Skip to content

Riv25 evolution of the repository #252

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 1,468 commits into
base: main
Choose a base branch
from
Draft

Riv25 evolution of the repository #252

wants to merge 1,468 commits into from

Conversation

allamand
Copy link

@allamand allamand commented Aug 30, 2025
edited
Loading

This is Macro PR that will be used as a target for any changes needed to update workshop structure, with our RIV25 target.

When all work will be done, this PR could be then merged

@allamand allamand marked this pull request as draft August 30, 2025 19:35
Workshop User and others added 29 commits October 6, 2025 21:23
@punkwalker
Enable kubevela-components in control-plane environment
20a1472 
- Add kubevela-components: enabled: true to control-plane addons.yaml
- This will create the ApplicationSet for KubeVela components deployment
@punkwalker
fix backstage build
2f2e7d8 
Signed-off-by: Workshop User <[email protected]>
@punkwalker
Add IAM and EKS providers to Crossplane AWS chart
cc7a1e2 
- Add provider-aws-iam and provider-aws-eks to providers.yaml
- Required for KubeVela dp-service-account component to work
- Fixes rust application service account creation issues
@punkwalker
Fix ProviderConfig references in KubeVela components
264268c 
- Update dp-service-account, dynamodb-table, and component-iam-policy
- Change from default ProviderConfig to provider-aws-config
- Fixes Crossplane resource creation issues
@punkwalker
Add pod identity configuration for Crossplane providers
6632998 
- Add IAM role and pod identity association for provider-aws service account
- Add cluster name to crossplane-aws valuesObject
- Fixes AWS credentials issue for Crossplane providers
@punkwalker
Add Crossplane pod identity configuration to Terraform
1711549 
- Add crossplane_provider_aws_pod_identity module to pod-identity.tf
- Add enable_crossplane to aws_addons local in main.tf
- Enable crossplane in dev.tfvars
- Creates IAM role and pod identity association for Crossplane providers
- Fixes AWS credentials issue for Crossplane providers
@punkwalker
Remove conflicting ACK pod identity modules
501b1b4 
- Remove ack_s3_pod_identity and ack_dynamodb_pod_identity modules
- These controllers already have pod identities from the old approach in main.tf
- Fixes ResourceInUseException conflicts during Terraform apply
- Keeps only crossplane_provider_aws_pod_identity module
@punkwalker
Remove Crossplane-managed pod identity resources
c0832be 
- Remove pod-identity.yaml from crossplane-aws chart
- Use only Terraform-managed pod identity association
- Fixes circular dependency issue where Crossplane tries to create its own pod identity
@punkwalker
Update Crossplane pod identity to use AdministratorAccess
6a4a88a 
- Change from PowerUserAccess to AdministratorAccess policy
- PowerUserAccess excludes IAM management permissions
- Crossplane needs full IAM permissions to create roles and policies
@punkwalker
Fix cluster name in rust application
5d442e9 
- Change from modernengg-dev to peeks-spoke-dev
- Fixes pod identity association creation error
- ResourceNotFoundException: No cluster found for name: modernengg-dev
@punkwalker
Add aws-secrets-manager ClusterSecretStore for dev environment
2a393e2 
- Create ClusterSecretStore with consistent naming (matches hub cluster)
- Uses external-secrets-sa service account with pod identity
- Fixes ExternalSecret connectivity to AWS Secrets Manager
- Applied at environment level for all dev clusters
@punkwalker
Add platform-manifests chart for ClusterSecretStore
4cda322 
- Create platform-manifests Helm chart with ClusterSecretStore template
- Add platform-manifests section to addons.yaml with metadata annotations
- Enable platform-manifests in control-plane environment
- Creates aws-secrets-manager ClusterSecretStore for external-secrets
@punkwalker
Enable platform-manifests addon in Terraform
32d8924 
- Add enable_platform_manifests to addons_metadata in main.tf
- Enable platform_manifests in dev.tfvars
- This will create the ArgoCD application for platform-manifests
@punkwalker
Enable platform-manifests in fleet dev cluster configuration
dba1919 
- Add enable_platform_manifests: 'true' to fleet-spoke-dev labels
- This will trigger ApplicationSet to create platform-manifests application
- Creates aws-secrets-manager ClusterSecretStore for external-secrets
@punkwalker
Fix platform-manifests configuration to use path instead of chartRepo…
9339b43 
…sitory

