github/kubevela
1
0
Fork 0
mirror of https://github.com/kubevela/kubevela.git synced 2026-02-14 18:10:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Feat: add unify step definitions from catalog (#5199)

Browse Source 
* Feat: add unify step definitions from catalog

Signed-off-by: FogDong <dongtianxin.tx@alibaba-inc.com>

* add kaniko executor example

Signed-off-by: FogDong <dongtianxin.tx@alibaba-inc.com>

Signed-off-by: FogDong <dongtianxin.tx@alibaba-inc.com>
This commit is contained in:
Tianxin Dong
2022-12-19 17:06:51 +08:00
committed by GitHub
parent 863b36226d
commit 1f7b9cebcc
31 changed files with 2277 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
charts/vela-core/templates/defwithtemplate/apply-deployment.yaml Normal file
View File

@@ -0,0 +1,51 @@
# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
# Definition source cue file: vela-templates/definitions/internal/apply-deployment.cue
apiVersion: core.oam.dev/v1beta1
kind: WorkflowStepDefinition
metadata:
annotations:
definition.oam.dev/alias: ""
definition.oam.dev/description: Apply deployment with specified image and cmd.
name: apply-deployment
namespace: {{ include "systemDefinitionNamespace" . }}
spec:
schematic:
cue:
template: |
import (
"strconv"
"strings"
"vela/op"
)
output: op.#Apply & {
value: {
apiVersion: "apps/v1"
kind: "Deployment"
metadata: {
name: context.stepName
namespace: context.namespace
}
spec: {
selector: matchLabels: "workflow.oam.dev/step-name": "\(context.name)-\(context.stepName)"
template: {
metadata: labels: "workflow.oam.dev/step-name": "\(context.name)-\(context.stepName)"
spec: containers: [{
name: context.stepName
image: parameter.image
if parameter["cmd"] != _|_ {
command: parameter.cmd
}
}]
}
}
}
}
wait: op.#ConditionalWait & {
continue: output.value.status.readyReplicas == 1
}
parameter: {
image: string
cmd?: [...string]
}

91
charts/vela-core/templates/defwithtemplate/apply-terraform-config.yaml Normal file
View File

@@ -0,0 +1,91 @@
# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
# Definition source cue file: vela-templates/definitions/internal/apply-terraform-config.cue
apiVersion: core.oam.dev/v1beta1
kind: WorkflowStepDefinition
metadata:
annotations:
definition.oam.dev/alias: ""
definition.oam.dev/description: Apply terraform configuration in the step
definition.oam.dev/example-url: https://raw.githubusercontent.com/kubevela/workflow/main/examples/workflow-run/apply-terraform-resource.yaml
name: apply-terraform-config
namespace: {{ include "systemDefinitionNamespace" . }}
spec:
schematic:
cue:
template: |
import (
"vela/op"
)
apply: op.#Apply & {
value: {
apiVersion: "terraform.core.oam.dev/v1beta2"
kind: "Configuration"
metadata: {
name: "\(context.name)-\(context.stepName)"
namespace: context.namespace
}
spec: {
deleteResource: parameter.deleteResource
variable: parameter.variable
forceDelete: parameter.forceDelete
if parameter.source.path != _|_ {
path: parameter.source.path
}
if parameter.source.remote != _|_ {
remote: parameter.source.remote
}
if parameter.source.hcl != _|_ {
hcl: parameter.source.hcl
}
if parameter.providerRef != _|_ {
providerRef: parameter.providerRef
}
if parameter.jobEnv != _|_ {
jobEnv: parameter.jobEnv
}
if parameter.writeConnectionSecretToRef != _|_ {
writeConnectionSecretToRef: parameter.writeConnectionSecretToRef
}
if parameter.region != _|_ {
region: parameter.region
}
}
}
}
check: op.#ConditionalWait & {
continue: apply.value.status != _|_ && apply.value.status.apply != _|_ && apply.value.status.apply.state == "Available"
}
parameter: {
// +usage=specify the source of the terraform configuration
source: close({
// +usage=directly specify the hcl of the terraform configuration
hcl: string
}) | close({
// +usage=specify the remote url of the terraform configuration
remote: *"https://github.com/kubevela-contrib/terraform-modules.git" | string
// +usage=specify the path of the terraform configuration
path?: string
})
// +usage=whether to delete resource
deleteResource: *true | bool
// +usage=the variable in the configuration
variable: {...}
// +usage=this specifies the namespace and name of a secret to which any connection details for this managed resource should be written.
writeConnectionSecretToRef?: {
name: string
namespace: *context.namespace | string
}
// +usage=providerRef specifies the reference to Provider
providerRef?: {
name: string
namespace: *context.namespace | string
}
// +usage=region is cloud provider's region. It will override the region in the region field of providerRef
region?: string
// +usage=the envs for job
jobEnv?: {...}
// +usae=forceDelete will force delete Configuration no matter which state it is or whether it has provisioned some resources
forceDelete: *false | bool
}

144
charts/vela-core/templates/defwithtemplate/apply-terraform-provider.yaml Normal file
View File

@@ -0,0 +1,144 @@
# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
# Definition source cue file: vela-templates/definitions/internal/apply-terraform-provider.cue
apiVersion: core.oam.dev/v1beta1
kind: WorkflowStepDefinition
metadata:
annotations:
definition.oam.dev/alias: ""
definition.oam.dev/description: Apply terraform provider config
definition.oam.dev/example-url: https://raw.githubusercontent.com/kubevela/workflow/main/examples/workflow-run/apply-terraform-resource.yaml
name: apply-terraform-provider
namespace: {{ include "systemDefinitionNamespace" . }}
spec:
schematic:
cue:
template: |
import (
"vela/op"
"strings"
)
config: op.#CreateConfig & {
name: "\(context.name)-\(context.stepName)"
namespace: context.namespace
template: "terraform-\(parameter.type)"
config: {
name: parameter.name
if parameter.type == "alibaba" {
ALICLOUD_ACCESS_KEY: parameter.accessKey
ALICLOUD_SECRET_KEY: parameter.secretKey
ALICLOUD_REGION: parameter.region
}
if parameter.type == "aws" {
AWS_ACCESS_KEY_ID: parameter.accessKey
AWS_SECRET_ACCESS_KEY: parameter.secretKey
AWS_DEFAULT_REGION: parameter.region
AWS_SESSION_TOKEN: parameter.token
}
if parameter.type == "azure" {
ARM_CLIENT_ID: parameter.clientID
ARM_CLIENT_SECRET: parameter.clientSecret
ARM_SUBSCRIPTION_ID: parameter.subscriptionID
ARM_TENANT_ID: parameter.tenantID
}
if parameter.type == "baidu" {
BAIDUCLOUD_ACCESS_KEY: parameter.accessKey
BAIDUCLOUD_SECRET_KEY: parameter.secretKey
BAIDUCLOUD_REGION: parameter.region
}
if parameter.type == "ec" {
EC_API_KEY: parameter.apiKey
}
if parameter.type == "gcp" {
GOOGLE_CREDENTIALS: parameter.credentials
GOOGLE_REGION: parameter.region
GOOGLE_PROJECT: parameter.project
}
if parameter.type == "tencent" {
TENCENTCLOUD_SECRET_ID: parameter.secretID
TENCENTCLOUD_SECRET_KEY: parameter.secretKey
TENCENTCLOUD_REGION: parameter.region
}
if parameter.type == "ucloud" {
UCLOUD_PRIVATE_KEY: parameter.privateKey
UCLOUD_PUBLIC_KEY: parameter.publicKey
UCLOUD_PROJECT_ID: parameter.projectID
UCLOUD_REGION: parameter.region
}
}
}
read: op.#Read & {
value: {
apiVersion: "terraform.core.oam.dev/v1beta1"
kind: "Provider"
metadata: {
name: parameter.name
namespace: context.namespace
}
}
}
check: op.#ConditionalWait & {
if read.value.status != _|_ {
continue: read.value.status.state == "ready"
}
if read.value.status == _|_ {
continue: false
}
}
providerBasic: {
accessKey: string
secretKey: string
region: string
}
#AlibabaProvider: {
providerBasic
type: "alibaba"
name: *"alibaba-provider" | string
}
#AWSProvider: {
providerBasic
token: *"" | string
type: "aws"
name: *"aws-provider" | string
}
#AzureProvider: {
subscriptionID: string
tenantID: string
clientID: string
clientSecret: string
name: *"azure-provider" | string
}
#BaiduProvider: {
providerBasic
type: "baidu"
name: *"baidu-provider" | string
}
#ECProvider: {
type: "ec"
apiKey: *"" | string
name: "ec-provider" | string
}
#GCPProvider: {
credentials: string
region: string
project: string
type: "gcp"
name: *"gcp-provider" | string
}
#TencentProvider: {
secretID: string
secretKey: string
region: string
type: "tencent"
name: *"tencent-provider" | string
}
#UCloudProvider: {
publicKey: string
privateKey: string
projectID: string
region: string
type: "ucloud"
name: *"ucloud-provider" | string
}
parameter: *#AlibabaProvider | #AWSProvider | #AzureProvider | #BaiduProvider | #ECProvider | #GCPProvider | #TencentProvider | #UCloudProvider

