crossplane-contrib / function-kcl Goto Github PK
View Code? Open in Web Editor NEWCrossplane Composition Functions using KCL Programming Language
License: Apache License 2.0
Crossplane Composition Functions using KCL Programming Language
License: Apache License 2.0
I'm wondering if a KCL Crossplane Provider would be beneficial as well, similar to the Helm provider [https://marketplace.upbound.io/providers/crossplane-contrib/provider-helm/v0.18.1]. This would allow more direct access to Kubernetes resources such as Secrets which would be useful for pull secrets to access KCL modules that exists in OCI registries, Git, etc.
I think the KCL Function is great and I believe if there was a KCL Provider to accompany it in order to leverage external KCL modules, it would for sure be a very powerful combination.
I'm not sure how to extract data from a specific composed resource by using kind
and metadata.name
. I'm guessing that it should be inside ocds
but I'm not sure what the structure of it is. Is there an example I could use?
P.S. I apologize if this is already explained in one of the examples (and I missed it).
Hey ๐
Thanks for the interesting function!
Looks like there are no published function, which I can try? Not sure if that's docker image problem or my local machine setup. And I'm not sure how to list versions available.
So I'm trying to run examples/resources/loop
with functions.yaml
changed to:
apiVersion: pkg.crossplane.io/v1beta1
kind: Function
metadata:
name: kcl-function
spec:
package: kcllang/crossplane-kcl
which IIUC should run function in docker image, pulled from somewhere? ๐ค
but all I get is:
โ loop git:(main) make run
crossplane beta render xr.yaml composition.yaml functions.yaml -r
crossplane: error: cannot render composite resource: cannot start Function "kcl-function": cannot start Docker container: Error response from daemon: unable to find user nonroot: no matching entries in passwd file
I'm running on arm64 macos with docker desktop
Thanks!
In the Crossplane Marketplace one can find the KCLInput
.template.fn.crossplane.io/v1beta1
specification (here).
However, all the provided examples here use KCLRun
.krm.kcl.dev/v1alpha1
.
Both CRDs have not the same spec (For instance, you cannot set target: Default
in KCLInput
), so I was wondering:
Thanks!
When applying multiple claims to a cluster using a single manifest file (using "---" separator between claims) Crossplane initially reports the following error when describing most of the composites:
"Message: cannot compose resources: cannot run Composition pipeline step "normal": cannot run Function "kcl-function": rpc error: code = DeadlineExceeded desc = context deadline exceeded"
Eventually all composites are reconciled correctly but it would appear like the function cannot handle concurrent execution perhaps? This has the effect of degrading the performance of reconciling many resources at once.
NOTE: Applying each claim separately and waiting for a result works without the error occurring.
Create a composite and apply several claims in one go. Observe each of the composites to see the error message.
Function version: v0.4.0
Crossplane: v1.15.0
Client Version: v1.29.1
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
Server Version: v1.28.0
While trying to create / update a DatabaseInstance.sql.gcp.upbound.io
with database flags e.g.
items = [
{
apiVersion: "sql.gcp.upbound.io/v1beta1"
kind: "DatabaseInstance"
spec: {
forProvider: {
project: "test-project"
settings: [
{
databaseFlags: [
{
name: "log_checkpoints"
value: "on"
}
]
}
]
}
}
}
]
The update / create fails with:
defined/compositeresourcedefinition.apiextensions.crossplane.io cannot compose resources: cannot apply composed resource "alir-test-crossplane-db-instance": failed to create typed patch object (/alir-test-crossplane-db-instance; sql.gcp.upbound.io/v1beta1, Kind=DatabaseInstance): errors:
.spec.forProvider.settings[0].databaseFlags[0].value: expected string, got &value.valueUnstructured{Value:true}
This does not happen without function-kcl.
