crossplane-contrib / provider-digitalocean Goto Github PK

What problem are you facing?

I would like the ability to create a Container Registry using resource definitions with Crossplane.

You can view the API reference here:

https://docs.digitalocean.com/reference/api/api-reference/#operation/create_registry

and you can also find the godo documentation here:

https://pkg.go.dev/github.com/digitalocean/godo#RegistryCreateRequest

What problem are you facing?

I would like the ability to create a User and a Database on a Database Cluster using resource definitions with Crossplane.

You can view the API reference here:

• adding a user - https://docs.digitalocean.com/reference/api/api-reference/#operation/add_user
• adding a database to a cluster - https://docs.digitalocean.com/reference/api/api-reference/#operation/add_database

and you can also find the godo documentation here:

• adding a user - https://pkg.go.dev/github.com/digitalocean/godo#DatabaseCreateUserRequest
• adding a database to a cluster - https://pkg.go.dev/github.com/digitalocean/godo#DatabaseCreateDBRequest

What problem are you facing?

We'd like to be able to define the userData string in a configMap - or a secret - and then reference it from the Droplet definition.

In our infra we use the same userData for all the droplets we create, and having it in just one place will be better solution for maintaining it.

How could Crossplane help solve your problem?

Allowing me to define userData as a reference to another resource

i.e using a configMap:

---
apiVersion: compute.do.crossplane.io/v1alpha1
kind: Droplet
metadata:
  name: test-one
spec:
  forProvider:
    userDataRef:
      source: configMap
      key: userData
      name: user-data
      namespace: crossplane-system
---
apiVersion: compute.do.crossplane.io/v1alpha1
kind: Droplet
metadata:
  name: test-two
spec:
  forProvider:
    userDataRef:
      source: configMap
      key: userData
      name: user-data
      namespace: crossplane-system
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: user-data
  namespace: crossplane-system
data:
  userData: |
    #cloud-config

    groups:
      - sysadmins

    users:
      - name: ansibleusr
        shell: /bin/bash
        groups: sysadmins
      - name: theo-agent
        shell: /bin/false
        system: true

    write_files:
      - path: /etc/sudoers.d/50-sysadmins
        owner: root:root
        permissions: '0440'
        content: |
          %sysadmins ALL=(ALL) NOPASSWD: ALL
      - path: /etc/theo-agent/public.pem
        owner: root:root
        permissions: '0644'
        content: |
          -----BEGIN PUBLIC KEY-----
          [....]
          -----END PUBLIC KEY-----
      - path: /usr/sbin/download-install-theo.sh
        owner: root:root
        permissions: '0755'
        content: |
          #!/bin/bash
          THEO_AGENT_LATEST=$(curl -L -s -H 'Accept: application/json' https://github.com/theoapp/theo-agent/releases/latest |sed -e 's/.*"tag_name":"\([^"]*\)".*/\1/')
          sudo curl -L -o /usr/sbin/theo-agent \
            https://github.com/theoapp/theo-agent/releases/download/${THEO_AGENT_LATEST}/theo-agent-$(uname -s)-$(uname -m)
          chmod 755 /usr/sbin/theo-agent
          /usr/sbin/theo-agent \
            -install \
            -verify \
            -public-key /etc/theo-agent/public.pem \
            -no-interactive \
            -sshd-config \
            -url https://fluidware.authkeys.io \
            -token xxxxxx
            -hostname-prefix test-do-
          chown -R theo-agent /etc/theo-agent
          chmod 700 /etc/theo-agent
          selinuxenabled 2>/dev/null && semanage permissive -a sshd_t
    runcmd:
      - /usr/sbin/download-install-theo.sh
      - systemctl restart ssh.service

I asked around in the Slack channel about how to access newly created clusters and got the following answer for the AWS provider, I presume it would be good practise to implement something similar for the Digital Ocean provider.

Slack Thread

The Cluster resource in provider-aws will create a secret with the credentials, and you can create a ProviderConfig for kubernetes which references that secret

- name: kubernetes_provider_config
    base:
      apiVersion: kubernetes.crossplane.io/v1alpha1
      kind: ProviderConfig
      spec:
        credentials:
          source: Secret
          secretRef:
            namespace: crossplane-system
            key: kubeconfig
    patches:
    - type: FromCompositeFieldPath
      transforms:
      - string:
          fmt: "%s-cluster"
          type: Format
        type: string
      fromFieldPath: metadata.annotations[crossplane.io/external-name]
      toFieldPath: spec.credentials.secretRef.name
    - type: FromCompositeFieldPath
      transforms:
      - string:
          fmt: "%s-cluster"
          type: Format
        type: string
      fromFieldPath: metadata.annotations[crossplane.io/external-name]
      toFieldPath: metadata.name
    readinessChecks:
    - type: None

What happened?