125
charts/vela-core/templates/defwithtemplate/build-push-image.yaml Normal file
View File

@@ -0,0 +1,125 @@
# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
# Definition source cue file: vela-templates/definitions/internal/build-push-image.cue
apiVersion: core.oam.dev/v1beta1
kind: WorkflowStepDefinition
metadata:
annotations:
definition.oam.dev/alias: ""
definition.oam.dev/description: Build and push image from git url
definition.oam.dev/example-url: https://raw.githubusercontent.com/kubevela/workflow/main/examples/workflow-run/built-push-image.yaml
name: build-push-image
namespace: {{ include "systemDefinitionNamespace" . }}
spec:
schematic:
cue:
template: |
import (
"vela/op"
"encoding/json"
"strings"
)
url: strings.TrimPrefix(strings.TrimPrefix(parameter.git, "https://"), "http://")
kaniko: op.#Apply & {
value: {
apiVersion: "v1"
kind: "Pod"
metadata: {
name: "\(context.name)-\(context.stepSessionID)-kaniko"
namespace: context.namespace
}
spec: {
containers: [
{
args: [
"--dockerfile=\(parameter.dockerfile)",
"--context=git://\(url)#refs/heads/\(parameter.branch)",
"--destination=\(parameter.image)",
"--verbosity=\(parameter.verbosity)",
]
image: parameter.kanikoExecutor
name: "kaniko"
if parameter.credentials != _|_ && parameter.credentials.image != _|_ {
volumeMounts: [
{
mountPath: "/kaniko/.docker/"
name: parameter.credentials.image.name
},
]
}
if parameter.credentials != _|_ && parameter.credentials.git != _|_ {
env: [
{
name: "GIT_TOKEN"
valueFrom: secretKeyRef: {
key: parameter.credentials.git.key
name: parameter.credentials.git.name
}
},
]
}
},
]
if parameter.credentials != _|_ && parameter.credentials.image != _|_ {
volumes: [
{
name: parameter.credentials.image.name
secret: {
defaultMode: 420
items: [
{
key: parameter.credentials.image.key
path: "config.json"
},
]
secretName: parameter.credentials.image.name
}
},
]
}
restartPolicy: "Never"
}
}
}
log: op.#Log & {
source: resources: [{
name: "\(context.name)-\(context.stepSessionID)-kaniko"
namespace: context.namespace
}]
}
read: op.#Read & {
value: {
apiVersion: "v1"
kind: "Pod"
metadata: {
name: "\(context.name)-\(context.stepSessionID)-kaniko"
namespace: context.namespace
}
}
}
wait: op.#ConditionalWait & {
continue: read.value.status != _|_ && read.value.status.phase == "Succeeded"
}
#secret: {
name: string
key: string
}
parameter: {
kanikoExecutor: *"gcr.io/kaniko-project/executor:latest" | string
git: string
branch: *"master" | string
dockerfile: *"./Dockerfile" | string
image: string
credentials?: {
git?: {
name: string
key: string
}
image?: {
name: string
key: *".dockerconfigjson" | string
}
}
verbosity: *"info" | "panic" | "fatal" | "error" | "warn" | "debug" | "trace"
}

57
charts/vela-core/templates/defwithtemplate/clean-jobs.yaml Normal file
View File

@@ -0,0 +1,57 @@
# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
# Definition source cue file: vela-templates/definitions/internal/clean-jobs.cue
apiVersion: core.oam.dev/v1beta1
kind: WorkflowStepDefinition
metadata:
annotations:
definition.oam.dev/description: clean applied jobs in the cluster
name: clean-jobs
namespace: {{ include "systemDefinitionNamespace" . }}
spec:
schematic:
cue:
template: |
import (
"vela/op"
)
parameter: labelselector?: {...}
cleanJobs: op.#Delete & {
value: {
apiVersion: "batch/v1"
kind: "Job"
metadata: {
name: context.name
namespace: context.namespace
}
}
filter: {
namespace: context.namespace
if parameter.labelselector != _|_ {
matchingLabels: parameter.labelselector
}
if parameter.labelselector == _|_ {
matchingLabels: "workflow.oam.dev/name": context.name
}
}
}
cleanPods: op.#Delete & {
value: {
apiVersion: "v1"
kind: "pod"
metadata: {
name: context.name
namespace: context.namespace
}
}
filter: {
namespace: context.namespace
if parameter.labelselector != _|_ {
matchingLabels: parameter.labelselector
}
if parameter.labelselector == _|_ {
matchingLabels: "workflow.oam.dev/name": context.name
}
}
}

61
charts/vela-core/templates/defwithtemplate/export2secret.yaml
View File

@@ -15,27 +15,43 @@ spec:
template: |
import (
"vela/op"
"encoding/base64"
"encoding/json"
)
apply: op.#Apply & {
value: {
apiVersion: "v1"
kind: "Secret"
if parameter.type != _|_ {
type: parameter.type
secret: op.#Steps & {
data: *parameter.data | {}
if parameter.kind == "docker-registry" && parameter.dockerRegistry != _|_ {
registryData: auths: "\(parameter.dockerRegistry.server)": {
username: parameter.dockerRegistry.username
password: parameter.dockerRegistry.password
auth: base64.Encode(null, "\(parameter.dockerRegistry.username):\(parameter.dockerRegistry.password)")
}
metadata: {
name: parameter.secretName
if parameter.namespace != _|_ {
namespace: parameter.namespace
}
if parameter.namespace == _|_ {
namespace: context.namespace
}
}
stringData: parameter.data
data: ".dockerconfigjson": json.Marshal(registryData)
}
apply: op.#Apply & {
value: {
apiVersion: "v1"
kind: "Secret"
if parameter.type == _|_ && parameter.kind == "docker-registry" {
type: "kubernetes.io/dockerconfigjson"
}
if parameter.type != _|_ {
type: parameter.type
}
metadata: {
name: parameter.secretName
if parameter.namespace != _|_ {
namespace: parameter.namespace
}
if parameter.namespace == _|_ {
namespace: context.namespace
}
}
stringData: data
}
cluster: parameter.cluster
}
cluster: parameter.cluster
}
parameter: {
// +usage=Specify the name of the secret
@@ -48,5 +64,16 @@ spec:
data: {}
// +usage=Specify the cluster of the secret
cluster: *"" | string
// +usage=Specify the kind of the secret
kind: *"generic" | "docker-registry"
// +usage=Specify the docker data
dockerRegistry?: {
// +usage=Specify the username of the docker registry
username: string
// +usage=Specify the password of the docker registry
password: string
// +usage=Specify the server of the docker registry
server: *"https://index.docker.io/v1/" | string
}
}