I saw a similar issue reported here maybe it is related: crossplane-contrib/provider-upjet-aws#1261
Function version: latest
Function revision: kcl-function-011644505e8f
Cloud: GCP
Crossplane version: 1.15.2
I want to provide values to custom composition resource status fields, similar to how patch and transform do it using ToCompositeFieldPath. I am defining extra properties on my CompositeResourceDefinition's status property and attempting to set the property value using the below code:
_dxr = option("params").dxr
_dxr.status.myExtraProp = "sample"
However, the function fails to compile complaining of an UndefinedType:
Message: cannot compose resources: pipeline step "normal" returned a fatal result: failed to run kcl function pipelines: failed to compile the kcl package
EvaluationError
failed to update the dict. An iterable of key-value pairs was expected, but got UndefinedType. Check if the syntax for updating the dictionary with the attribute 'myExtraProp' is correct
Define a custom status property called myprop
in xrd and attempt to set its value on dxr.status.myprop
.
Function version: xpkg.upbound.io/crossplane-contrib/function-kcl:v0.3.4
Looking at my datadog metrics, it seems to be consuming 5GB of ram at all times (using, not requested), this is more than any of my very heavily used crossplane providers (most of which use less than 1GB of ram. Is there anything that can be done to reduce memory consumption? I'm only syncing one composition with this currently so it's very lightly used.
Attempting to use crossplane beta render
on windows to render out a kcl package from a local docker registry:2 that has no ssl enabled.
I've tried using a relative and absolute file path to my module's main.k file but I'm always informed of "no such file or directory" so I have no idea of the required path format (for windows) or what the file path is relative to. That would be a separate issue to this.
If I use oci://
scheme, the kcl function expects to pull the package using https even though I have explicitly set "DefaultOciPlainHttp":true
in my local kpm.json file.
I can push my package to the registry using kcl mod push oci://localhost:7900/my-composition-kcl
no problem.
If in the KCLRun I use a source oci://host.docker.internal:7900/my-composition-kcl:0.0.1
I get the following error reported back from the crossplane beta render
:
crossplane: error: cannot render composite resource: pipeline step "normal" returned a fatal result: failed to run kcl function pipelines: failed to select latest version from 'host.docker.internal:7900/my-composition-kcl:0.0.1'
Get "https://host.docker.internal:7900/v2/my-composition-kcl/tags/list": http: server gave HTTP response to HTTPS client
Could we allow the KCLRun to use the local oci registry settings, specifically DefaultOciPlainHttp
to use http instead of https for download?
Allow me to continue to use a non-SSL local registry
I currently have a composition whereby function-patch-and-transform
creates a DB Cluster. I then pass this to an instantiation of function-kcl
with target: PatchDesired
to further patch the cluster with more dynamic properties before handing it back to be created.
This then results in the following condition on the XR:
Conditions:
Last Transition Time: 2024-06-09T14:07:16Z
Message: cannot compose resources: pipeline step "function-kcl-patch-cluster" returned a fatal result: cannot process xr and state with the pipeline output in *v1beta1.RunFunctionResponse: failed to match all resources, found 0 / 1 patches
Reason: ReconcileError
Status: False
Type: Synced
It would appear that this is related to the following revert commit but in reality I think both sides of the diff were wrong: 1faa314
Reading through this, the call resource.Name(d.GetName())
retrieves the metadata.name
from the unstructured object and converts that to resouce.Name
but this relies on metadata.name
being set, and matching exactly the resource name in desired-composed.
This is invalid as the resource name often has no reference to metadata.name
which may, or may not be set
A better behaviour was almost there on the left hand side of the diff which relied on the annotation, and if not found, fell back to GVK+Name.
A closer matching would potentially look something like this, allowing the fallback to metadata.name
if the AnnotationKeyCompositionResourceName
is not set.
func getName(o *unstructured.Unstructured) resource.Name {
name, found := o.GetAnnotations()[AnnotationKeyCompositionResourceName]
if !found {
name = o.GetName()
}
return resource.Name(name)
}
This, (I think) would allow the desired resource to be targeted as follows:
_dcds = option("params").dcds
_prePatchCluster = _dcds["rds-cluster"]
_cluster {
**_prePatchCluster
**{
metadata = {
annotations = {
"krm.kcl.dev/composition-resource-name" = "rds-cluster"
}
}
spec = {
forProvider = {
# dynamic patching
}
}
}
}
A better option might be to have getName
return an error if the annotation is not found rather than falling back to unstructured.Unstructured.GetName()
, this is how function patch-and-transform
appears to handle it
Function version: 0.9.0
localstack
I've got a pipeline that creates resources, but I need to bubble status back up to the XR.
