1apiVersion: iam.cnrm.cloud.google.com/v1beta1
2kind: IAMPolicyMember
3metadata:
4 name: shoot-publisher
5 namespace: data-sync-connector
6 labels:
7 platform.edge.ncr.com/component: data-sync-connector
8 cluster_hash: ${cluster_hash}
9 cluster_uuid: ${cluster_uuid}
10 annotations:
11 cnrm.cloud.google.com/project-id: ${gcp_project_id}
12 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
13 pallet.edge.ncr.com/name: shoot
14 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
15 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
16 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync'
17 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
18spec:
19 member: serviceAccount:shoot-${cluster_hash}@${gcp_project_id}.iam.gserviceaccount.com
20 resourceRef:
21 apiVersion: pubsub.cnrm.cloud.google.com/v1beta1
22 kind: PubSubTopic
23 external: "projects/${foreman_gcp_project_id}/topics/data-sync-e2c"
24 role: roles/pubsub.publisher
25---
26apiVersion: iam.cnrm.cloud.google.com/v1beta1
27kind: IAMPolicyMember
28metadata:
29 name: shoot-publisher-legacy
30 namespace: data-sync-connector
31 labels:
32 platform.edge.ncr.com/component: data-sync-connector
33 cluster_hash: ${cluster_hash}
34 cluster_uuid: ${cluster_uuid}
35 annotations:
36 cnrm.cloud.google.com/project-id: ${gcp_project_id}
37 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
38 pallet.edge.ncr.com/name: shoot
39 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
40 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
41 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync'
42 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
43spec:
44 member: serviceAccount:shoot-${cluster_hash}@${gcp_project_id}.iam.gserviceaccount.com
45 resourceRef:
46 apiVersion: pubsub.cnrm.cloud.google.com/v1beta1
47 kind: PubSubTopic
48 external: "projects/${foreman_gcp_project_id}/topics/public"
49 role: roles/pubsub.publisher
50---
51apiVersion: iam.cnrm.cloud.google.com/v1beta1
52kind: IAMServiceAccount
53metadata:
54 name: shoot
55 namespace: data-sync-connector
56 labels:
57 platform.edge.ncr.com/component: data-sync-connector
58 cluster_hash: ${cluster_hash}
59 cluster_uuid: ${cluster_uuid}
60 annotations:
61 cnrm.cloud.google.com/project-id: ${gcp_project_id}
62 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
63 pallet.edge.ncr.com/name: shoot
64 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
65 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
66 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync'
67 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
68spec:
69 displayName: ${cluster_uuid} Data Sync Shoot
70 resourceID: shoot-${cluster_hash}
71---
72apiVersion: iam.cnrm.cloud.google.com/v1beta1
73kind: IAMServiceAccountKey
74metadata:
75 name: shoot-gcp-api-key
76 namespace: data-sync-connector
77 labels:
78 platform.edge.ncr.com/component: data-sync-connector
79 cluster_hash: ${cluster_hash}
80 cluster_uuid: ${cluster_uuid}
81 annotations:
82 cnrm.cloud.google.com/project-id: ${gcp_project_id}
83 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
84 pallet.edge.ncr.com/name: shoot
85 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
86 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
87 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync'
88 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
89spec:
90 serviceAccountRef:
91 name: shoot
92---
93apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1
94kind: SecretManagerSecret
95metadata:
96 name: shoot-${cluster_uuid}-gcp-api-key
97 namespace: data-sync-connector
98 labels:
99 platform.edge.ncr.com/component: data-sync-connector
100 cluster_hash: ${cluster_hash}
101 cluster_uuid: ${cluster_uuid}
102 annotations:
103 cnrm.cloud.google.com/project-id: ${gcp_project_id}
104 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
105 pallet.edge.ncr.com/name: shoot
106 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
107 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
108 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync'
109 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
110spec:
111 replication:
112 automatic: true
113---
114apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1
115kind: SecretManagerSecretVersion
116metadata:
117 name: shoot-${cluster_uuid}-gcp-api-key
118 namespace: data-sync-connector
119 labels:
120 platform.edge.ncr.com/component: data-sync-connector
121 cluster_hash: ${cluster_hash}
122 cluster_uuid: ${cluster_uuid}
123 annotations:
124 cnrm.cloud.google.com/project-id: ${gcp_project_id}
125 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
126 pallet.edge.ncr.com/name: shoot
127 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
128 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
129 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-data-sync'
130 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
131spec:
132 secretRef:
133 name: shoot-${cluster_uuid}-gcp-api-key
134 enabled: true
135 secretData:
136 valueFrom:
137 secretKeyRef:
138 name: shoot-gcp-api-key
139 key: key.json
View as plain text