When creating a k8s object in Crossplane, I'm observing unexpected behavior where the object gets duplicated. This seems to be happening consistently. Also when i delete object in k8s droplets remain in DO, so i need to delete i manually

How can we reproduce it?

1. Install digital ocean provider version v0.2.0
2. Install simple droplet as described in github example folder

What environment did it happen in?

Crossplane version: 1.14.5

• Cloud provider: Digital ocean v0.2.0
• Kubernetes Server Version: v1.28.5+k3s1
• Kubernetes distribution: Rancher k3s
• OS: Ubuntu: 22.04
• Kernel:Linux k3s-01 5.4.0-29-generic x86_64 x86_64 x86_64 GNU/Linux

What problem are you facing?

I would like the ability to create an App using resource definitions with Crossplane.

You can view the API reference here
you can also see the godo docs here

What happened?

I try to create a single droplet CR and it never become ready and create me multiple Droplets on my DO account

How can we reproduce it?

I reproduce it multiple time

with the following CR

apiVersion: compute.do.crossplane.io/v1alpha1
kind: Droplet
metadata:
  name: example
  annotations:
    crossplane.io/external-name: crossplane-droplet
spec:
  forProvider:
    region: ams3
    size: s-1vcpu-1gb
    image: ubuntu-20-04-x64
  providerConfigRef:
    name: do-example

What environment did it happen in?

Crossplane version: crossplane-1.8.1
Kubernetes: v1.21.8
DO Provider 0.1.0

What problem are you facing?

I would like the ability to create a Kubernetes Cluster using resource definitions with Crossplane.

You can view the API reference here, and you can also find the godo documentation here.

I am trying to contribute to the package, but I haven't been able to follow the https://github.com/crossplane-contrib/provider-digitalocean/blob/main/docs/CONTRIBUTING.md

Ideally, the contributing guide has a repeatable how-to guide that people could follow and be able to contribute to the project.

What problem are you facing?

The 'DOKS-Egress-Gateway' requires us to deploy a Droplet in the same VPC as our K8s cluster. It would be great if we could specify the VPC in the manifest and update the instructions so that our Droplet is deployed to the same VPC.

How could Crossplane help solve your problem?

I am imagining something like this:

apiVersion: compute.do.crossplane.io/v1alpha1
kind: Droplet
metadata:
  name: egress-gw-nyc1
spec:
  forProvider:
    region: nyc1
    size: s-1vcpu-1gb
    image: ubuntu-20-04-x64
    vpc_uuid: "4bxx25e-c52e-4578-93a7-01xx1ee927xx"

We need tests for the kubernetes controller, you can see how AWS is doing it here and use it as an example.

We need to test for basic functionality such as successful creation, and deletion as well as if we encounter errors. We don't currently allow for updating of resources so this will be good plumbing to put in before that.

What happened?

When working with Kubernetes cluster resources, Crossplane creates a secret that can be used by other resources. In case of DOK, the secret is not created.

How can we reproduce it?

Create a DOK cluster and check whether the secrets with kubeconfig were created in crossplane-system and the claim Namespace (if using claims).

What problem are you facing?

I want to be able to update my K8s cluster managed by the do provider.
add/remove/update node pools, upgrade k8s version, add/remove tags, etc. are all supported my the godo sdk.
https://pkg.go.dev/github.com/digitalocean/godo#KubernetesService

What problem are you facing?

I would like the ability to create a Firewall using resource definitions with Crossplane.

You can view the API reference here, and you can also find the godo documentation here.

What problem are you facing?

I would like the ability to create a FloatingIP for a droplet using resource definitions with Crossplane.

You can view the API reference here, and you can also find the godo documentation here.

Note One of the values are required, either droplet_id or region but you can only use one or the other.

