Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add FluxCD support for S3 Bucket sources #1007

Merged
merged 5 commits into from
Jun 19, 2024
Merged

Add FluxCD support for S3 Bucket sources #1007

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
88d832b
add FluxCD support for S3 Bucket sources
jkataja May 21, 2024
98cecd3
add package update instructions
jkataja Jun 14, 2024
71f6d0b
end misuse of repository to carry the bucket
jkataja Jun 14, 2024
6354fee
fix comment for the default bucket namespace
jkataja Jun 14, 2024
031c2e5
remove default namespace in bucket
jkataja Jun 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 34 additions & 0 deletions docs/addons/fluxcd.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ Flux is a declarative, GitOps-based continuous delivery tool that can be integra

## Usage

Only specify unique values for the repository and bucket `name` field.

### Single bootstrap repo path

```typescript
Expand Down Expand Up @@ -67,6 +69,38 @@ const blueprint = blueprints.EksBlueprint.builder()
.build(app, 'my-stack-name');
```

### Single bootstrap S3 bucket repository

```typescript
import * as cdk from 'aws-cdk-lib';
import * as blueprints from '@aws-quickstart/eks-blueprints';
import * as s3 from 'aws-cdk-lib/aws-s3';

const app = new cdk.App();

const fluxBootstrap = new s3.Bucket(this, "FluxBootstrap", {
removalPolicy: cdk.RemovalPolicy.RETAIN,
});

const addOn = new blueprints.addons.FluxCDAddOn({
buckets: [{
name: "bootstrap-bucket",
bucketName: fluxBootstrap.bucketName,
bucketRegion: cdk.Aws.REGION,
}],
})
...

const blueprint = blueprints.EksBlueprint.builder()
.addOns(addOn)
.build(app, 'my-stack-name');
```

By default the FluxCD source-controller attempts to access the S3 bucket by using the IAM instance profile.
To grant access assign node group instances IAM role granting read access to the S3 bucket.
Alternatively reference to a Secret containing the `accesskey` and `secretkey` values with the `secretRef` parameter to authenticate using IAM user authentication.
See [FluxCD Bucket Source Controller documentation](https://fluxcd.io/flux/components/source/buckets/).

## Workload Repositories

1. To add workload repositories as well as the bootstrap repository, please follow this example below
Expand Down
39 changes: 39 additions & 0 deletions lib/addons/fluxcd/bucket.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
import { setPath } from "../../utils";

/**
* Flux Bucket API defines a Source to produce an Artifact for objects from storage solutions like Amazon S3.
* @see https://fluxcd.io/flux/components/source/buckets/
*/
export class FluxBucket {

constructor(private readonly bucketName: string, private readonly region: string, private readonly prefixPath?: string) {}

public generate(name: string, namespace: string, fluxSyncInterval: string, provider: string, endpoint: string, fluxSecretRefName?: string) {

const bucketManifest = {
apiVersion: "source.toolkit.fluxcd.io/v1beta2",
kind: "Bucket",
metadata: {
name: name,
namespace: namespace
},
spec: {
interval: fluxSyncInterval,
bucketName: this.bucketName,
provider: provider,
endpoint: endpoint,
region: this.region,
}
};

if (fluxSecretRefName) {
setPath(bucketManifest, "spec.secretRef.name", fluxSecretRefName);
}

if (this.prefixPath) {
setPath(bucketManifest, "spec.prefix", this.prefixPath);
}

return bucketManifest;
}
}
Loading
Loading