Is there an example of how to accomplish basically an ToCompositeFieldPath patch back to the XR using this function or with some other function?
The patch and transform function needs to know the name of the resource and that's not really deterministic.
Currently, in this function the metadata.name
is a single entry point and identifier that is getting automatically propagated to crossplane.io/composition-resource-name
and crossplane.io/external-name
annotations.
That is convenient but frequently undesired behavior.
The situations where it is required for them to have different values:
metada.name
across different resource kinds. Currently if I try to do it with function-kcl the resources with the same metada.name
are getting overrides by the last one, because the same crossplane.io/composition-resource-name
is getting set automatically. providerConfigTypes = ["helm", "kubernetes"]
providerConfigs = [{
apiVersion = "{}.crossplane.io/v1alpha1".format(t)
kind = "ProviderConfig"
metadata.name = id
metadata.annotations = {
"krm.kcl.dev/ready": "True"
}
spec.credentials = {
secretRef = {
name = "{}-ekscluster".format(uid)
namespace = connectionSecretNamespace
key = "kubeconfig"
}
source = "Secret"
}
} for t in providerConfigTypes]
Only last kubernetes
ProviderConfig is getting rendered in this case
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: ProviderConfig
metadata:
annotations:
crossplane.io/composition-resource-name: configuration-aws-eks
because the function is setting identical crossplane.io/composition-resource-name
annotation
crossplane.io/external-name
different from metadata.name
due to MR identifier specifics. It is requirement when the external resource identifier is not compliant with RFC 1123.apiVersion: apigatewayv2.aws.upbound.io/v1beta1
kind: DomainName
metadata:
annotations:
crossplane.io/external-name: example-email.upbound-providers.io
name: example
spec:
forProvider:
...
In this case metada.name
!= crossplane.io/external-name
and it is mandatory.
It is relatively frequent case when we need to override external-name.
Respect when user sets custom values like
metadata.annotations = {
"crossplane.io/composition-resource-name" = "custom-composition-name"
"crossplane.io/external-name" = "custom-external-name"
}
Currently they are getting overridden by metadata.name
value and it breaks the desired behavior
Status:
Conditions:
Last Transition Time: 2024-04-16T16:50:32Z
Message: cannot compose resources: pipeline step "kcl" returned a fatal result: failed to run kcl function pipelines: Permission denied (os error 13)
Reason: ReconcileError
Status: False
Type: Synced
Warning ComposeResources 7s (x5 over 17s) defined/compositeresourcedefinition.apiextensions.crossplane.io cannot compose resources: pipeline step "kcl" returned a fatal result: failed to run kcl function pipelines: Permission denied (os error 13)
k -n upbound-system logs -f deploy/crossplane-contrib-function-kcl-b6e7ced47cd4
2024/04/16 16:44:51 kclvm.go:41: [WARN] install kclvm failed: mkdir /go: permission denied
2024/04/16 16:44:51 kclvm.go:53: [WARN] install kclvm failed: open /go/init.lock: no such file or directory
2024/04/16 16:44:51 kclvm.go:58: [WARN] install kclvm failed: mkdir /go: permission denied
{"level":"info","ts":1713285921.3011003,"caller":"fn/fn.go:32","msg":"Running Function","tag":""}
{"level":"info","ts":1713285921.402543,"caller":"fn/fn.go:32","msg":"Running Function","tag":""}
Run basic kcl example e2e with XR and Composition (not crossplane beta render
but the full XR instantiation )
Function version: xpkg.upbound.io/crossplane-contrib/function-kcl:v0.5.2
The function works as expected with the previous release of v0.5.1
It would be really helpful if the function supported function pipeline context.