47
charts/vela-core/templates/defwithtemplate/request.yaml Normal file
View File

@@ -0,0 +1,47 @@
# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
# Definition source cue file: vela-templates/definitions/internal/request.cue
apiVersion: core.oam.dev/v1beta1
kind: WorkflowStepDefinition
metadata:
annotations:
definition.oam.dev/alias: ""
definition.oam.dev/description: Send request to the url
definition.oam.dev/example-url: https://raw.githubusercontent.com/kubevela/workflow/main/examples/workflow-run/request.yaml
name: request
namespace: {{ include "systemDefinitionNamespace" . }}
spec:
schematic:
cue:
template: |
import (
"vela/op"
"encoding/json"
)
http: op.#HTTPDo & {
method: parameter.method
url: parameter.url
request: {
if parameter.body != _|_ {
body: json.Marshal(parameter.body)
}
if parameter.header != _|_ {
header: parameter.header
}
}
}
fail: op.#Steps & {
if http.response.statusCode > 400 {
requestFail: op.#Fail & {
message: "request of \(parameter.url) is fail: \(http.response.statusCode)"
}
}
}
response: json.Unmarshal(http.response.body)
parameter: {
url: string
method: *"GET" | "POST" | "PUT" | "DELETE"
body?: {...}
header?: [string]: string
}

130
charts/vela-core/templates/defwithtemplate/vela-cli.yaml Normal file
View File

@@ -0,0 +1,130 @@
# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
# Definition source cue file: vela-templates/definitions/internal/vela-cli.cue
apiVersion: core.oam.dev/v1beta1
kind: WorkflowStepDefinition
metadata:
annotations:
definition.oam.dev/description: Run a vela command
definition.oam.dev/example-url: https://raw.githubusercontent.com/kubevela/workflow/main/examples/workflow-run/apply-terraform-resource.yaml
name: vela-cli
namespace: {{ include "systemDefinitionNamespace" . }}
spec:
schematic:
cue:
template: |
import (
"vela/op"
)
mountsArray: [
if parameter.storage != _|_ && parameter.storage.secret != _|_ for v in parameter.storage.secret {
{
mountPath: v.mountPath
if v.subPath != _|_ {
subPath: v.subPath
}
name: v.name
}
},
]
volumesList: [
if parameter.storage != _|_ && parameter.storage.secret != _|_ for v in parameter.storage.secret {
{
name: v.name
secret: {
defaultMode: v.defaultMode
secretName: v.secretName
if v.items != _|_ {
items: v.items
}
}
}
},
]
deDupVolumesArray: [
for val in [
for i, vi in volumesList {
for j, vj in volumesList if j < i && vi.name == vj.name {
_ignore: true
}
vi
},
] if val._ignore == _|_ {
val
},
]
job: op.#Apply & {
value: {
apiVersion: "batch/v1"
kind: "Job"
metadata: {
name: "\(context.name)-\(context.stepName)-\(context.stepSessionID)"
if parameter.serviceAccountName == "kubevela-vela-core" {
namespace: "vela-system"
}
if parameter.serviceAccountName != "kubevela-vela-core" {
namespace: context.namespace
}
}
spec: {
backoffLimit: 3
template: {
labels: "workflow.oam.dev/step-name": "\(context.name)-\(context.stepName)"
spec: {
containers: [
{
name: "\(context.name)-\(context.stepName)-\(context.stepSessionID)-job"
image: parameter.image
command: parameter.command
volumeMounts: mountsArray
},
]
restartPolicy: "Never"
serviceAccount: parameter.serviceAccountName
volumes: deDupVolumesArray
}
}
}
}
}
log: op.#Log & {
source: resources: [{labelSelector: "workflow.oam.dev/step-name": "\(context.name)-\(context.stepName)"}]
}
fail: op.#Steps & {
if job.value.status.failed != _|_ {
if job.value.status.failed > 2 {
breakWorkflow: op.#Fail & {
message: "failed to execute vela command"
}
}
}
}
wait: op.#ConditionalWait & {
continue: job.value.status.succeeded != _|_ && job.value.status.succeeded > 0
}
parameter: {
// +usage=Specify the name of the addon.
addonName: string
// +usage=Specify the vela command
command: [...string]
// +usage=Specify the image
image: *"oamdev/vela-cli:v1.6.4" | string
// +usage=specify serviceAccountName want to use
serviceAccountName: *"kubevela-vela-core" | string
storage?: {
// +usage=Mount Secret type storage
secret?: [...{
name: string
mountPath: string
subPath?: string
defaultMode: *420 | int
secretName: string
items?: [...{
key: string
path: string
mode: *511 | int
}]
}]
}
}

51
charts/vela-minimal/templates/defwithtemplate/apply-deployment.yaml Normal file
View File

@@ -0,0 +1,51 @@
# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
# Definition source cue file: vela-templates/definitions/internal/apply-deployment.cue
apiVersion: core.oam.dev/v1beta1
kind: WorkflowStepDefinition
metadata:
annotations:
definition.oam.dev/alias: ""
definition.oam.dev/description: Apply deployment with specified image and cmd.
name: apply-deployment
namespace: {{ include "systemDefinitionNamespace" . }}
spec:
schematic:
cue:
template: |
import (
"strconv"
"strings"
"vela/op"
)
output: op.#Apply & {
value: {
apiVersion: "apps/v1"
kind: "Deployment"
metadata: {
name: context.stepName
namespace: context.namespace
}
spec: {
selector: matchLabels: "workflow.oam.dev/step-name": "\(context.name)-\(context.stepName)"
template: {
metadata: labels: "workflow.oam.dev/step-name": "\(context.name)-\(context.stepName)"
spec: containers: [{
name: context.stepName
image: parameter.image
if parameter["cmd"] != _|_ {
command: parameter.cmd
}
}]
}
}
}
}
wait: op.#ConditionalWait & {
continue: output.value.status.readyReplicas == 1
}
parameter: {
image: string
cmd?: [...string]
}

91
charts/vela-minimal/templates/defwithtemplate/apply-terraform-config.yaml Normal file
View File

@@ -0,0 +1,91 @@
# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
# Definition source cue file: vela-templates/definitions/internal/apply-terraform-config.cue
apiVersion: core.oam.dev/v1beta1
kind: WorkflowStepDefinition
metadata:
annotations:
definition.oam.dev/alias: ""
definition.oam.dev/description: Apply terraform configuration in the step
definition.oam.dev/example-url: https://raw.githubusercontent.com/kubevela/workflow/main/examples/workflow-run/apply-terraform-resource.yaml
name: apply-terraform-config
namespace: {{ include "systemDefinitionNamespace" . }}
spec:
schematic:
cue:
template: |
import (
"vela/op"
)
apply: op.#Apply & {
value: {
apiVersion: "terraform.core.oam.dev/v1beta2"
kind: "Configuration"
metadata: {
name: "\(context.name)-\(context.stepName)"
namespace: context.namespace
}
spec: {
deleteResource: parameter.deleteResource
variable: parameter.variable
forceDelete: parameter.forceDelete
if parameter.source.path != _|_ {
path: parameter.source.path
}
if parameter.source.remote != _|_ {
remote: parameter.source.remote
}
if parameter.source.hcl != _|_ {
hcl: parameter.source.hcl
}
if parameter.providerRef != _|_ {
providerRef: parameter.providerRef
}
if parameter.jobEnv != _|_ {
jobEnv: parameter.jobEnv
}
if parameter.writeConnectionSecretToRef != _|_ {
writeConnectionSecretToRef: parameter.writeConnectionSecretToRef
}
if parameter.region != _|_ {
region: parameter.region
}
}
}
}
check: op.#ConditionalWait & {
continue: apply.value.status != _|_ && apply.value.status.apply != _|_ && apply.value.status.apply.state == "Available"
}
parameter: {
// +usage=specify the source of the terraform configuration
source: close({
// +usage=directly specify the hcl of the terraform configuration
hcl: string
}) | close({
// +usage=specify the remote url of the terraform configuration
remote: *"https://github.com/kubevela-contrib/terraform-modules.git" | string
// +usage=specify the path of the terraform configuration
path?: string
})
// +usage=whether to delete resource
deleteResource: *true | bool
// +usage=the variable in the configuration
variable: {...}
// +usage=this specifies the namespace and name of a secret to which any connection details for this managed resource should be written.
writeConnectionSecretToRef?: {
name: string
namespace: *context.namespace | string
}
// +usage=providerRef specifies the reference to Provider
providerRef?: {
name: string
namespace: *context.namespace | string
}
// +usage=region is cloud provider's region. It will override the region in the region field of providerRef
region?: string
// +usage=the envs for job
jobEnv?: {...}
// +usae=forceDelete will force delete Configuration no matter which state it is or whether it has provisioned some resources
forceDelete: *false | bool
}

