Add external k8s cluster usecase

.gitignore

@@ -1 +1 @@
-.last-modified
+.last_modified

gcp/environment/README.md

@@ -0,0 +1,26 @@
+# GCP Environment Workflow
+
+This workflow provisions and configures a GCP-based environment using the `koreo.dev` workflow engine and custom `ResourceFunction` and `ValueFunction` modules.
+
+Included in the environment are a VPC, Subnet, and Firewall.
+
+## Overview
+
+- **CRD Reference**: Targets the `GcpEnvironment` CRD defined under `example.koreo.dev/v1beta1`.
+- **Inputs**: Expects a `parent` object.
+- **Output**: An example vpc and subnet with a firewall
+
+## Workflow Steps
+
+| Step | Description |
+|------|-------------|
+| `metadata` | Generates standard metadata used across all resources. |
+| `network` | Creates a VPC network for the environment. |
+| `subnet` | Provisions a subnet within the created VPC with CIDR `10.10.0.0/16`. |
+| `firewall` | Configures firewall rules for the subnet. |
+
+## Requirements
+
+- GCP project with appropriate APIs enabled (IAM, Compute Engine).
+- Koreo engine with support for `ResourceFunction` and `ValueFunction`.
+- IAM permissions to create the various vpc resources

gcp/vpc/gcp-environment-crd.yaml → gcp/environment/crd/gcp-environment-crd.yaml

@@ -1,10 +1,10 @@
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
-  name: gcpenvironments.acme.example.com
+  name: gcpenvironments.example.koreo.dev
 spec:
   scope: Namespaced
-  group: acme.example.com
+  group: example.koreo.dev
   names:
     kind: GcpEnvironment
     plural: gcpenvironments

gcp/vpc/firewall.k.yaml → gcp/environment/firewall.k.yaml

@@ -1,3 +1,4 @@
+---
 apiVersion: koreo.dev/v1beta1
 kind: ResourceFunction
 metadata:
@@ -11,26 +12,24 @@ spec:
 
   resource:
     spec:
-      allow:
-        - ports:
-            - 0-65535
-          protocol: tcp
-        - ports:
-            - 0-65535
-          protocol: udp
-        - protocol: icmp
-      direction: INGRESS
       networkRef:
         name: =inputs.networkName
-      sourceRanges:
+      allow:
+        - protocol: tcp
+          ports: ["0-65535"]
+        - protocol: udp 
+          ports: ["0-65535"]
+        - protocol: icmp
+      sourceRanges: 
         - =inputs.subnet.range
-
+      direction: INGRESS
+
   postconditions:
     - assert: =resource.config_connect_ready()
       retry:
-        delay: 10
         message: Waiting for firewall to be created
-
+        delay: 10
+
   return:
     name: =inputs.metadata.name
 ---
@@ -44,32 +43,30 @@ spec:
     name: gcp-environment-firewall
 
   inputs:
+    networkName: test-network-name
     metadata:
       name: test-network
       namespace: test-namespace
-    networkName: test-network-name
     subnet:
       name: subnet1
       range: 10.0.0.0/20
-
+    
   testCases:
-  - expectResource:
-      apiVersion: compute.cnrm.cloud.google.com/v1beta1
-      kind: ComputeFirewall
-      metadata:
-        name: test-network
-        namespace: test-namespace
-      spec:
-        allow:
-        - ports:
-          - 0-65535
-          protocol: tcp
-        - ports:
-          - 0-65535
-          protocol: udp
-        - protocol: icmp
-        direction: INGRESS
-        networkRef:
-          name: test-network-name
-        sourceRanges:
-        - 10.0.0.0/20
+    - expectResource:
+        apiVersion: compute.cnrm.cloud.google.com/v1beta1
+        kind: ComputeFirewall
+        metadata:
+          name: test-network
+          namespace: test-namespace
+        spec:
+          allow:
+            - protocol: tcp
+              ports: ["0-65535"]
+            - protocol: udp 
+              ports: ["0-65535"]
+            - protocol: icmp
+          sourceRanges:
+            - 10.0.0.0/20
+          direction: INGRESS
+          networkRef: 
+            name: test-network-name

gcp/environment/fixtures/environment.yaml

@@ -0,0 +1,7 @@
+---
+apiVersion: example.koreo.dev/v1
+kind: GcpEnvironment
+metadata:
+  name: my-environment
+spec:
+  description: My GCP environment

gcp/environment/metadata.k.yaml

@@ -0,0 +1,26 @@
+---
+apiVersion: koreo.dev/v1beta1
+kind: ValueFunction
+metadata:
+  name: gcp-environment-metadata
+spec:
+  return:
+    name: =inputs.environmentResourceName
+    namespace: =inputs.environmentNamespace
+---
+apiVersion: koreo.dev/v1beta1
+kind: FunctionTest
+metadata:
+  name: gcp-environment-metadata-test
+spec:
+  functionRef:
+    name: gcp-environment-metadata
+    kind: ValueFunction
+  inputs:
+    environmentResourceName: example-test
+    environmentNamespace: example-ns
+  testCases:
+    - expectReturn:
+        name: example-test
+        namespace: example-ns
+