This function-environment-configs writes the EnvironmentConfig in the context which is not usable in this function atm.
I would like to use EnvironmentConfigs to have a common config per 'environment'.
I'm writing KCL code to create Azure resources using the KCL crossplane function as part of a composition. I need to supply some of one resource's "atProvider" data to another resource's "forProvider" data.
In the past this would be achieved by using a patch with the patch and transform function but I would prefer to keep this encapsulated within the KCL code if possible.
Should I use the option("params").ocds
some how to access the named resource and obtain its atProvider
data? If so, can you provide an example of accessing a a resource this way. Please also let me know if this is not the preferred way of doing this.
I don't see the option to write back to the Composite resource. According to https://github.com/crossplane-contrib/function-kcl?tab=readme-ov-file#guides-for-developing-kcl option
can be used only to read, not to write.
Add a feature equivalent to the ToCompositeFieldPath
Patch and Transform type
. An example:
- type: ToCompositeFieldPath
fromFieldPath: spec.forProvider.manifest.spec.rules[0].host
toFieldPath: status.host
I am developing a composite using KCL function code to create resources needed for an Azure workload identity, namely a UserAssignedIdentity, a FederatedIdentityCredential and a K8 Object for a service account. The PrincipalId of the UserAssignedIdentity is needed by other composites to facilitate the creation of RoleAssignment resources for their own access needs. So I need to surface the PrincipalId property from the composite somehow. NOTE: RoleAssignment only accepts a PrincipalId and has no selector option.
The problem is UserAssignedIdentity does not surface any information in connection details so writeConnectionSecretToRef
produces a secret with no data, and of course this then provides no data to propagate up to the composite itself.
The status.atProvider
data surfaced by the UserAssignedIdentity in the observed ocds dictionary does contain all the data needed of course but I'm not sure how to surface this to the composite. Theoretically I could write my own secret with the required data but was wondering if there was a way of still using a composite's connectiondetails so the secret is written by crossplane. Any ideas?
When try to build the package, I get the following error:
crossplane: error: failed to build package: not exactly one package meta type
It was working. But suddenly just started to fail. The command is from README.md development chapter:
# Build a function package - see package/crossplane.yaml
$ crossplane xpkg build -f package --embed-runtime-image=kcllang/crossplane-kcl
This happens as a result of local development.
Now that this function-kcl has been published to the marketplace at https://marketplace.upbound.io/functions/crossplane-contrib/function-kcl, we should improve the metadata of this package to provide a more rich experience with more details.
Navigate to https://marketplace.upbound.io/functions/crossplane-contrib/function-kcl, and see:
kcl-function
, even though the repo is function-kcl
.We can compare this to another function like https://marketplace.upbound.io/functions/crossplane-contrib/function-auto-ready, which has more of these details defined. As an example, the source of its metadata can be found in https://github.com/crossplane-contrib/function-auto-ready/blob/main/package/crossplane.yaml.
Function version: v0.2.0
We are trying to switch the architecture of some machines from amd64
to arm64
and found that function pod starts CrashLoopBackOff-ing as soon as there's a single XR
/CompositeResource
referencing it. We switched back to an amd node and it works properly again. Could it be that arm64 arch is unsupported?
Info:
v0.7.2
v1.28.8-eks-ae9a62a
m6g.2xlarge
instancem7i-flex.2xlarge
instance (Everything ok here)crossplane beta trace -o wide <xrd>/<claim>
# NAME RESOURCE SYNCED READY STATUS
# <xrd>/<claim> True False Waiting: Claim is waiting for composite resource to become Ready
# โโ <xrd>/<xr> False - ReconcileError: cannot compose resources: cannot run Composition pipeline step "kcl-render": cannot run Function "function-kcl": rpc error: code = Unavailable desc = last connection error: connection error: desc = "transport: Error while dialing: dial tcp x.x.x.x:9443: connect: connection refused"
kubectl describe po -l pkg.crossplane.io/function=function-kcl
Name: function-kcl-c44536185222-66c9f554fd-m8wht
Namespace: crossplane
Priority: 0
Service Account: function-kcl-c44536185222
Node: ...
