Skip to content

breaking: upgrade to zero 0.1.0 #194

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
davidcheung merged 2 commits into from
Mar 29, 2021
Merged

breaking: upgrade to zero 0.1.0 #194

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
5a77988
breaking: upgrade to zero 0.1.0
davidcheung Mar 25, 2021
85ba5b3
fixup! breaking: upgrade to zero 0.1.0
davidcheung Mar 29, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
breaking: upgrade to zero 0.1.0 
this change uses the new zero version which removed global credential
file, and moved all the credentials to the zero-project.yml
zero-project.yml becomes the single source of truth for create/apply

Other notable changes include:
- module parameters conditions
- module parameter custom type
- zeroVersion requirement: error out upon incompatible zero version
  • Loading branch information
@davidcheung
davidcheung committed Mar 26, 2021
commit 5a77988abf81a3597907e8495aff991cda223154
84 changes: 66 additions & 18 deletions zero-module.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
name: zero-aws-eks-stack
description: 'zero module for an AWS kubernetes stack on EKS'
author: 'Commit'
zeroVersion: '>= 0.1.0'

template:
strictMode: true
Expand All @@ -15,12 +16,42 @@ requiredCredentials:
- github

parameters:
- field: useExistingAwsProfile
label: "Use credentials from an existing AWS profile?"
options:
"yes": "Yes"
"no": "No"
omitFromProjectFile: yes
- field: profilePicker
omitFromProjectFile: yes
type: AWSProfilePicker
conditions:
- action: KeyMatchCondition
whenValue: "yes"
matchField: useExistingAwsProfile
- field: accessKeyId
label: AWS AccessKeyId
envVarName: "AWS_ACCESS_KEY_ID"
conditions:
- action: KeyMatchCondition
whenValue: "no"
matchField: useExistingAwsProfile
- field: secretAccessKey
envVarName: "AWS_SECRET_ACCESS_KEY"
label: AWS SecretAccessKey
conditions:
- action: KeyMatchCondition
whenValue: "no"
matchField: useExistingAwsProfile
- field: githubAccessToken
label: "Github API Key to setup your repository and optionally CI/CD"
envVarName: GITHUB_ACCESS_TOKEN
- field: region
label: Select AWS Region
options:
- "us-west-2"
- "us-east-1"
- "us-east-2"
"us-west-2": "us-west-2"
"us-east-1": "us-east-1"
"us-east-2": "us-east-2"
- field: productionHostRoot
label: Production Root Host Name (e.g. mydomain.com) - this must be the root of the chosen domain, not a subdomain.
fieldValidation:
Expand Down Expand Up @@ -61,40 +92,57 @@ parameters:
type: regex
value: '^([a-z0-9]+(-[a-z0-9]+)*\.)$'
errorMessage: Invalid subdomain (cannot contain special chars & must end with a '.')
- field: CIVendor
label: Using either circleCI or github Actions to build / test your repository
default: "circleci"
options:
"circleci": "CircleCi"
"github-actions": "Github Actions"
- field: circleciApiKey
label: "Circle CI API Key to setup your CI/CD for repositories"
envVarName: CIRCLECI_API_KEY
conditions:
- action: KeyMatchCondition
matchField: CIVendor
whenValue: "circleci"
- field: database
label: Database engine to use (postgres)
options:
- "postgres"
- "mysql"
"postgres": "PostgreSQL"
"mysql": "MySQL"
- field: cacheStore
label: "Cache store to use (default: no cache)"
options:
- "none"
- "redis"
- "memcached"
"none": "none"
"redis": "Redis"
"memcached": "Memcached"
- field: loggingType
label: Application logging to configure. Cloudwatch is cheaper with a more limited feature set. Elasticsearch + Kibana will set up more infrastructure but enable a much richer logging search and visualization experience.
options:
- "cloudwatch"
- "kibana"
"cloudwatch": "AWS CloudWatch"
"kibana": "Kibana"
- field: metricsType
label: Additional application metrics method to configure. Metrics are available through CloudWatch, but choosing prometheus will install Prometheus and Grafana, for a richer metrics experience. No additional infrastructure is required, but a number of prometheus pods will need to exist in the cluster, utilizing some resources.
options:
- "none"
- "prometheus"
"none": "none"
"prometheus": "Prometheus"
- field: notificationServiceEnabled
label: "Install the Zero Notification Service in your cluster?"
info: Provides easy notification capability through email, slack, etc. - https://github.com/commitdev/zero-notification-service
default: yes
options:
- "yes"
- "no"
"yes": "Yes"
"no": "No"
- field: sendgridApiKey
label: "API key to setup email integration (optional: leave blank to opt-out of Sendgrid setup)"
info: Signup at https://signup.sendgrid.com or create an API key at https://app.sendgrid.com/settings/api_keys - Sendgrid is an email delivery service enabling transactional email sending and more.
- field: notificationServiceSlackApiKey
label: "API key of your Slack bot if you want to use Slack with the Zero Notification Service. Leave blank if not applicable."
info: See https://slack.com/intl/en-ca/help/articles/215770388-Create-and-regenerate-API-tokens
conditions:
- action: KeyMatchCondition
whenValue: "yes"
matchField: notificationServiceEnabled
- field: accountId
label: AWS Account ID
execute: aws sts get-caller-identity --query "Account" | tr -d '"'
Expand All @@ -108,11 +156,11 @@ parameters:
label: Enable file uploads using S3 and Cloudfront signed URLs? (Will require manual creation of a Cloudfront keypair in AWS)
default: yes
options:
- "yes"
- "no"
"yes": "Yes"
"no": "No"
- field: userAuth
label: Enable user management using Kratos and authentication using the Oathkeeper access proxy?
default: yes
options:
- "yes"
- "no"
"yes": "Yes"
"no": "No"