144
charts/vela-minimal/templates/defwithtemplate/apply-terraform-provider.yaml Normal file
View File

@@ -0,0 +1,144 @@
# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
# Definition source cue file: vela-templates/definitions/internal/apply-terraform-provider.cue
apiVersion: core.oam.dev/v1beta1
kind: WorkflowStepDefinition
metadata:
annotations:
definition.oam.dev/alias: ""
definition.oam.dev/description: Apply terraform provider config
definition.oam.dev/example-url: https://raw.githubusercontent.com/kubevela/workflow/main/examples/workflow-run/apply-terraform-resource.yaml
name: apply-terraform-provider
namespace: {{ include "systemDefinitionNamespace" . }}
spec:
schematic:
cue:
template: |
import (
"vela/op"
"strings"
)
config: op.#CreateConfig & {
name: "\(context.name)-\(context.stepName)"
namespace: context.namespace
template: "terraform-\(parameter.type)"
config: {
name: parameter.name
if parameter.type == "alibaba" {
ALICLOUD_ACCESS_KEY: parameter.accessKey
ALICLOUD_SECRET_KEY: parameter.secretKey
ALICLOUD_REGION: parameter.region
}
if parameter.type == "aws" {
AWS_ACCESS_KEY_ID: parameter.accessKey
AWS_SECRET_ACCESS_KEY: parameter.secretKey
AWS_DEFAULT_REGION: parameter.region
AWS_SESSION_TOKEN: parameter.token
}
if parameter.type == "azure" {
ARM_CLIENT_ID: parameter.clientID
ARM_CLIENT_SECRET: parameter.clientSecret
ARM_SUBSCRIPTION_ID: parameter.subscriptionID
ARM_TENANT_ID: parameter.tenantID
}
if parameter.type == "baidu" {
BAIDUCLOUD_ACCESS_KEY: parameter.accessKey
BAIDUCLOUD_SECRET_KEY: parameter.secretKey
BAIDUCLOUD_REGION: parameter.region
}
if parameter.type == "ec" {
EC_API_KEY: parameter.apiKey
}
if parameter.type == "gcp" {
GOOGLE_CREDENTIALS: parameter.credentials
GOOGLE_REGION: parameter.region
GOOGLE_PROJECT: parameter.project
}
if parameter.type == "tencent" {
TENCENTCLOUD_SECRET_ID: parameter.secretID
TENCENTCLOUD_SECRET_KEY: parameter.secretKey
TENCENTCLOUD_REGION: parameter.region
}
if parameter.type == "ucloud" {
UCLOUD_PRIVATE_KEY: parameter.privateKey
UCLOUD_PUBLIC_KEY: parameter.publicKey
UCLOUD_PROJECT_ID: parameter.projectID
UCLOUD_REGION: parameter.region
}
}
}
read: op.#Read & {
value: {
apiVersion: "terraform.core.oam.dev/v1beta1"
kind: "Provider"
metadata: {
name: parameter.name
namespace: context.namespace
}
}
}
check: op.#ConditionalWait & {
if read.value.status != _|_ {
continue: read.value.status.state == "ready"
}
if read.value.status == _|_ {
continue: false
}
}
providerBasic: {
accessKey: string
secretKey: string
region: string
}
#AlibabaProvider: {
providerBasic
type: "alibaba"
name: *"alibaba-provider" | string
}
#AWSProvider: {
providerBasic
token: *"" | string
type: "aws"
name: *"aws-provider" | string
}
#AzureProvider: {
subscriptionID: string
tenantID: string
clientID: string
clientSecret: string
name: *"azure-provider" | string
}
#BaiduProvider: {
providerBasic
type: "baidu"
name: *"baidu-provider" | string
}
#ECProvider: {
type: "ec"
apiKey: *"" | string
name: "ec-provider" | string
}
#GCPProvider: {
credentials: string
region: string
project: string
type: "gcp"
name: *"gcp-provider" | string
}
#TencentProvider: {
secretID: string
secretKey: string
region: string
type: "tencent"
name: *"tencent-provider" | string
}
#UCloudProvider: {
publicKey: string
privateKey: string
projectID: string
region: string
type: "ucloud"
name: *"ucloud-provider" | string
}
parameter: *#AlibabaProvider | #AWSProvider | #AzureProvider | #BaiduProvider | #ECProvider | #GCPProvider | #TencentProvider | #UCloudProvider

125
charts/vela-minimal/templates/defwithtemplate/build-push-image.yaml Normal file
View File

@@ -0,0 +1,125 @@
# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
# Definition source cue file: vela-templates/definitions/internal/build-push-image.cue
apiVersion: core.oam.dev/v1beta1
kind: WorkflowStepDefinition
metadata:
annotations:
definition.oam.dev/alias: ""
definition.oam.dev/description: Build and push image from git url
definition.oam.dev/example-url: https://raw.githubusercontent.com/kubevela/workflow/main/examples/workflow-run/built-push-image.yaml
name: build-push-image
namespace: {{ include "systemDefinitionNamespace" . }}
spec:
schematic:
cue:
template: |
import (
"vela/op"
"encoding/json"
"strings"
)
url: strings.TrimPrefix(strings.TrimPrefix(parameter.git, "https://"), "http://")
kaniko: op.#Apply & {
value: {
apiVersion: "v1"
kind: "Pod"
metadata: {
name: "\(context.name)-\(context.stepSessionID)-kaniko"
namespace: context.namespace
}
spec: {
containers: [
{
args: [
"--dockerfile=\(parameter.dockerfile)",
"--context=git://\(url)#refs/heads/\(parameter.branch)",
"--destination=\(parameter.image)",
"--verbosity=\(parameter.verbosity)",
]
image: parameter.kanikoExecutor
name: "kaniko"
if parameter.credentials != _|_ && parameter.credentials.image != _|_ {
volumeMounts: [
{
mountPath: "/kaniko/.docker/"
name: parameter.credentials.image.name
},
]
}
if parameter.credentials != _|_ && parameter.credentials.git != _|_ {
env: [
{
name: "GIT_TOKEN"
valueFrom: secretKeyRef: {
key: parameter.credentials.git.key
name: parameter.credentials.git.name
}
},
]
}
},
]
if parameter.credentials != _|_ && parameter.credentials.image != _|_ {
volumes: [
{
name: parameter.credentials.image.name
secret: {
defaultMode: 420
items: [
{
key: parameter.credentials.image.key
path: "config.json"
},
]
secretName: parameter.credentials.image.name
}
},
]
}
restartPolicy: "Never"
}
}
}
log: op.#Log & {
source: resources: [{
name: "\(context.name)-\(context.stepSessionID)-kaniko"
namespace: context.namespace
}]
}
read: op.#Read & {
value: {
apiVersion: "v1"
kind: "Pod"
metadata: {
name: "\(context.name)-\(context.stepSessionID)-kaniko"
namespace: context.namespace
}
}
}
wait: op.#ConditionalWait & {
continue: read.value.status != _|_ && read.value.status.phase == "Succeeded"
}
#secret: {
name: string
key: string
}
parameter: {
kanikoExecutor: *"gcr.io/kaniko-project/executor:latest" | string
git: string
branch: *"master" | string
dockerfile: *"./Dockerfile" | string
image: string
credentials?: {
git?: {
name: string
key: string
}
image?: {
name: string
key: *".dockerconfigjson" | string
}
}
verbosity: *"info" | "panic" | "fatal" | "error" | "warn" | "debug" | "trace"
}