Start Time: Fri, 10 May 2024 11:21:05 +0200
Labels: pkg.crossplane.io/function=function-kcl
pkg.crossplane.io/revision=function-kcl-c44536185222
pod-template-hash=66c9f554fd
Annotations: vpc.amazonaws.com/pod-ips: x.x.x.x
Status: Running
IP: x.x.x.x
IPs:
IP: x.x.x.x
Controlled By: ReplicaSet/function-kcl-c44536185222-66c9f554fd
Containers:
package-runtime:
Container ID: containerd://031093bf8ba71fa1ff3daa11ffd3df236d605794365adc4753851789f044d2d8
Image: xpkg.upbound.io/crossplane-contrib/function-kcl:v0.7.2
Image ID: xpkg.upbound.io/crossplane-contrib/function-kcl@sha256:c4453618522289c708d15cb12cd0f35ba0c612d1c6c4d7dcd095aa12ef97d4e5
Ports: 8080/TCP, 9443/TCP
Host Ports: 0/TCP, 0/TCP
State: Running
Started: Fri, 10 May 2024 11:23:16 +0200
Last State: Terminated
Reason: Error
Exit Code: 2
Started: Fri, 10 May 2024 11:23:01 +0200
Finished: Fri, 10 May 2024 11:23:01 +0200
Ready: True
Restart Count: 2
Environment:
TLS_SERVER_CERTS_DIR: /tls/server
Mounts:
/tls/server from tls-server-certs (ro)
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-4q9sf (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
tls-server-certs:
Type: Secret (a volume populated by a Secret)
SecretName: function-kcl-tls-server
Optional: false
kube-api-access-4q9sf:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors: nodegroup=crossplane
Tolerations: dedicated=crossplane:NoSchedule
node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 2m32s default-scheduler Successfully assigned crossplane/function-kcl-c44536185222-66c9f554fd-m8wht to <node>
Warning BackOff 35s kubelet Back-off restarting failed container package-runtime in pod function-kcl-c44536185222-66c9f554fd-m8wht_crossplane(eba0d4c1-b0b0-4c06-b829-0051b7c7590e)
Normal Pulled 21s (x3 over 2m31s) kubelet Container image "xpkg.upbound.io/crossplane-contrib/function-kcl:v0.7.2" already present on machine
Normal Created 21s (x3 over 2m31s) kubelet Created container package-runtime
Normal Started 21s (x3 over 2m31s) kubelet Started container package-runtime
{"level":"info","ts":1715337555.3369577,"caller":"fn/fn.go:32","msg":"Running Function","tag":""}
panic: fork/exec /usr/local/bin/kclvm_cli: exec format error
goroutine 36 [running]:
kcl-lang.io/kcl-go/pkg/runtime.(*Runtime).Start(0x400042c8c0)
/go/pkg/mod/kcl-lang.io/[email protected]/pkg/runtime/runtime.go:54 +0x1a4
kcl-lang.io/kcl-go/pkg/runtime.initRuntime(0x0?)
/go/pkg/mod/kcl-lang.io/[email protected]/pkg/runtime/init.go:48 +0x14c
kcl-lang.io/kcl-go/pkg/runtime.GetRuntime.func1()
/go/pkg/mod/kcl-lang.io/[email protected]/pkg/runtime/init.go:26 +0x20
sync.(*Once).doSlow(0x4000bd5530?, 0x0?)
/usr/local/go/src/sync/once.go:74 +0x100
sync.(*Once).Do(...)
