Config Template

There are many scenarios to need users to provide structured data which is a config. Config Template could define the schema and the structure of the config data. KubeVela could base the Config Template help users to create a valid config.

The config data save as a Secret default, but you also could generate resources of any type by defining the template. Even, you can define the extend writer to write the config data to the Nacos server.

Config Template defined with the CUE file. The schema of the specification:

  1. metadata: {
  2. name: string
  3. alias?: string
  4. description?: string
  5. scope: "project" | "system"
  6. sensitive: bool
  7. }
  8. template: {
  9. parameter: {...}
  10. output?: #Secret
  11. outputs?: {#AnyResources}
  12. nacos?: {
  13. // The endpoint can not references the parameter.
  14. endpoint: {
  15. // Users must create a config base the nacos-server template firstly.
  16. name: string
  17. }
  18. format: "json" | "yaml" | "properties" | "toml"
  19. // could references the parameter
  20. metadata: {
  21. dataId: string
  22. group: string
  23. appName: string
  24. namespaceId: string
  25. tenant: string
  26. tag: string
  27. }
  28. content: {...}
  29. }
  30. }
  • metadata.name This is required. Specify the name of the template.
  • metadata.alias Specify the alias of the template.
  • metadata.description Specify the description of the template.
  • metadata.scope Specify the scope of the config created by this template. In VelaUX, the template belonging to the project scope means this template could be used to create the config in the project. If created in the system, this config could be shared with all projects.
  • metadata.sensitive Is it sensitive the config created by this template? If the config is sensitive, it can not be read directly and could only mount the Secret.

  • template.parameter Specify the parameters of the config. KubeVela will generate the schema by this definition and validate the user’s input.

  • template.output This is not required. You could specify if you want to customize the data structure of the Secret.

  • template.outputs This is not required. You could specify any resources that you want to generate by this config.

  • template.nacos This is not required. You could specify the Nacos config metadata if you want to write the config data to the Nacos server. template.nacos.name This is the name of the config created by the built-in template nacos-server.

  • List the Config Templates

  1. vela config-template list
  • Create a Config Template
  1. vela config-template apply -f example.cue
  • Show the schema and document of the Config Template
  1. vela config-template show <Template Name>
  • Delete a Config Template
  1. vela config-template delete <Template Name>

More usages, refer to:

  1. vela config-template --help
  1. import (
  2. "encoding/base64"
  3. "encoding/json"
  4. "strconv"
  5. )
  6. metadata: {
  7. name: "image-registry"
  8. alias: "Image Registry"
  9. scope: "project"
  10. description: "Config information to authenticate image registry"
  11. sensitive: false
  12. }
  13. template: {
  14. output: {
  15. apiVersion: "v1"
  16. kind: "Secret"
  17. metadata: {
  18. name: context.name
  19. namespace: context.namespace
  20. labels: {
  21. "config.oam.dev/catalog": "velacore-config"
  22. "config.oam.dev/type": "image-registry"
  23. }
  24. }
  25. if parameter.auth != _|_ {
  26. type: "kubernetes.io/dockerconfigjson"
  27. }
  28. if parameter.auth == _|_ {
  29. type: "Opaque"
  30. }
  31. stringData: {
  32. if parameter.auth != _|_ && parameter.auth.username != _|_ {
  33. ".dockerconfigjson": json.Marshal({
  34. "auths": (parameter.registry): {
  35. "username": parameter.auth.username
  36. "password": parameter.auth.password
  37. if parameter.auth.email != _|_ {
  38. "email": parameter.auth.email
  39. }
  40. "auth": base64.Encode(null, (parameter.auth.username + ":" + parameter.auth.password))
  41. }
  42. })
  43. }
  44. if parameter.insecure != _|_ {
  45. "insecure-skip-verify": strconv.FormatBool(parameter.insecure)
  46. }
  47. if parameter.useHTTP != _|_ {
  48. "protocol-use-http": strconv.FormatBool(parameter.useHTTP)
  49. }
  50. }
  51. }
  52. parameter: {
  53. // +usage=Image registry FQDN, such as: index.docker.io
  54. registry: *"index.docker.io" | string
  55. // +usage=Authenticate the image registry
  56. auth?: {
  57. // +usage=Private Image registry username
  58. username: string
  59. // +usage=Private Image registry password
  60. password: string
  61. // +usage=Private Image registry email
  62. email?: string
  63. }
  64. // +usage=For the registry server that uses the self-signed certificate
  65. insecure?: bool
  66. // +usage=For the registry server that uses the HTTP protocol
  67. useHTTP?: bool
  68. }
  69. }
  1. metadata: {
  2. name: "nacos-server"
  3. alias: "Nacos Server"
  4. description: "Config the Nacos server connectors"
  5. sensitive: false
  6. scope: "system"
  7. }
  8. template: {
  9. parameter: {
  10. // +usage=Directly configure the Nacos server address
  11. servers?: [...{
  12. // +usage=the nacos server address
  13. ipAddr: string
  14. // +usage=nacos server port
  15. port: *8849 | int
  16. // +usage=nacos server grpc port, default=server port + 1000, this is not required
  17. grpcPort?: int
  18. }]
  19. // +usage=Discover the Nacos servers by the client.
  20. client?: {
  21. // +usage=the endpoint for get Nacos server addresses
  22. endpoint: string
  23. // +usage=the AccessKey for kms
  24. accessKey?: string
  25. // +usage=the SecretKey for kms
  26. secretKey?: string
  27. // +usage=the regionId for kms
  28. regionId?: string
  29. // +usage=the username for nacos auth
  30. username?: string
  31. // +usage=the password for nacos auth
  32. password?: string
  33. // +usage=it's to open kms,default is false. https://help.aliyun.com/product/28933.html
  34. openKMS?: bool
  35. }
  36. }
  37. }
  1. metadata: {
  2. name: "nacos-config"
  3. alias: "Nacos Configuration"
  4. description: "Write the configuration to the nacos"
  5. sensitive: false
  6. scope: "system"
  7. }
  8. template: {
  9. nacos: {
  10. // The endpoint can not references the parameter.
  11. endpoint: {
  12. // Users must create a config base the nacos-server template firstly.
  13. name: "nacos"
  14. }
  15. format: parameter.contentType
  16. // could references the parameter
  17. metadata: {
  18. dataId: parameter.dataId
  19. group: parameter.group
  20. if parameter.appName != _|_ {
  21. appName: parameter.appName
  22. }
  23. if parameter.namespaceId != _|_ {
  24. namespaceId: parameter.namespaceId
  25. }
  26. if parameter.tenant != _|_ {
  27. tenant: parameter.tenant
  28. }
  29. if parameter.tag != _|_ {
  30. tag: parameter.tag
  31. }
  32. }
  33. content: parameter.content
  34. }
  35. parameter: {
  36. // +usage=Configuration ID
  37. dataId: string
  38. // +usage=Configuration group
  39. group: *"DEFAULT_GROUP" | string
  40. // +usage=The configuration content.
  41. content: {
  42. ...
  43. }
  44. contentType: *"json" | "yaml" | "properties" | "toml"
  45. // +usage=The app name of the configuration
  46. appName?: string
  47. // +usage=The namespaceId of the configuration
  48. namespaceId?: string
  49. // +usage=The tenant, corresponding to the namespace ID field of Nacos
  50. tenant?: string
  51. // +usage=The tag of the configuration
  52. tag?: string
  53. }
  54. }
  1. import "strings"
  2. metadata: {
  3. name: "terraform-alibaba"
  4. alias: "Terraform Provider for Alibaba Cloud"
  5. sensitive: true
  6. scope: "system"
  7. description: "Terraform Provider for Alibaba Cloud"
  8. }
  9. template: {
  10. outputs: {
  11. "provider": {
  12. apiVersion: "terraform.core.oam.dev/v1beta1"
  13. kind: "Provider"
  14. metadata: {
  15. name: parameter.name
  16. namespace: "default"
  17. labels: l
  18. }
  19. spec: {
  20. provider: "alibaba"
  21. region: parameter.ALICLOUD_REGION
  22. credentials: {
  23. source: "Secret"
  24. secretRef: {
  25. namespace: "vela-system"
  26. name: context.name
  27. key: "credentials"
  28. }
  29. }
  30. }
  31. }
  32. }
  33. output: {
  34. apiVersion: "v1"
  35. kind: "Secret"
  36. metadata: {
  37. name: context.name
  38. namespace: context.namespace
  39. }
  40. type: "Opaque"
  41. stringData: credentials: strings.Join([creds1, creds2], "\n")
  42. }
  43. creds1: "accessKeyID: " + parameter.ALICLOUD_ACCESS_KEY
  44. creds2: "accessKeySecret: " + parameter.ALICLOUD_SECRET_KEY
  45. l: {
  46. "config.oam.dev/catalog": "velacore-config"
  47. "config.oam.dev/type": "terraform-provider"
  48. "config.oam.dev/provider": "terraform-alibaba"
  49. }
  50. parameter: {
  51. //+usage=The name of Terraform Provider for Alibaba Cloud, default is `default`
  52. name: *"default" | string
  53. //+usage=Get ALICLOUD_ACCESS_KEY per this guide https://help.aliyun.com/knowledge_detail/38738.html
  54. ALICLOUD_ACCESS_KEY: string
  55. //+usage=Get ALICLOUD_SECRET_KEY per this guide https://help.aliyun.com/knowledge_detail/38738.html
  56. ALICLOUD_SECRET_KEY: string
  57. //+usage=Get ALICLOUD_REGION by picking one RegionId from Alibaba Cloud region list https://www.alibabacloud.com/help/doc-detail/72379.htm
  58. ALICLOUD_REGION: string
  59. }
  60. }

The Config Template is part of the Addon. You could get or share the templates via addons.

Last updated on Feb 9, 2023 by dependabot[bot]