- Use path pattern like other local charts (gitlab example)
- Remove chartName and releaseName fields
- Fixes template execution error for addonChartRepository
@punkwalker
remove kubevela-components
bb60f49 
Signed-off-by: Workshop User <[email protected]>
@punkwalker
Fix external-database-secret ComponentDefinition workload spec
1250093 
- Add workload.type: autodetects for non-workload resources
- Fixes 'spec.workload: Required value' validation error
@punkwalker
Add duplicate ClusterSecretStore with expected name
d49ed02 
- Create both aws-secrets-manager and secrets-manager-cs
- Ensures compatibility with existing ExternalSecrets
@punkwalker
clean
010481f 
Signed-off-by: Workshop User <[email protected]>
@punkwalker
enable ack IAM:
2d0d166 
Signed-off-by: Pankaj Walke <[email protected]>
@punkwalker
wip decouple the deployment
207b9b7 
Signed-off-by: Pankaj Walke <[email protected]>
@punkwalker
make gitlab nlb private and use vpc origin
fd80703 
Signed-off-by: Pankaj Walke <[email protected]>
@punkwalker
combine resource creation in terraform
7165b44 
Signed-off-by: Pankaj Walke <[email protected]>
@punkwalker
enable keycloak argocd and eso for hub
3bc2170 
Signed-off-by: Pankaj Walke <[email protected]>
@punkwalker
reset default addons.yaml
8297570 
Signed-off-by: Pankaj Walke <[email protected]>
@punkwalker
fix ack workload roles
a2d817b 
Signed-off-by: Pankaj Walke <[email protected]>
@punkwalker
configure argocd for PKCE
a1de486 
Signed-off-by: Pankaj Walke <[email protected]>
@punkwalker
fix keycloak-config job
ede3f3f 
Signed-off-by: Pankaj Walke <[email protected]>
@punkwalker
fix keycloak-config job
6f7024a 
Signed-off-by: Pankaj Walke <[email protected]>
hmuthusamy and others added 30 commits October 9, 2025 14:08
@hmuthusamy
Merge pull request #325 from aws-samples/feat/gitlab_timeout
94c58b9 
incfrease gitlab timeout in cloudfront
fix kyverno new version
056f16a
@shapirov103
Merge pull request #326 from aws-samples/feature/bump-kyverno-image-v…
c9c8afe 
…ersion

fix kyverno new version
reduced gitlab timeout
b028afd
reduced gitlab timeout
5c21ee6
@hmuthusamy
Merge pull request #327 from aws-samples/feature/gitlab-cfn-timeout
4046fa1 
Feature/gitlab cfn timeout
reduced gitlab timeout
e45ad6e
@shapirov103
Merge pull request #328 from aws-samples/feature/gitlab-cfn-timeout
359d4e5 
reduced gitlab timeout
update cicd pipeline
5ed7aba 
Signed-off-by: Workshop User <[email protected]>
@allamand
fix script to handle argocd sync blocked (#329)
ebd66a8 
Signed-off-by: Sebastien Allamand <[email protected]>
Co-authored-by: Sebastien Allamand <[email protected]>
cleanup repo
c5302d0 
Signed-off-by: Workshop User <[email protected]>
fix cluster name
d80890b 
Signed-off-by: Workshop User <[email protected]>
Update terraform scripts
4f57d85
ensure to wait if argo still not there
5855cc3 
Signed-off-by: Workshop User <[email protected]>
add tenant configuration for clusters
ec3b081 
Signed-off-by: Workshop User <[email protected]>
fix tenant in terraform
d1513bc 
Signed-off-by: user1 <[email protected]>
add tracking for eks cluster
3d897a8 
Signed-off-by: user1 <[email protected]>
Merge branch 'fix/10-10' of https://github.com/aws-samples/appmod-blu…
dfa228d 
…eprints into fix/10-10
@allamand
recalculate argo url at each loop
59bf1be 
Signed-off-by: Sébastien Allamand <[email protected]>
@hmuthusamy
Merge pull request #330 from aws-samples/fix/10-10
cd5bcd7 
update 10/10
create ekscluster in good namespace
4cd8e87 
Signed-off-by: user1 <[email protected]>
add argocd arn in the spec parameter taken from applicationset
5297120 
Signed-off-by: Workshop User <[email protected]>
@allamand @hmuthusamy
Fix/terraform timeout robustness (#332)
0794631 
* recalculate argo url at each loop

Signed-off-by: Sébastien Allamand <[email protected]>

* fix: improve terraform robustness for gitlab service deployment

- Add 15m timeouts to kubernetes_service resource
- Implement exponential backoff retry logic
- Reduce parallelism to prevent API rate limiting
- Addresses timeout issues in CodeBuild environments

* fix: restore parallelism=3 for cluster creation performance

* clean repo

Signed-off-by: Sébastien Allamand <[email protected]>

---------

Signed-off-by: Sébastien Allamand <[email protected]>
Co-authored-by: Hari Muthusamy <[email protected]>
@allamand
fix: remove unsupported timeout arguments for kubernetes_service
5fb9a98 
Only 'create' timeout is supported for kubernetes_service resource
@allamand
fix: add resource prefix to CloudFront origin request policy name
64bc8d3 
Prevents naming conflicts when deploying multiple stacks
fix argo
db756c3 
Signed-off-by: Workshop User <[email protected]>
@hmuthusamy
Merge pull request #331 from aws-samples/fix/ekscluster
87081cc 
Fix/ekscluster
@punkwalker
add usage telemetry
3a20780 
Signed-off-by: Pankaj Walke <[email protected]>
@hmuthusamy
Merge pull request #333 from punkwalker/fix-terraform
e04e219 
Fix terraform and add usage telemetry
@hmuthusamy
Added values yaml image changes (#334)
4a4ae94 
Co-authored-by: user1 <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@allamand @punkwalker @hmuthusamy @shapirov103