57
charts/vela-minimal/templates/defwithtemplate/clean-jobs.yaml Normal file
View File

@@ -0,0 +1,57 @@
# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
# Definition source cue file: vela-templates/definitions/internal/clean-jobs.cue
apiVersion: core.oam.dev/v1beta1
kind: WorkflowStepDefinition
metadata:
annotations:
definition.oam.dev/description: clean applied jobs in the cluster
name: clean-jobs
namespace: {{ include "systemDefinitionNamespace" . }}
spec:
schematic:
cue:
template: |
import (
"vela/op"
)
parameter: labelselector?: {...}
cleanJobs: op.#Delete & {
value: {
apiVersion: "batch/v1"
kind: "Job"
metadata: {
name: context.name
namespace: context.namespace
}
}
filter: {
namespace: context.namespace
if parameter.labelselector != _|_ {
matchingLabels: parameter.labelselector
}
if parameter.labelselector == _|_ {
matchingLabels: "workflow.oam.dev/name": context.name
}
}
}
cleanPods: op.#Delete & {
value: {
apiVersion: "v1"
kind: "pod"
metadata: {
name: context.name
namespace: context.namespace
}
}
filter: {
namespace: context.namespace
if parameter.labelselector != _|_ {
matchingLabels: parameter.labelselector
}
if parameter.labelselector == _|_ {
matchingLabels: "workflow.oam.dev/name": context.name
}
}
}

61
charts/vela-minimal/templates/defwithtemplate/export2secret.yaml
View File

@@ -15,27 +15,43 @@ spec:
template: |
import (
"vela/op"
"encoding/base64"
"encoding/json"
)
apply: op.#Apply & {
value: {
apiVersion: "v1"
kind: "Secret"
if parameter.type != _|_ {
type: parameter.type
secret: op.#Steps & {
data: *parameter.data | {}
if parameter.kind == "docker-registry" && parameter.dockerRegistry != _|_ {
registryData: auths: "\(parameter.dockerRegistry.server)": {
username: parameter.dockerRegistry.username
password: parameter.dockerRegistry.password
auth: base64.Encode(null, "\(parameter.dockerRegistry.username):\(parameter.dockerRegistry.password)")
}
metadata: {
name: parameter.secretName
if parameter.namespace != _|_ {
namespace: parameter.namespace
}
if parameter.namespace == _|_ {
namespace: context.namespace
}
}
stringData: parameter.data
data: ".dockerconfigjson": json.Marshal(registryData)
}
apply: op.#Apply & {
value: {
apiVersion: "v1"
kind: "Secret"
if parameter.type == _|_ && parameter.kind == "docker-registry" {
type: "kubernetes.io/dockerconfigjson"
}
if parameter.type != _|_ {
type: parameter.type
}
metadata: {
name: parameter.secretName
if parameter.namespace != _|_ {
namespace: parameter.namespace
}
if parameter.namespace == _|_ {
namespace: context.namespace
}
}
stringData: data
}
cluster: parameter.cluster
}
cluster: parameter.cluster
}
parameter: {
// +usage=Specify the name of the secret
@@ -48,5 +64,16 @@ spec:
data: {}
// +usage=Specify the cluster of the secret
cluster: *"" | string
// +usage=Specify the kind of the secret
kind: *"generic" | "docker-registry"
// +usage=Specify the docker data
dockerRegistry?: {
// +usage=Specify the username of the docker registry
username: string
// +usage=Specify the password of the docker registry
password: string
// +usage=Specify the server of the docker registry
server: *"https://index.docker.io/v1/" | string
}
}

47
charts/vela-minimal/templates/defwithtemplate/request.yaml Normal file
View File

@@ -0,0 +1,47 @@
# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
# Definition source cue file: vela-templates/definitions/internal/request.cue
apiVersion: core.oam.dev/v1beta1
kind: WorkflowStepDefinition
metadata:
annotations:
definition.oam.dev/alias: ""
definition.oam.dev/description: Send request to the url
definition.oam.dev/example-url: https://raw.githubusercontent.com/kubevela/workflow/main/examples/workflow-run/request.yaml
name: request
namespace: {{ include "systemDefinitionNamespace" . }}
spec:
schematic:
cue:
template: |
import (
"vela/op"
"encoding/json"
)
http: op.#HTTPDo & {
method: parameter.method
url: parameter.url
request: {
if parameter.body != _|_ {
body: json.Marshal(parameter.body)
}
if parameter.header != _|_ {
header: parameter.header
}
}
}
fail: op.#Steps & {
if http.response.statusCode > 400 {
requestFail: op.#Fail & {
message: "request of \(parameter.url) is fail: \(http.response.statusCode)"
}
}
}
response: json.Unmarshal(http.response.body)
parameter: {
url: string
method: *"GET" | "POST" | "PUT" | "DELETE"
body?: {...}
header?: [string]: string
}

130
charts/vela-minimal/templates/defwithtemplate/vela-cli.yaml Normal file
View File

@@ -0,0 +1,130 @@
# Code generated by KubeVela templates. DO NOT EDIT. Please edit the original cue file.
# Definition source cue file: vela-templates/definitions/internal/vela-cli.cue
apiVersion: core.oam.dev/v1beta1
kind: WorkflowStepDefinition
metadata:
annotations:
definition.oam.dev/description: Run a vela command
definition.oam.dev/example-url: https://raw.githubusercontent.com/kubevela/workflow/main/examples/workflow-run/apply-terraform-resource.yaml
name: vela-cli
namespace: {{ include "systemDefinitionNamespace" . }}
spec:
schematic:
cue:
template: |
import (
"vela/op"
)
mountsArray: [
if parameter.storage != _|_ && parameter.storage.secret != _|_ for v in parameter.storage.secret {
{
mountPath: v.mountPath
if v.subPath != _|_ {
subPath: v.subPath
}
name: v.name
}
},
]
volumesList: [
if parameter.storage != _|_ && parameter.storage.secret != _|_ for v in parameter.storage.secret {
{
name: v.name
secret: {
defaultMode: v.defaultMode
secretName: v.secretName
if v.items != _|_ {
items: v.items
}
}
}
},
]
deDupVolumesArray: [
for val in [
for i, vi in volumesList {
for j, vj in volumesList if j < i && vi.name == vj.name {
_ignore: true
}
vi
},
] if val._ignore == _|_ {
val
},
]
job: op.#Apply & {
value: {
apiVersion: "batch/v1"
kind: "Job"
metadata: {
name: "\(context.name)-\(context.stepName)-\(context.stepSessionID)"
if parameter.serviceAccountName == "kubevela-vela-core" {
namespace: "vela-system"
}
if parameter.serviceAccountName != "kubevela-vela-core" {
namespace: context.namespace
}
}
spec: {
backoffLimit: 3
template: {
labels: "workflow.oam.dev/step-name": "\(context.name)-\(context.stepName)"
spec: {
containers: [
{
name: "\(context.name)-\(context.stepName)-\(context.stepSessionID)-job"
image: parameter.image
command: parameter.command
volumeMounts: mountsArray
},
]
restartPolicy: "Never"
serviceAccount: parameter.serviceAccountName
volumes: deDupVolumesArray
}
}
}
}
}
log: op.#Log & {
source: resources: [{labelSelector: "workflow.oam.dev/step-name": "\(context.name)-\(context.stepName)"}]
}
fail: op.#Steps & {
if job.value.status.failed != _|_ {
if job.value.status.failed > 2 {
breakWorkflow: op.#Fail & {
message: "failed to execute vela command"
}
}
}
}
wait: op.#ConditionalWait & {
continue: job.value.status.succeeded != _|_ && job.value.status.succeeded > 0
}
parameter: {
// +usage=Specify the name of the addon.
addonName: string
// +usage=Specify the vela command
command: [...string]
// +usage=Specify the image
image: *"oamdev/vela-cli:v1.6.4" | string
// +usage=specify serviceAccountName want to use
serviceAccountName: *"kubevela-vela-core" | string
storage?: {
// +usage=Mount Secret type storage
secret?: [...{
name: string
mountPath: string
subPath?: string
defaultMode: *420 | int
secretName: string
items?: [...{
key: string
path: string
mode: *511 | int
}]
}]
}
}