/usr/local/go/src/sync/once.go:65
kcl-lang.io/kcl-go/pkg/runtime.GetRuntime()
/go/pkg/mod/kcl-lang.io/[email protected]/pkg/runtime/init.go:26 +0x40
kcl-lang.io/kcl-go/pkg/service.NewKclvmServiceClient()
/go/pkg/mod/kcl-lang.io/[email protected]/pkg/service/client_kclvm_service.go:21 +0x1c
kcl-lang.io/kcl-go/pkg/kcl.runWithHooks({0x400094ac28, 0x0, 0x0}, {0x64996d0, 0x1, 0x1}, {0x400094ae48, 0x1, 0x1})
/go/pkg/mod/kcl-lang.io/[email protected]/pkg/kcl/api.go:477 +0xf4
kcl-lang.io/kcl-go/pkg/kcl.run(...)
/go/pkg/mod/kcl-lang.io/[email protected]/pkg/kcl/api.go:486
kcl-lang.io/kcl-go/pkg/kcl.RunWithOpts({0x400094ae48?, 0x400094ae48?, 0x0?})
/go/pkg/mod/kcl-lang.io/[email protected]/pkg/kcl/api.go:373 +0x50
kcl-lang.io/kpm/pkg/api.RunWithOpt(0x4000867700)
/go/pkg/mod/kcl-lang.io/[email protected]/pkg/api/kpm_run.go:89 +0x2d0
kcl-lang.io/cli/pkg/options.(*RunOptions).Run(0x40000da000)
/go/pkg/mod/kcl-lang.io/[email protected]/pkg/options/run.go:137 +0x19c
kcl-lang.io/krm-kcl/pkg/edit.RunKCL({0x4000088788?, 0x1?}, {0x40006c7200?, 0x4000a348c0?}, 0x4000866940)
/go/pkg/mod/kcl-lang.io/[email protected]/pkg/edit/bootstrap.go:52 +0x1ac
kcl-lang.io/krm-kcl/pkg/edit.(*SimpleTransformer).Transform(0x400094b1d0, {0x4000088788?, 0x1?, 0x0?})
/go/pkg/mod/kcl-lang.io/[email protected]/pkg/edit/transformer.go:46 +0xb0
kcl-lang.io/krm-kcl/pkg/kio.Filter.Filter({0x400042c000}, {0x4000088788, 0x1, 0x1})
/go/pkg/mod/kcl-lang.io/[email protected]/pkg/kio/filter.go:39 +0x160
sigs.k8s.io/kustomize/kyaml/kio.Pipeline.ExecuteWithCallback({{0x400094b7b0, 0x1, 0x1}, {0x400094b7a0, 0x1, 0x1}, {0x400094b790, 0x1, 0x1}, 0x0}, ...)
/go/pkg/mod/sigs.k8s.io/kustomize/[email protected]/kio/kio.go:137 +0x250
sigs.k8s.io/kustomize/kyaml/kio.Pipeline.Execute({{0x400094b7b0, 0x1, 0x1}, {0x400094b7a0, 0x1, 0x1}, {0x400094b790, 0x1, 0x1}, 0x0})
/go/pkg/mod/sigs.k8s.io/kustomize/[email protected]/kio/kio.go:104 +0x6c
main.(*Function).RunFunction(0x40006f57a0, {0x1a59d60?, 0x400011b978?}, 0x40000dc3c0)
/fn/fn.go:133 +0xe28
github.com/crossplane/function-sdk-go/proto/v1beta1._FunctionRunnerService_RunFunction_Handler({0x1a59d60, 0x40006f57a0}, {0x255f9f0, 0x400013e1e0}, 0x40007da200, 0x0)
/go/pkg/mod/github.com/crossplane/[email protected]/proto/v1beta1/run_function_grpc.pb.go:104 +0x1c0
google.golang.org/grpc.(*Server).processUnaryRPC(0x4000636a00, {0x255f9f0, 0x400013e150}, {0x256ac80, 0x4000737c80}, 0x40005ee900, 0x400084aae0, 0x649c730, 0x0)
/go/pkg/mod/google.golang.org/[email protected]/server.go:1369 +0xb58
google.golang.org/grpc.(*Server).handleStream(0x4000636a00, {0x256ac80, 0x4000737c80}, 0x40005ee900)
/go/pkg/mod/google.golang.org/[email protected]/server.go:1780 +0xb20
google.golang.org/grpc.(*Server).serveStreams.func2.1()
/go/pkg/mod/google.golang.org/[email protected]/server.go:1019 +0x8c
created by google.golang.org/grpc.(*Server).serveStreams.func2 in goroutine 82
/go/pkg/mod/google.golang.org/[email protected]/server.go:1030 +0x13c
I don't know whether there's currently a way to make the KCL function work with arm nodes. If not, would it be possible to add support for arm64
architecture?