gcp/vpc/network.k.yaml → gcp/environment/network.k.yaml

@@ -1,3 +1,4 @@
+---
 apiVersion: koreo.dev/v1beta1
 kind: ResourceFunction
 metadata:
@@ -11,18 +12,19 @@ spec:
 
   resource:
     spec:
+      routingMode: REGIONAL
       autoCreateSubnetworks: false
       enableUlaInternalIpv6: false
-      routingMode: REGIONAL
-
+
   postconditions:
     - assert: =resource.config_connect_ready()
       retry:
-        delay: 10
         message: Waiting for compute network to be created
-
+        delay: 10
+
   return:
     name: =inputs.metadata.name
+
 ---
 apiVersion: koreo.dev/v1beta1
 kind: FunctionTest
@@ -37,15 +39,15 @@ spec:
     metadata:
       name: test-network
       namespace: test-namespace
-
+  
   testCases:
-  - expectResource:
-      apiVersion: compute.cnrm.cloud.google.com/v1beta1
-      kind: ComputeNetwork
-      metadata:
-        name: test-network
-        namespace: test-namespace
-      spec:
-        autoCreateSubnetworks: false
-        enableUlaInternalIpv6: false
-        routingMode: REGIONAL
+    - expectResource:
+        apiVersion: compute.cnrm.cloud.google.com/v1beta1
+        kind: ComputeNetwork
+        metadata:
+          name: test-network
+          namespace: test-namespace
+        spec:
+          routingMode: REGIONAL
+          autoCreateSubnetworks: false
+          enableUlaInternalIpv6: false

gcp/vpc/subnet.k.yaml → gcp/environment/subnet.k.yaml

@@ -1,3 +1,4 @@
+---
 apiVersion: koreo.dev/v1beta1
 kind: ResourceFunction
 metadata:
@@ -11,17 +12,22 @@ spec:
 
   resource:
     spec:
-      ipCidrRange: =inputs.range
       networkRef:
         name: =inputs.networkName
       region: us-central1
-
+      ipCidrRange: =inputs.range
+      secondaryIpRange:
+        - rangeName: servicesrange
+          ipCidrRange: =inputs.servicesRange
+        - rangeName: clusterrange
+          ipCidrRange: =inputs.clusterRange
+
   postconditions:
     - assert: =resource.config_connect_ready()
       retry:
-        delay: 10
         message: Waiting for subnetwork to be created
-
+        delay: 10
+
   return:
     name: =inputs.metadata.name
     range: =inputs.range
@@ -36,21 +42,28 @@ spec:
     name: gcp-environment-subnet
 
   inputs:
+    range: 10.0.0.0/16
+    servicesRange: 10.11.0.0/16
+    clusterRange: 10.12.0.0/16
+    networkName: test-network-name
     metadata:
       name: test-network
       namespace: test-namespace
-    networkName: test-network-name
-    range: 10.0.0.0/16
-
+
   testCases:
-  - expectResource:
-      apiVersion: compute.cnrm.cloud.google.com/v1beta1
-      kind: ComputeSubnetwork
-      metadata:
-        name: test-network
-        namespace: test-namespace
-      spec:
-        ipCidrRange: 10.0.0.0/16
-        networkRef:
-          name: test-network-name
-        region: us-central1
+    - expectResource:
+        apiVersion: compute.cnrm.cloud.google.com/v1beta1
+        kind: ComputeSubnetwork
+        metadata:
+          name: test-network
+          namespace: test-namespace
+        spec:
+          region: us-central1
+          ipCidrRange: 10.0.0.0/16
+          networkRef: 
+            name: test-network-name
+          secondaryIpRange:
+            - rangeName: servicesrange
+              ipCidrRange: 10.11.0.0/16
+            - rangeName: clusterrange
+              ipCidrRange: 10.12.0.0/16

gcp/vpc/workflow.k.yaml → gcp/environment/workflow.k.yaml

@@ -4,26 +4,25 @@ metadata:
   name: gcp-environment
 spec:
   crdRef:
-    apiGroup: acme.example.com
-    kind: GcpEnvironment
+    apiGroup: example.koreo.dev
     version: v1beta1
-
+    kind: GcpEnvironment
+
   steps:
-    - label: config
+    - label: metadata
       ref:
+        name: gcp-environment-metadata
         kind: ValueFunction
-        name: gcp-environment-config
       inputs:
-        parent: =parent
-      state:
-        projectId: =value.projectId
+        environmentResourceName: =parent.metadata.name
+        environmentNamespace: =parent.metadata.namespace
 
     - label: network
       ref:
         kind: ResourceFunction
         name: gcp-environment-network
       inputs:
-        metadata: =steps.config
+        metadata: =steps.metadata
       state:
         networkName: =value.name
 
@@ -32,7 +31,7 @@ spec:
         kind: ResourceFunction
         name: gcp-environment-subnet
       inputs:
-        metadata: =steps.config
+        metadata: =steps.metadata
         networkName: =steps.network.name
         range: 10.10.0.0/16
       state:
@@ -43,6 +42,6 @@ spec:
         kind: ResourceFunction
         name: gcp-environment-firewall
       inputs:
-        metadata: =steps.config
+        metadata: =steps.metadata
         networkName: =steps.network.name
         subnet: =steps.subnet