24
references/docgen/def-doc/workflowstep/apply-deployment.eg.md Normal file
View File

@@ -0,0 +1,24 @@
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: apply-deploy
namespace: default
spec:
components:
- name: express-server
type: webservice
properties:
image: oamdev/hello-world
port: 8000
workflow:
steps:
- name: apply-comp
type: apply-component
properties:
component: express-server
- name: apply-deploy
type: apply-deployment
properties:
image: nginx
```

47
references/docgen/def-doc/workflowstep/apply-terraform-config.eg.md Normal file
View File

@@ -0,0 +1,47 @@
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: apply-terraform-resource
namespace: default
spec:
components: []
workflow:
steps:
- name: provider
type: apply-terraform-provider
properties:
type: alibaba
name: my-alibaba-provider
accessKey: <accessKey>
secretKey: <secretKey>
region: cn-hangzhou
- name: configuration
type: apply-terraform-config
properties:
source:
path: alibaba/cs/dedicated-kubernetes
remote: https://github.com/FogDong/terraform-modules
providerRef:
name: my-alibaba-provider
writeConnectionSecretToRef:
name: my-terraform-secret
namespace: vela-system
variable:
name: regular-check-ack
new_nat_gateway: true
vpc_name: "tf-k8s-vpc-regular-check"
vpc_cidr: "10.0.0.0/8"
vswitch_name_prefix: "tf-k8s-vsw-regualr-check"
vswitch_cidrs: [ "10.1.0.0/16", "10.2.0.0/16", "10.3.0.0/16" ]
k8s_name_prefix: "tf-k8s-regular-check"
k8s_version: 1.24.6-aliyun.1
k8s_pod_cidr: "192.168.5.0/24"
k8s_service_cidr: "192.168.2.0/24"
k8s_worker_number: 2
cpu_core_count: 4
memory_size: 8
tags:
created_by: "Terraform-of-KubeVela"
created_from: "module-tf-alicloud-ecs-instance"
```

19
references/docgen/def-doc/workflowstep/apply-terraform-provider.eg.md Normal file
View File

@@ -0,0 +1,19 @@
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: apply-terraform-provider
namespace: default
spec:
components: []
workflow:
steps:
- name: provider
type: apply-terraform-provider
properties:
type: alibaba
name: my-alibaba-provider
accessKey: <accessKey>
secretKey: <secretKey>
region: cn-hangzhou
```

47
references/docgen/def-doc/workflowstep/build-push-image.md Normal file
View File

@@ -0,0 +1,47 @@
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: build-push-image
namespace: default
spec:
components:
- name: my-web
type: webservice
properties:
image: fogdong/simple-web-demo:v1
ports:
- port: 80
expose: true
workflow:
steps:
- name: create-git-secret
type: export2secret
properties:
secretName: git-secret
data:
token: <git token>
- name: create-image-secret
type: export2secret
properties:
secretName: image-secret
kind: docker-registry
dockerRegistry:
username: <docker username>
password: <docker password>
- name: build-push
type: build-push-image
properties:
# use your kaniko executor image like below, if not set, it will use default image gcr.io/kaniko-project/executor:latest
# kanikoExecutor: oamdev/kaniko-executor:v1.9.1
git: https://github.com/FogDong/simple-web-demo
branch: main
image: fogdong/simple-web-demo:v1
credentials:
image:
name: image-secret
- name: apply-comp
type: apply-component
properties:
component: my-web
```

15
references/docgen/def-doc/workflowstep/clean-jobs.eg.md Normal file
View File

@@ -0,0 +1,15 @@
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: clean-jobs
namespace: default
spec:
components: []
workflow:
steps:
- name: clean-cli-jobs
type: clean-jobs
properties:
labelSelector:
"my-label": my-value