PS: Excuse me if I picked the wrong labels for the issue, not sure whether you would considered it a bug or it's just unsupported for the moment.
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.
Dockerfile
golang 1
docker/amd64/Dockerfile
golang 1
docker/arm64/Dockerfile
golang 1
.github/workflows/ci.yaml
actions/checkout v4
actions/setup-go v5
docker/setup-qemu-action v3
docker/setup-buildx-action v3
actions/checkout v4
docker/build-push-action v6
actions/upload-artifact v4
actions/checkout v4
actions/download-artifact v4
docker/login-action v3
ubuntu 22.04
ubuntu 22.04
ubuntu 22.04
go.mod
go 1.22.2
dario.cat/mergo v1.0.0
github.com/alecthomas/kong v0.9.0
github.com/crossplane/crossplane-runtime v1.15.1
github.com/crossplane/function-sdk-go v0.2.0
github.com/google/go-cmp v0.6.0
github.com/pkg/errors v0.9.1
google.golang.org/protobuf v1.34.2
gopkg.in/yaml.v2 v2.4.0
k8s.io/apimachinery v0.30.2
kcl-lang.io/krm-kcl v0.9.0-beta.2
sigs.k8s.io/controller-tools v0.15.0
sigs.k8s.io/yaml v1.4.0
oras.land/oras-go v1.2.5
oras.land/oras-go/v2 v2.5.0
OCI Source is managed by function kcl and should be able to be set through the fields of KCLRun, in theory something like this perhaps.
functionRef:
name: kcl-function
input:
apiVersion: krm.kcl.dev/v1alpha1
kind: KCLRun
metadata:
name: basic
annotations:
kcl-something/allow-insecure-source: True
spec:
target: Resources
source: oci://localhost:7900/my-composition-kcl:0.0.1
I tried to create two resources with different kinds, but the same name.
source: |
oxr = option("params").oxr
envconf = option("params").ctx["apiextensions.crossplane.io/environment"]
items = [
{
apiVersion = "eks.aws.upbound.io/v1beta1"
kind = "Cluster"
metadata.name = oxr.metadata.labels["crossplane.io/claim-name"]
metadata.labels = { "aws.platform.ripple.com/observedcluster" = "true" }
spec = {
forProvider.region = oxr.spec.parameters.region
providerConfigRef.name = envconf.name
managementPolicies = ["Observe"]
}
},
{
apiVersion = "apiextensions.crossplane.io/v1alpha1"
kind = "EnvironmentConfig"
metadata.name = oxr.metadata.labels["crossplane.io/claim-name"]
metadata.labels = { "aws.platform.ripple.com/observedcluster" = "true" }
}
]
Output:
apiVersion: apiextensions.crossplane.io/v1alpha1
kind: EnvironmentConfig
metadata:
annotations:
crossplane.io/composition-resource-name: cluster-josh-x1
generateName: cluster-josh-x1-
labels:
aws.platform.ripple.com/observedcluster: "true"
crossplane.io/composite: cluster-josh-x1
name: cluster-josh-x1
ownerReferences:
- apiVersion: aws.platform.ripple.com/v1alpha1
blockOwnerDeletion: true
controller: true
kind: ObservedCluster
name: cluster-josh-x1
uid: ""
spec:
forProvider:
region: us-west-2
managementPolicies:
- Observe
providerConfigRef:
name: dev2-us-west-2
I only get whatever the final object was instead of a Cluster
and an EnvironmentConfig
Attempt to create two different items with the same name.
Observe that the output is actually the merging of the two yaml objects instead of two distinct objects.
Function version: v0.7.0
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.