Aws S3 Support (#15)

* Adding S3 support

.gitignore

@@ -1,4 +1,5 @@
 sample-values.yaml
 sample-values-post.yaml
 sample-values-mysql.yaml
-sample-values-dev365.yaml
+sample-values-dev365.yaml
+sample-values-dev365-aws.yaml

README.md

@@ -49,18 +49,28 @@ Once the group it is created we will need to include ***Terrakube APP*** as a me
 
 ### 3. Terrakube Storage
 
+#### 3.1 Azure Storage Account
+
 Terrakube require an Azure Storage account to save the state/output for the jobs and to save the terraform modules when using terraform CLI and it require the following containers:
 - registry (blob)
 - tfstate (private)
 - tfoutput (private)
 
 To create the Azure storage account you can use the following [terraform module](https://github.com/AzBuilder/terraform-azurerm-terrakube-cloud-storage).
 
+#### 3.2 AWS S3
+
+Terrakube require an Aws S3 to save the state/output for the jobs and to save the terraform modules when using terraform CLI and it require the following:
+- Cors Enable for the UI domain
+- ACL Enable
+
+To create the Aws S3 you can use the following [terraform module]() (Work in Progress).
+
 ### 4. Build Yaml file
 
 Once you have completed the above steps you can complete the file values.yaml to deploy the helm chart
 