38
references/docgen/def-doc/workflowstep/request.eg.md Normal file
View File

@@ -0,0 +1,38 @@
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: request-http
namespace: default
spec:
components: []
workflow:
steps:
- name: request
type: request
properties:
url: https://api.github.com/repos/kubevela/workflow
outputs:
- name: stars
valueFrom: |
import "strconv"
"Current star count: " + strconv.FormatInt(response["stargazers_count"], 10)
- name: notification
type: notification
inputs:
- from: stars
parameterKey: slack.message.text
properties:
slack:
url:
value: <your slack url>
- name: failed-notification
type: notification
if: status.request.failed
properties:
slack:
url:
value: <your slack url>
message:
text: "Failed to request github"
```

17
references/docgen/def-doc/workflowstep/vela-cli.eg.md Normal file
View File

@@ -0,0 +1,17 @@
```yaml
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: vela-cli
namespace: default
spec:
components: []
workflow:
steps:
- name: list-app
type: vela-cli
properties:
command:
- vela
- ls
```

47
vela-templates/definitions/internal/workflowstep/apply-deployment.cue Normal file
View File

@@ -0,0 +1,47 @@
import (
"strconv"
"strings"
"vela/op"
)
"apply-deployment": {
alias: ""
annotations: {}
attributes: {}
description: "Apply deployment with specified image and cmd."
labels: {}
type: "workflow-step"
}
template: {
output: op.#Apply & {
value: {
apiVersion: "apps/v1"
kind: "Deployment"
metadata: {
name: context.stepName
namespace: context.namespace
}
spec: {
selector: matchLabels: "workflow.oam.dev/step-name": "\(context.name)-\(context.stepName)"
template: {
metadata: labels: "workflow.oam.dev/step-name": "\(context.name)-\(context.stepName)"
spec: containers: [{
name: context.stepName
image: parameter.image
if parameter["cmd"] != _|_ {
command: parameter.cmd
}
}]
}
}
}
}
wait: op.#ConditionalWait & {
continue: output.value.status.readyReplicas == 1
}
parameter: {
image: string
cmd?: [...string]
}
}

88
vela-templates/definitions/internal/workflowstep/apply-terraform-config.cue Normal file
View File

@@ -0,0 +1,88 @@
import (
"vela/op"
)
"apply-terraform-config": {
alias: ""
annotations: {
"definition.oam.dev/example-url": "https://raw.githubusercontent.com/kubevela/workflow/main/examples/workflow-run/apply-terraform-resource.yaml"
}
attributes: {}
description: "Apply terraform configuration in the step"
labels: {}
type: "workflow-step"
}
template: {
apply: op.#Apply & {
value: {
apiVersion: "terraform.core.oam.dev/v1beta2"
kind: "Configuration"
metadata: {
name: "\(context.name)-\(context.stepName)"
namespace: context.namespace
}
spec: {
deleteResource: parameter.deleteResource
variable: parameter.variable
forceDelete: parameter.forceDelete
if parameter.source.path != _|_ {
path: parameter.source.path
}
if parameter.source.remote != _|_ {
remote: parameter.source.remote
}
if parameter.source.hcl != _|_ {
hcl: parameter.source.hcl
}
if parameter.providerRef != _|_ {
providerRef: parameter.providerRef
}
if parameter.jobEnv != _|_ {
jobEnv: parameter.jobEnv
}
if parameter.writeConnectionSecretToRef != _|_ {
writeConnectionSecretToRef: parameter.writeConnectionSecretToRef
}
if parameter.region != _|_ {
region: parameter.region
}
}
}
}
check: op.#ConditionalWait & {
continue: apply.value.status != _|_ && apply.value.status.apply != _|_ && apply.value.status.apply.state == "Available"
}
parameter: {
// +usage=specify the source of the terraform configuration
source: close({
// +usage=directly specify the hcl of the terraform configuration
hcl: string
}) | close({
// +usage=specify the remote url of the terraform configuration
remote: *"https://github.com/kubevela-contrib/terraform-modules.git" | string
// +usage=specify the path of the terraform configuration
path?: string
})
// +usage=whether to delete resource
deleteResource: *true | bool
// +usage=the variable in the configuration
variable: {...}
// +usage=this specifies the namespace and name of a secret to which any connection details for this managed resource should be written.
writeConnectionSecretToRef?: {
name: string
namespace: *context.namespace | string
}
// +usage=providerRef specifies the reference to Provider
providerRef?: {
name: string
namespace: *context.namespace | string
}
// +usage=region is cloud provider's region. It will override the region in the region field of providerRef
region?: string
// +usage=the envs for job
jobEnv?: {...}
// +usae=forceDelete will force delete Configuration no matter which state it is or whether it has provisioned some resources
forceDelete: *false | bool
}
}

141
vela-templates/definitions/internal/workflowstep/apply-terraform-provider.cue Normal file
View File

@@ -0,0 +1,141 @@
import (
"vela/op"
"strings"
)
"apply-terraform-provider": {
alias: ""
annotations: {
"definition.oam.dev/example-url": "https://raw.githubusercontent.com/kubevela/workflow/main/examples/workflow-run/apply-terraform-resource.yaml"
}
attributes: {}
description: "Apply terraform provider config"
labels: {}
type: "workflow-step"
}
template: {
config: op.#CreateConfig & {
name: "\(context.name)-\(context.stepName)"
namespace: context.namespace
template: "terraform-\(parameter.type)"
config: {
name: parameter.name
if parameter.type == "alibaba" {
ALICLOUD_ACCESS_KEY: parameter.accessKey
ALICLOUD_SECRET_KEY: parameter.secretKey
ALICLOUD_REGION: parameter.region
}
if parameter.type == "aws" {
AWS_ACCESS_KEY_ID: parameter.accessKey
AWS_SECRET_ACCESS_KEY: parameter.secretKey
AWS_DEFAULT_REGION: parameter.region
AWS_SESSION_TOKEN: parameter.token
}
if parameter.type == "azure" {
ARM_CLIENT_ID: parameter.clientID
ARM_CLIENT_SECRET: parameter.clientSecret
ARM_SUBSCRIPTION_ID: parameter.subscriptionID
ARM_TENANT_ID: parameter.tenantID
}
if parameter.type == "baidu" {
BAIDUCLOUD_ACCESS_KEY: parameter.accessKey
BAIDUCLOUD_SECRET_KEY: parameter.secretKey
BAIDUCLOUD_REGION: parameter.region
}
if parameter.type == "ec" {
EC_API_KEY: parameter.apiKey
}
if parameter.type == "gcp" {
GOOGLE_CREDENTIALS: parameter.credentials
GOOGLE_REGION: parameter.region
GOOGLE_PROJECT: parameter.project
}
if parameter.type == "tencent" {
TENCENTCLOUD_SECRET_ID: parameter.secretID
TENCENTCLOUD_SECRET_KEY: parameter.secretKey
TENCENTCLOUD_REGION: parameter.region
}
if parameter.type == "ucloud" {
UCLOUD_PRIVATE_KEY: parameter.privateKey
UCLOUD_PUBLIC_KEY: parameter.publicKey
UCLOUD_PROJECT_ID: parameter.projectID
UCLOUD_REGION: parameter.region
}
}
}
read: op.#Read & {
value: {
apiVersion: "terraform.core.oam.dev/v1beta1"
kind: "Provider"
metadata: {
name: parameter.name
namespace: context.namespace
}
}
}
check: op.#ConditionalWait & {
if read.value.status != _|_ {
continue: read.value.status.state == "ready"
}
if read.value.status == _|_ {
continue: false
}
}
providerBasic: {
accessKey: string
secretKey: string
region: string
}
#AlibabaProvider: {
providerBasic
type: "alibaba"
name: *"alibaba-provider" | string
}
#AWSProvider: {
providerBasic
token: *"" | string
type: "aws"
name: *"aws-provider" | string
}
#AzureProvider: {
subscriptionID: string
tenantID: string
clientID: string
clientSecret: string
name: *"azure-provider" | string
}
#BaiduProvider: {
providerBasic
type: "baidu"
name: *"baidu-provider" | string
}
#ECProvider: {
type: "ec"
apiKey: *"" | string
name: "ec-provider" | string
}
#GCPProvider: {
credentials: string
region: string
project: string
type: "gcp"
name: *"gcp-provider" | string
}
#TencentProvider: {
secretID: string
secretKey: string
region: string
type: "tencent"
name: *"tencent-provider" | string
}
#UCloudProvider: {
publicKey: string
privateKey: string
projectID: string
region: string
type: "ucloud"
name: *"ucloud-provider" | string
}
parameter: *#AlibabaProvider | #AWSProvider | #AzureProvider | #BaiduProvider | #ECProvider | #GCPProvider | #TencentProvider | #UCloudProvider
}

126
vela-templates/definitions/internal/workflowstep/build-push-image.cue Normal file
View File

@@ -0,0 +1,126 @@
import (
"vela/op"
"encoding/json"
"strings"
)
"build-push-image": {
alias: ""
annotations: {
"definition.oam.dev/example-url": "https://raw.githubusercontent.com/kubevela/workflow/main/examples/workflow-run/built-push-image.yaml"
}
attributes: {}
description: "Build and push image from git url"
labels: {}
type: "workflow-step"
}
template: {
url: strings.TrimPrefix(strings.TrimPrefix(parameter.git, "https://"), "http://")
kaniko: op.#Apply & {
value: {
apiVersion: "v1"
kind: "Pod"