It seems like deletion requests for Kubernetes clusters aren't successfully handled but the provider reports them as being issued successfully. After manually deleting the cluster the dokubernetescluster eventually syncs up. (Unless it takes about an hour to delete a cluster and timing just worked out this way)

kubectl delete DOKubernetesCluster xcontrol
dokubernetescluster.kubernetes.do.crossplane.io "xcontrol" deleted
error: An error occurred while waiting for the object to be deleted: an error on the server ("unable to decode an event from the watch stream: http2: client connection lost") has prevented the request from succeeding

kubectl describe DOKubernetesCluster xcontrol
Normal DeletedExternalResource 59s (x22 over 51m) managed/dokubernetescluster Successfully requested deletion of external resource

• Manual deletion

kubectl delete DOKubernetesCluster xcontrol
dokubernetescluster.kubernetes.do.crossplane.io "xcontrol" deleted

kubectl describe DOKubernetesCluster xcontrol
Error from server (NotFound): dokubernetesclusters.kubernetes.do.crossplane.io "xcontrol" not found

What happened?

I was following the install guide and noticed some bugs. The example ProviderConfig creates a ProviderConfig named example but the example droplet expects the provider to be named default. It might make the guide easier to follow if the droplet example providerConfigRef is set to example

Also, getting this error while trying the create the example droplet w/ user data:

N47F5F4VWQ-M:provider-digitalocean culpepperje$ kubectl apply -f examples/compute/droplet-user-data.yaml
Error from server (BadRequest): error when creating "examples/compute/droplet-user-data.yaml": Droplet in version "v1alpha1" cannot be handled as a Droplet: strict decoding error: unknown field "spec.forProvider.userData"

Anyone know what could be the issue here?

How can we reproduce it?

Follow the install guide for the DO provider documented here.

What environment did it happen in?

Crossplane version: 1.13.2
Kubernetes version: 1.27.2

Running a kind cluster on Mac

What problem are you facing?

I'd like to adopt existing resources that I have already created in DigitalOcean. I'd also like the control to tell Crossplane to not manage it but just read the information about it/publish connection details.

How could Crossplane help solve your problem?

We can pull the resource ID from the external-name annotation, and attempt to fetch the resource instead of creating it. We can then also add a readonly field to the resource specs and if specified then we will not create/update/delete the resource but instead just observe.

What happened?

When trying to follow the installing guild, trying to create the Droplet instance results an error.

How can we reproduce it?

kubectl create -f examples/compute/droplet.yaml

What environment did it happen in?

Any environment

Crossplane version: 1.7.0

What happened?

How can we reproduce it?

After the provider configuration, I just applied the following spec:

apiVersion: database.do.crossplane.io/v1alpha1
kind: DODatabaseCluster
metadata:
  name: backstage-io
spec:
  forProvider:
    engine: pg
    version: "13"
    numNodes: 1
    size: db-s-1vcpu-1gb
    region: nyc1
    tags:
      - "crossplane"
  providerConfigRef:
    name: digitalocean
  writeConnectionSecretToRef:
    name: backstage-db-conn
    namespace: backstage-io

Which created the DO DatabaseCluster correctly, but doesn't created the secret with the resource credentials.

I checked and the resource was ready and synced and the namespace exists.

What environment did it happen in?

CrossPlane: 1.6.3
DoProvider: v0.1.0

What problem are you facing?

I would like the ability to create a Database Cluster using resource definitions with Crossplane.

You can view the API reference here

When creating resources it would be nice to be able to associate them with particular projects.

https://docs.digitalocean.com/reference/api/api-reference/#operation/assign_project_resources

I think it might be very useful to improve the installation documentation for this provider (and possibly other community providers) to clarify which image tags to use when installing.

This might seem obvious to more experienced users but all the official Crossplane docs use either main or master tags for provider versions while provider-digitalocean seems to require v0.1.0 at the moment.

Perhaps a list of most current provider versions along with a standard "one-liner" which would pick the latest and use it without using latest/main/master might be even better?

What happened?

READY column is empty instead of showing the status of the cluster

How can we reproduce it?

Create a DOK cluster.

kubectl get dokubernetesclusters

Output:

NAME         READY   SYNCED
a-team-dok           True

What happened?

It seems as though the make command runs into a python error because one of the libraries in use has dropped support for python2.

How can we reproduce it?

just run make or make -j2

What environment did it happen in?

Crossplane version:

N/A

Somewhat breaking change we need to document well.

Here inside of the loadbalancer API definition

We should update the groupName to be network instead as well as rename the folder the file is in. This is because we're going to group the resources by their type and load balancer would fall into the inside the purview of networking stuff.

What problem are you facing?

I would like the ability to create a CDN Endpoint using resource definitions with Crossplane.

You can view the API reference here, and you can also find the godo documentation here.

