws/resources/s3/compositions/objectstorage.yaml
View File

@@ -0,0 +1,15 @@
apiVersion: mathod.io/v1alpha1
kind: XObjectStorage
metadata:
name: my-s3-bucket-example
namespace: default
spec:
parameters:
bucketName: mon-bucket-exemple-123
region: eu-west-1
versioning: true
encryption: true
publicAccess: false
crossplane:
compositionRef:
name: s3bucket.aws.mathod.io