metadata: {
name: "\(context.name)-\(context.stepSessionID)-kaniko"
namespace: context.namespace
}
spec: {
containers: [
{
args: [
"--dockerfile=\(parameter.dockerfile)",
"--context=git://\(url)#refs/heads/\(parameter.branch)",
"--destination=\(parameter.image)",
"--verbosity=\(parameter.verbosity)",
]
image: parameter.kanikoExecutor
name: "kaniko"
if parameter.credentials != _|_ && parameter.credentials.image != _|_ {
volumeMounts: [
{
mountPath: "/kaniko/.docker/"
name: parameter.credentials.image.name
},
]
}
if parameter.credentials != _|_ && parameter.credentials.git != _|_ {
env: [
{
name: "GIT_TOKEN"
valueFrom: {
secretKeyRef: {
key: parameter.credentials.git.key
name: parameter.credentials.git.name
}
}
},
]
}
},
]
if parameter.credentials != _|_ && parameter.credentials.image != _|_ {
volumes: [
{
name: parameter.credentials.image.name
secret: {
defaultMode: 420
items: [
{
key: parameter.credentials.image.key
path: "config.json"
},
]
secretName: parameter.credentials.image.name
}
},
]
}
restartPolicy: "Never"
}
}
}
log: op.#Log & {
source: {
resources: [{
name: "\(context.name)-\(context.stepSessionID)-kaniko"
namespace: context.namespace
}]
}
}
read: op.#Read & {
value: {
apiVersion: "v1"
kind: "Pod"
metadata: {
name: "\(context.name)-\(context.stepSessionID)-kaniko"
namespace: context.namespace
}
}
}
wait: op.#ConditionalWait & {
continue: read.value.status != _|_ && read.value.status.phase == "Succeeded"
}
#secret: {
name: string
key: string
}
parameter: {
kanikoExecutor: *"gcr.io/kaniko-project/executor:latest" | string
git: string
branch: *"master" | string
dockerfile: *"./Dockerfile" | string
image: string
credentials?: {
git?: {
name: string
key: string
}
image?: {
name: string
key: *".dockerconfigjson" | string
}
}
verbosity: *"info" | "panic" | "fatal" | "error" | "warn" | "debug" | "trace"
}
}

60
vela-templates/definitions/internal/workflowstep/clean-jobs.cue Normal file
View File

@@ -0,0 +1,60 @@
import (
"vela/op"
)
"clean-jobs": {
type: "workflow-step"
annotations: {}
labels: {}
description: "clean applied jobs in the cluster"
}
template: {
parameter: {
labelselector?: {...}
}
cleanJobs: op.#Delete & {
value: {
apiVersion: "batch/v1"
kind: "Job"
metadata: {
name: context.name
namespace: context.namespace
}
}
filter: {
namespace: context.namespace
if parameter.labelselector != _|_ {
matchingLabels: parameter.labelselector
}
if parameter.labelselector == _|_ {
matchingLabels: {
"workflow.oam.dev/name": context.name
}
}
}
}
cleanPods: op.#Delete & {
value: {
apiVersion: "v1"
kind: "pod"
metadata: {
name: context.name
namespace: context.namespace
}
}
filter: {
namespace: context.namespace
if parameter.labelselector != _|_ {
matchingLabels: parameter.labelselector
}
if parameter.labelselector == _|_ {
matchingLabels: {
"workflow.oam.dev/name": context.name
}
}
}
}
}

65
vela-templates/definitions/internal/workflowstep/export2secret.cue
View File

@@ -1,5 +1,7 @@
import (
"vela/op"
"encoding/base64"
"encoding/json"
)
"export2secret": {
@@ -11,25 +13,45 @@ import (
description: "Export data to Kubernetes Secret in your workflow."
}
template: {
apply: op.#Apply & {
value: {
apiVersion: "v1"
kind: "Secret"
if parameter.type != _|_ {
type: parameter.type
}
metadata: {
name: parameter.secretName
if parameter.namespace != _|_ {
namespace: parameter.namespace
}
if parameter.namespace == _|_ {
namespace: context.namespace
secret: op.#Steps & {
data: *parameter.data | {}
if parameter.kind == "docker-registry" && parameter.dockerRegistry != _|_ {
registryData: {
auths: {
"\(parameter.dockerRegistry.server)": {
username: parameter.dockerRegistry.username
password: parameter.dockerRegistry.password
auth: base64.Encode(null, "\(parameter.dockerRegistry.username):\(parameter.dockerRegistry.password)")
}
}
}
stringData: parameter.data
data: {
".dockerconfigjson": json.Marshal(registryData)
}
}
apply: op.#Apply & {
value: {
apiVersion: "v1"
kind: "Secret"
if parameter.type == _|_ && parameter.kind == "docker-registry" {
type: "kubernetes.io/dockerconfigjson"
}
if parameter.type != _|_ {
type: parameter.type
}
metadata: {
name: parameter.secretName
if parameter.namespace != _|_ {
namespace: parameter.namespace
}
if parameter.namespace == _|_ {
namespace: context.namespace
}
}
stringData: data
}
cluster: parameter.cluster
}
cluster: parameter.cluster
}
parameter: {
// +usage=Specify the name of the secret
@@ -42,5 +64,16 @@ template: {
data: {}
// +usage=Specify the cluster of the secret
cluster: *"" | string
// +usage=Specify the kind of the secret
kind: *"generic" | "docker-registry"
// +usage=Specify the docker data
dockerRegistry?: {
// +usage=Specify the username of the docker registry
username: string
// +usage=Specify the password of the docker registry
password: string
// +usage=Specify the server of the docker registry
server: *"https://index.docker.io/v1/" | string
}
}
}

44
vela-templates/definitions/internal/workflowstep/request.cue Normal file
View File

@@ -0,0 +1,44 @@
import (
"vela/op"
"encoding/json"
)
request: {
alias: ""
annotations: {
"definition.oam.dev/example-url": "https://raw.githubusercontent.com/kubevela/workflow/main/examples/workflow-run/request.yaml"
}
attributes: {}
description: "Send request to the url"
labels: {}
type: "workflow-step"
}
template: {
http: op.#HTTPDo & {
method: parameter.method
url: parameter.url
request: {
if parameter.body != _|_ {
body: json.Marshal(parameter.body)
}
if parameter.header != _|_ {
header: parameter.header
}
}
}
fail: op.#Steps & {
if http.response.statusCode > 400 {
requestFail: op.#Fail & {
message: "request of \(parameter.url) is fail: \(http.response.statusCode)"
}
}
}
response: json.Unmarshal(http.response.body)
parameter: {
url: string
method: *"GET" | "POST" | "PUT" | "DELETE"
body?: {...}
header?: [string]: string
}
}

137
vela-templates/definitions/internal/workflowstep/vela-cli.cue Normal file
View File

@@ -0,0 +1,137 @@
import (
"vela/op"
)
"vela-cli": {
type: "workflow-step"
annotations: {
"definition.oam.dev/example-url": "https://raw.githubusercontent.com/kubevela/workflow/main/examples/workflow-run/apply-terraform-resource.yaml"
}
description: "Run a vela command"
}
template: {
mountsArray: [
if parameter.storage != _|_ && parameter.storage.secret != _|_ for v in parameter.storage.secret {
{
mountPath: v.mountPath
if v.subPath != _|_ {
subPath: v.subPath
}
name: v.name
}
},
]
volumesList: [
if parameter.storage != _|_ && parameter.storage.secret != _|_ for v in parameter.storage.secret {
{
name: v.name
secret: {
defaultMode: v.defaultMode
secretName: v.secretName
if v.items != _|_ {
items: v.items
}
}
}
},
]
deDupVolumesArray: [
for val in [
for i, vi in volumesList {
for j, vj in volumesList if j < i && vi.name == vj.name {
_ignore: true
}
vi
},
] if val._ignore == _|_ {
val
},
]
job: op.#Apply & {
value: {
apiVersion: "batch/v1"
kind: "Job"
metadata: {
name: "\(context.name)-\(context.stepName)-\(context.stepSessionID)"
if parameter.serviceAccountName == "kubevela-vela-core" {
namespace: "vela-system"
}
if parameter.serviceAccountName != "kubevela-vela-core" {
namespace: context.namespace
}
}
spec: {
backoffLimit: 3
template: {
labels: {
"workflow.oam.dev/step-name": "\(context.name)-\(context.stepName)"
}
spec: {
containers: [
{
name: "\(context.name)-\(context.stepName)-\(context.stepSessionID)-job"
image: parameter.image
command: parameter.command
volumeMounts: mountsArray
},
]
restartPolicy: "Never"
serviceAccount: parameter.serviceAccountName
volumes: deDupVolumesArray
}
}
}
}
}
log: op.#Log & {
source: {
resources: [{labelSelector: {
"workflow.oam.dev/step-name": "\(context.name)-\(context.stepName)"
}}]
}
}
fail: op.#Steps & {
if job.value.status.failed != _|_ {
if job.value.status.failed > 2 {
breakWorkflow: op.#Fail & {
message: "failed to execute vela command"
}
}
}
}
wait: op.#ConditionalWait & {
continue: job.value.status.succeeded != _|_ && job.value.status.succeeded > 0
}
parameter: {
// +usage=Specify the name of the addon.
addonName: string
// +usage=Specify the vela command
command: [...string]
// +usage=Specify the image
image: *"oamdev/vela-cli:v1.6.4" | string
// +usage=specify serviceAccountName want to use
serviceAccountName: *"kubevela-vela-core" | string
storage?: {
// +usage=Mount Secret type storage
secret?: [...{
name: string
mountPath: string
subPath?: string
defaultMode: *420 | int
secretName: string
items?: [...{
key: string
path: string
mode: *511 | int
}]
}]
}
}
}