What happened?

When deleting a Kubernetes Cluster, it didn't get deleted.

How can we reproduce it?

1. Create a Kubernetes Cluster using crossplane
2. Delete the resource and wait for it to be deleted

It should never be deleted.

What environment did it happen in?

Crossplane version:

Provider version 0.1.0

This is caused by the Kubernetes controller calling godo.Database.Delete

What happened?

I am trying to spin up a DigitalOcean droplet with a specified snapshot as the base image.

  Warning  CannotCreateExternalResource  2m33s                   managed/droplet.compute.do.crossplane.io  creation of Droplet resource has failed: POST https://api.digitalocean.com/v2/droplets: 422 (request "c22f1701-7f91-4852-a925-ca5d6400e3fa") You specified an invalid image for Droplet creation.

How can we reproduce it?

What environment did it happen in?

Crossplane version: 1.11.1

Hey team, we have https://github.com/crossplane-contrib/provider-upjet-digitalocean available right now.
The Upjet-based provider supports all resources except the project_resources (we're working on it), so it would close most, if not all, issues and PRs over here.

Would it be prudent to archive this provider and incentivize the community to move to provider-upset-digitalocean?

We need tests for the database controller, you can see how AWS is doing it here and use it as an example.

We need to test for basic functionality such as successful creation, and deletion as well as if we encounter errors. We don't currently allow for updating of resources so this will be good plumbing to put in before that.

What problem are you facing?

would like the ability to create a Digital Ocean Space using resource definitions with Crossplane.

The API is interoperable with Amazon’s AWS S3 API, still I would like to be able to provision such with "my" cloud provider.

You can view the API reference here.

What problem are you facing?

I wish to be able to specify the with_droplet_agent field and the user_data field on a new droplet resource.

You can find the godo docs here
and the actual API docs here

What are your proposed solutions?

Adding these fields to the resource definition. The with_droplet_agent is fairly straight forward, but the user_data can be done in several different ways so I'm open to suggestions/ideas.

Since there are many capabilities missing, now that https://github.com/upbound/upjet has become GA, maybe it could be a good opportunity to leverage the upjet tool.

What problem are you facing?

I would like the ability to create a Tag using resource definitions with Crossplane.

You can view the API reference here, and you can also find the godo documentation here.

What problem are you facing?

I would like the ability to create a LoadBalancer using resource definitions with Crossplane.

You can view the API reference here, and you can also find the godo documentation here.

We need tests for the droplet controller, you can see how AWS is doing it here and use it as an example.

We need to test for basic functionality such as successful creation, and deletion as well as if we encounter errors. We don't currently allow for updating of resources so this will be good plumbing to put in before that.

What problem are you facing?

I would like the ability to create a Block Storage Volume using resource definitions with Crossplane.

You can view the API reference here

Prefacing my bug with, I'm quite new to crossplane, and can only reply back what i experience by running the given examples, as I'm in a discovery face if this tool could fit my needs.

What happened?

After creating a brand new cluster given the examples/kubernetes/k8s-cluster.yaml, the following error keeps persisting even tho there have been no changes to the DOKubernetesCluster resource.

Warning CannotObserveExternalResource 9m6s managed/dokubernetescluster cannot update managed DOKubernetesCluster resource: Operation cannot be fulfilled on dokubernetesclusters.kubernetes.do.crossplane.io "crossplane-managed": the object has been modified; please apply your changes to the latest version and try again

The cluster resources are created in DO and is reachable via kubectl.

How can we reproduce it?

kubectl apply -f https://raw.githubusercontent.com/crossplane-contrib/provider-digitalocean/main/examples/kubernetes/k8s-cluster.yaml

Expected result

No warnings in events when running:

k describe dokubernetesclusters.kubernetes.do.crossplane.io crossplane-managed

Also expected cluster would report READY

$ k get dokubernetesclusters.kubernetes.do.crossplane.io
NAME                 READY   SYNCED
crossplane-managed           True

What environment did it happen in?

Crossplane version: 1.10.1 (latest as of writing)
Kubectl client version: 1.26.0
Kube server version: 1.25.3+k3s1 (crossplane control plane)
Kubernetes distrobution: Rancher k3s

We need tests for the load balancer controller, you can see how AWS is doing it here and use it as an example.

We need to test for basic functionality such as successful creation, and deletion as well as if we encounter errors. We don't currently allow for updating of resources so this will be good plumbing to put in before that.