-Example using Nginx Ingress: 
+***Example using Nginx Ingress and Azure Storage Account:***
 
 ```yaml
 ## Global Name
@@ -85,7 +95,7 @@ storage:
 ## API properties
 api:
   enabled: true
-  version: "2.1.4"
+  version: "2.2.0"
   replicaCount: "1"
   serviceType: "ClusterIP"
   resources: #Optional
@@ -105,7 +115,7 @@ api:
 ## Executor properties
 executor:
   enabled: true
-  version: "1.5.4"
+  version: "1.6.1"
   replicaCount: "1"
   serviceType: "ClusterIP"
   resources: #Optional
@@ -124,7 +134,130 @@ executor:
 ## Registry properties
 registry:
   enabled: true
-  version: "2.1.4"
+  version: "2.2.0"
+  replicaCount: "1"
+  serviceType: "ClusterIP"
+  resources: #Optional
+    limits:
+      cpu: 500m
+      memory: 1024Mi
+    requests:
+      cpu: 200m
+      memory: 256Mi
+
+## UI Properties
+ui:
+  enabled: true
+  version: "0.7.0"
+  replicaCount: "1"
+  serviceType: "ClusterIP"
+  resources:
+    limits:
+      cpu: 500m
+      memory: 512Mi
+    requests:
+      cpu: 200m
+      memory: 256Mi
+
+## Ingress properties
+ingress:
+  useTls: true
+  ui:
+    enabled: true
+    domain: "ui.terrakube.docker.internal" # Replace with the real value
+    path: "/(.*)" # Replace with the real value
+    pathType: "Prefix" # Replace with the real value
+    annotations: # This annotations can change based on requirements. The followin is an example using nginx ingress and lets encrypt
+      kubernetes.io/ingress.class: nginx
+      nginx.ingress.kubernetes.io/use-regex: "true"
+      cert-manager.io/cluster-issuer: letsencrypt
+  api:
+    enabled: true
+    domain: "api.terrakube.docker.internal" # Replace with the real value
+    path: "/(.*)" # Replace with the real value
+    pathType: "Prefix" # Replace with the real value
+    annotations: # This annotations can change based on requirements. The followin is an example using nginx ingress and lets encrypt
+      kubernetes.io/ingress.class: nginx
+      nginx.ingress.kubernetes.io/use-regex: "true"
+      nginx.ingress.kubernetes.io/rewrite-target: /$2 
+      nginx.ingress.kubernetes.io/configuration-snippet: "proxy_set_header Authorization $http_authorization;"
+      cert-manager.io/cluster-issuer: letsencrypt
+  registry: 
+    enabled: true
+    domain: "registry.terrakube.docker.internal" # Replace with the real value
+    path: "/(.*)" # Replace with the real value
+    pathType: "Prefix" # Replace with the real value
+    annotations: # This annotations can change based on requirements. The followin is an example using nginx ingress and lets encrypt
+      kubernetes.io/ingress.class: nginx
+      nginx.ingress.kubernetes.io/use-regex: "true"
+      cert-manager.io/cluster-issuer: letsencrypt
+```
+
+***Example using Nginx Ingress and AWS S3:***
+```yaml
+## Global Name
+name: "terrakube"
+
+## Azure Active Directory Security
+security:
+  type: "AZURE" # This is the only value supported righ now
+  azure:
+    appIdURI: "XXX" #Replace with values from Step 1
+    appClientId: "XXX"
+    appTenantId: "XXX"
+    appSecret: "XXX"
+
+## Terraform Storage
+storage:
+  aws:
+    accessKey: "XXX"
+    secretKey: "XXX"
+    bucketName: "XXX"
+    region: "XXX"
+
+## API properties
+api:
+  enabled: true
+  version: "2.2.0"
+  replicaCount: "1"
+  serviceType: "ClusterIP"
+  resources: #Optional
+    limits:
+      cpu: 500m
+      memory: 1024Mi
+    requests:
+      cpu: 200m
+      memory: 256Mi
+  properties:
+    databaseType: "SQL_AZURE" # Replace with "H2" (ONLY FOR TESTING), "SQL_AZURE", "POSTGRESQL" or "MYSQL"
+    databaseHostname: "mysuperdatabse.database.windows.net" # Replace with the real value
+    databaseName: "databasename" # Replace with the real value
+    databaseUser: "databaseuser" # Replace with the real value
+    databasePassword: "XXX" # Replace with the real value
+
+## Executor properties
+executor:
+  enabled: true
+  version: "1.6.1"
+  replicaCount: "1"
+  serviceType: "ClusterIP"
+  resources: #Optional
+    limits:
+      cpu: 1000m
+      memory: 1024Mi
+    requests:
+      cpu: 500m
+      memory: 256Mi
+  properties:
+    toolsRepository: "https://github.com/AzBuilder/terrakube-extensions" # Default extension repository
+    toolsBranch: "main" #Default branch for extensions
+    terraformStateType: "AwsTerraformStateImpl" 
+    terraformOutputType: "AwsTerraformOutputImpl" 
+
+## Registry properties
+registry:
+  enabled: true
+  version: "2.2.0"
   replicaCount: "1"
   serviceType: "ClusterIP"
   resources: #Optional
@@ -138,7 +271,7 @@ registry:
 ## UI Properties
 ui:
   enabled: true
-  version: "0.5.0"
+  version: "0.7.0"
   replicaCount: "1"
   serviceType: "ClusterIP"
   resources:

templates/secrets-executor.yaml

@@ -5,14 +5,10 @@ metadata:
   name: terrakube-executor-secrets
 type: Opaque
 stringData:
+  # State/Output Type
   TerraformStateType: '{{ .Values.executor.properties.terraformStateType }}'
-  AzureTerraformStateResourceGroup: '{{ .Values.storage.azure.storageAccountResourceGroup }}'
-  AzureTerraformStateStorageAccountName: '{{ .Values.storage.azure.storageAccountName }}'
-  AzureTerraformStateStorageContainerName: 'tfstate'
-  AzureTerraformStateStorageAccessKey: '{{ .Values.storage.azure.storageAccountAccessKey }}'
   TerraformOutputType: '{{ .Values.executor.properties.terraformOutputType }}'
-  AzureTerraformOutputAccountName: '{{ .Values.storage.azure.storageAccountName }}'
-  AzureTerraformOutputAccountKey: '{{ .Values.storage.azure.storageAccountAccessKey }}'
+  # General Settings
   AzBuilderApiUrl: 'http://terrakube-api-service:8080'
   AzureAdAppClientId: '{{ .Values.security.azure.appClientId }}'
   AzureAdAppClientSecret: '{{ .Values.security.azure.appSecret }}'
@@ -24,4 +20,24 @@ stringData:
   TerrakubeToolsBranch: '{{ .Values.executor.properties.toolsBranch }}'
   TerrakubeEnableSecurity: 'true'
   TerrakubeRegistryDomain: '{{ .Values.ingress.registry.domain }}'
+  #Azure Storage
+  {{- if .Values.storage.azure }}
+  AzureTerraformStateResourceGroup: '{{ .Values.storage.azure.storageAccountResourceGroup }}'
+  AzureTerraformStateStorageAccountName: '{{ .Values.storage.azure.storageAccountName }}'
+  AzureTerraformStateStorageContainerName: 'tfstate'
+  AzureTerraformStateStorageAccessKey: '{{ .Values.storage.azure.storageAccountAccessKey }}'
+  AzureTerraformOutputAccountName: '{{ .Values.storage.azure.storageAccountName }}'
+  AzureTerraformOutputAccountKey: '{{ .Values.storage.azure.storageAccountAccessKey }}'
+  {{- end }}
+  #AWS S3
+  {{- if .Values.storage.aws }}
+  AwsTerraformOutputAccessKey: '{{ .Values.storage.aws.accessKey }}'
+  AwsTerraformOutputSecretKey: '{{ .Values.storage.aws.secretKey }}'
+  AwsTerraformOutputBucketName: '{{ .Values.storage.aws.bucketName }}'
+  AwsTerraformOutputRegion: '{{ .Values.storage.aws.region }}'
+  AwsTerraformStateAccessKey: '{{ .Values.storage.aws.accessKey }}'
+  AwsTerraformStateSecretKey: '{{ .Values.storage.aws.secretKey }}'
+  AwsTerraformStateBucketName: '{{ .Values.storage.aws.bucketName }}'
+  AwsTerraformStateRegion: '{{ .Values.storage.aws.region }}'
+  {{- end }}
 {{ end }}

templates/secrets-registry.yaml

@@ -6,8 +6,6 @@ metadata:
 type: Opaque
 stringData:
   AzBuilderRegistry: 'https://{{ .Values.ingress.registry.domain }}'
-  AzureAccountName: '{{ .Values.storage.azure.storageAccountName }}'
-  AzureAccountKey: '{{ .Values.storage.azure.storageAccountAccessKey }}'
   AzBuilderApiUrl: 'http://terrakube-api-service:8080'
   AzureAdAppClientId: '{{ .Values.security.azure.appClientId }}'
   AzureAdAppClientSecret: '{{ .Values.security.azure.appSecret }}'
@@ -18,4 +16,18 @@ stringData:
   AzureAdAppId: '{{ .Values.security.azure.appClientId }}'
   AzureAdApiIdUri: '{{ .Values.security.azure.appIdURI }}'
   TerrakubeUiURL: 'https://{{ .Values.ingress.ui.domain }}'
+  #Azure Storage
+  {{- if .Values.storage.azure }}
+  RegistryStorageType: 'AzureStorageImpl'
+  AzureAccountName: '{{ .Values.storage.azure.storageAccountName }}'
+  AzureAccountKey: '{{ .Values.storage.azure.storageAccountAccessKey }}'
+  {{- end }}
+  #AWS S3
+  {{- if .Values.storage.aws }}
+  RegistryStorageType: 'AwsStorageImpl'
+  AwsStorageAccessKey: '{{ .Values.storage.aws.accessKey }}'
+  AwsStorageSecretKey: '{{ .Values.storage.aws.secretKey }}'
+  AwsStorageBucketName: '{{ .Values.storage.aws.bucketName }}'
+  AwsStorageRegion: '{{ .Values.storage.aws.region }}'
+  {{- end }}
 {{ end }}

values.schema.json

@@ -39,7 +39,6 @@
       },
       "storage": {
         "type": "object",
-        "required": ["azure"],
         "properties": {
           "azure": {
             "type": "object",
@@ -58,6 +57,28 @@
                 "type": "string"
               }
             }
+          },
+          "aws": {
+            "type": "object",
+            "required": ["accessKey", "secretKey", "bucketName", "region"],
+            "properties": {
+              "accessKey": {
+                "description": "AWS Access Key",
+                "type": "string"
+              },
+              "secretKey": {
+                "description": "AWS Secret Key",
+                "type": "string"
+              },
+              "bucketName": {
+                "description": "AWS Bucket name",
+                "type": "string"
+              },
+              "region": {
+                "description": "AWS Region",
+                "type": "string"
+              }
+            }
           }
         }
       },
@@ -149,11 +170,11 @@
               },
               "terraformStateType": {
                 "description": "Terraform State implementation",
-                "enum": ["AzureTerraformStateImpl"]
+                "enum": ["AzureTerraformStateImpl", "AwsTerraformStateImpl"]
               },
               "terraformOutputType": {
                 "description": "Terraform Output implementation",
-                "enum": ["AzureTerraformOutputImpl"]
+                "enum": ["AzureTerraformOutputImpl", "AwsTerraformOutputImpl"]
               }
             }
           }

values.yaml

@@ -16,6 +16,11 @@ storage:
     storageAccountName: ""
     storageAccountResourceGroup: ""
     storageAccountAccessKey: ""
+  aws:
+    accessKey: ""
+    secretKey: ""
+    bucketName: ""
+    region: ""
 
 ## API properties
 api:
@@ -41,8 +46,8 @@ executor:
   properties:
     toolsRepository: "https://github.com/AzBuilder/terrakube-extensions"
     toolsBranch: "main"
-    terraformStateType: "AzureTerraformStateImpl"
-    terraformOutputType: "AzureTerraformOutputImpl"
+    terraformStateType: ""
+    terraformOutputType: ""
 
 ## Registry properties
 registry: