cpflow 4.1.0 → 4.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 692a5e1a11ae3d172e2adf9cf4da3573f6fa639e69b49d797c8b09d619d1ccb4
-  data.tar.gz: e6a66549f0e5bb67816205a28a6d2df0cd5f8b53a2bf1d2e003985a19da5ce0e
+  metadata.gz: ff0b8272e9a7bff7f8dc1e0b259188726cb2bbd0b7c87cc8c3bc498a984e2023
+  data.tar.gz: 8ee3ebc353a638b11fb2a00b98e1a4ff9347c1f1c3170d26ab5e0f23efae95f1
 SHA512:
-  metadata.gz: 5c855e9908cc2b7cd014b51f7196cabec19f2f950a98c5b9116dfb2fc68b5cd703492864eb4ec9ed9b016ea18d23801feadfe5ea57321e90001fcbd99c7e04d2
-  data.tar.gz: 270f3f96e3a4a61a3875f9410e7116adfe5dc0a08bfccac43ff66b329da629e167a253986444e61c4832088afc65090e50d14da8b00c7a4e57d92ba642835e32
+  metadata.gz: affaed65cdfe25c9be5ef91f331208153b8755a7e1fa3aeb13309388212168a74b0c6d3e70d5f2907df0d726daa50ab3c624de3139d02a9ee669445a991d0411
+  data.tar.gz: 59db782ffc610191aeec401c77ddd939722c7597fecb13afa708f70e994142a33b81ef4ee2971700b496ca2dc1efb445e36956a35adc57050e3c3d6fb721fd79

data/.gitignore

@@ -16,3 +16,7 @@
 
 /spec.log
 /spec/dummy/.controlplane/controlplane*-tmp-*.yml
+
+# Generated configs
+/terraform/
+/.controlplane/

data/CHANGELOG.md

@@ -14,6 +14,10 @@ Changes since the last non-beta release.
 
 _Please add entries here for your pull requests that have not yet been released._
 
+### Fixed
+
+- Fixed issue where `ps`, `ps:start`, `ps:stop`, `ps:wait`, and `run` commands fail when trying to fetch replicas with CPLN CLI. [PR 254](https://github.com/shakacode/control-plane-flow/pull/254) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+
 ## [4.1.0] - 2024-12-17
 
 ### Fixed

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    cpflow (4.1.0)
+    cpflow (4.1.1)
       dotenv (~> 2.8.1)
       jwt (~> 2.8.1)
       psych (~> 5.1.0)

data/README.md

@@ -54,9 +54,9 @@ Additionally, the documentation includes numerous examples and practical tips fo
 11. [CLI Commands Reference](#cli-commands-reference)
 12. [Mapping of Heroku Commands to `cpflow` and `cpln`](#mapping-of-heroku-commands-to-cpflow-and-cpln)
 13. [Examples](#examples)
-14. [Migrating Postgres Database from Heroku Infrastructure](/docs/postgres.md)
-15. [Migrating Redis Database from Heroku Infrastructure](/docs/redis.md)
-16. [Tips](/docs/tips.md)
+14. [Migrating Postgres Database from Heroku Infrastructure](https://www.shakacode.com/control-plane-flow/docs/postgres/)
+15. [Migrating Redis Database from Heroku Infrastructure](https://www.shakacode.com/control-plane-flow/docs/redis/)
+16. [Tips](https://www.shakacode.com/control-plane-flow/docs/tips/)
 
 ## Key Features
 
@@ -137,7 +137,7 @@ The `cpln` CLI is the Control Plane CLI.
 
 ## Steps to Migrate
 
-Click [here](/docs/migrating.md) to see the steps to migrate.
+Click [here](https://www.shakacode.com/control-plane-flow/docs/migrating/) to see the steps to migrate.
 
 ## Configuration Files
 
@@ -479,7 +479,7 @@ development purposes.
 
 ## Scheduled Jobs
 
-Control Plane supports scheduled jobs via [cron workloads](https://shakadocs.controlplane.com/reference/workload#cron).
+Control Plane supports scheduled jobs via [cron workloads](https://shakadocs.controlplane.com/reference/workload/types#cron).
 
 Here's a partial example of a template for a cron workload, using the app image:
 
@@ -503,7 +503,7 @@ spec:
       image: "/org/APP_ORG/image/APP_IMAGE"
 ```
 
-A complete example can be found at [templates/daily-task.yml](templates/daily-task.yml), optimized for Control Plane and
+A complete example can be found at [templates/daily-task.yml](https://github.com/shakacode/control-plane-flow/blob/main/templates/daily-task.yml), optimized for Control Plane and
 suitable for development purposes.
 
 You can create the cron workload by adding the template for it to the `.controlplane/templates/` directory and running
@@ -513,7 +513,7 @@ Then to view the logs of the cron workload, you can run `cpflow logs -a my-app -
 
 ## CLI Commands Reference
 
-Click [here](/docs/commands.md) to see the commands.
+Click [here](https://www.shakacode.com/control-plane-flow/docs/commands/) to see the commands.
 
 You can also run the following command:
 

data/docs/commands.md

@@ -444,6 +444,22 @@ cpflow run -a $APP_NAME --entrypoint /app/alternative-entrypoint.sh -- rails db:
 cpflow setup-app -a $APP_NAME
 ```
 
+### `terraform generate`
+
+- Generates terraform configuration files based on `controlplane.yml` and `templates/` config
+
+```sh
+cpflow terraform generate
+```
+
+### `terraform import`
+
+- Imports terraform resources from the generated configuration files
+
+```sh
+cpflow terraform import
+```
+
 ### `version`
 
 - Displays the current version of the CLI

data/docs/terraform/details.md

@@ -0,0 +1,415 @@
+### Terraform Configurations from CPLN Templates
+
+#### Providers
+
+Terraform provider configurations are controlled via `required_providers.tf` and `providers.tf`:
+
+- **`required_providers.tf`**
+
+```hcl
+terraform {
+  required_providers {
+    cpln = {
+      source = "controlplane-com/cpln"
+      version = "~> 1.0"
+    }
+  }
+}
+```
+
+- **`providers.tf`**
+
+```hcl
+provider "cpln" {
+  org = "org-name-example"
+}
+```
+
+#### GVC (Global Virtual Cloud)
+
+CPLN template in YAML format:
+
+```yaml
+kind: gvc
+name: app-name
+description: app-description
+tags:
+  tag-name-1: "tag-value-1"
+  tag-name-2: "tag-value-2"
+spec:
+  domain: "app.example.com"
+  env:
+    - name: DATABASE_URL
+      value: "postgres://the_user:the_password@postgres.app-name.cpln.local:5432/app-name"
+    - name: RAILS_ENV
+      value: production
+    - name: RAILS_SERVE_STATIC_FILES
+      value: "true"
+  staticPlacement:
+    locationLinks:
+      - "//location/aws-us-west-2"
+  pullSecretLinks:
+    - "/org/org-name/secret/some-secret"
+  loadBalancer:
+    dedicated: true
+    trustedProxies: 0
+```
+
+Will transform to Terraform config:
+
+```hcl
+resource "cpln_gvc" "app-name" {
+  name = "app-name"
+  description = "app-description"
+  tags = {
+    tag_name_1 = "tag-value-1"
+    tag_name_2 = "tag-value-2"
+  }
+  domain = "app.example.com"
+  locations = ["aws-us-west-2"]
+  pull_secrets = ["cpln_secret.some-secret.name"]
+  env = {
+    DATABASE_URL = "postgres://the_user:the_password@postgres.app-name.cpln.local:5432/app-name"
+    RAILS_ENV = "production"
+    RAILS_SERVE_STATIC_FILES = "true"
+  }
+  load_balancer {
+    dedicated = true
+    trusted_proxies = 0
+  }
+}
+```
+
+#### Identity
+
+CPLN template in YAML format:
+
+```yaml
+kind: identity
+name: postgres-poc-identity
+description: postgres-poc-identity
+tags:
+  tag-name-1: "tag-value-1"
+  tag-name-2: "tag-value-2"
+```
+
+Will transform to Terraform config:
+
+```hcl
+resource "cpln_identity" "postgres-poc-identity" {
+  name = "postgres-poc-identity"
+  description = "postgres-poc-identity"
+  tags = {
+    tag_name_1 = "tag-value-1"
+    tag_name_2 = "tag-value-2"
+  }
+}
+```
+
+#### Secret
+
+CPLN template in YAML format
+
+**For `aws` secret:**
+
+```yaml
+kind: secret
+name: aws
+description: aws
+type: aws
+data:
+  accessKey: 'AccessKeyExample'
+  externalId: 'ExternalIdExample'
+  roleArn: arn:awskey
+  secretKey: 'SecretKeyExample'
+```
+
+Will transform to Terraform config:
+
+```hcl
+resource "cpln_secret" "aws" {
+  name = "aws"
+  description = "aws"
+  aws {
+    secret_key = "SecretKeyExample"
+    access_key = "AccessKeyExample"
+    role_arn = "arn:awskey"
+    external_id = "ExternalIdExample"
+  }
+}
+```
+
+**For `azure-connector` secret:**
+
+```yaml
+kind: secret
+name: azure-connector
+description: azure_connector
+tags:
+  tag1: tag-val
+type: azure-connector
+data:
+  code: 'CodeExample'
+  url: https://example.com
+```
+
+Will transform to Terraform config:
+
+```hcl
+resource "cpln_secret" "azure-connector" {
+  name = "azure-connector"
+  description = "azure_connector"
+  tags = {
+    tag1 = "tag-val"
+  }
+  azure_connector {
+    url = "https://example.com"
+    code = "CodeExample"
+  }
+}
+```
+
+**For `azure-sdk-secret` secret:**
+
+```yaml
+kind: secret
+name: azure-sdk-secret
+description: azure-sdk-secret
+type: azure-sdk
+data: >-
+  {"subscriptionId":"subscriptionId","tenantId":"tenantId","clientId":"clientId","clientSecret":"CONFIDENTIAL"}
+```
+
+Will transform to Terraform config:
+
+```hcl
+resource "cpln_secret" "azure-sdk-secret" {
+  name = "azure-sdk-secret"
+  description = "azure-sdk-secret"
+  azure_sdk = "{"subscriptionId":"subscriptionId","tenantId":"tenantId","clientId":"clientID","clientSecret":"CONFIDENTIAL"}"
+}
+```
+
+**For `dictionary` secret:**
+
+```yaml
+kind: secret
+name: dictionary
+description: dictionary
+tags: {}
+type: dictionary
+data:
+  example: 'value'
+```
+
+Will transform to Terraform config:
+
+```hcl
+resource "cpln_secret" "dictionary" {
+  name = "dictionary"
+  description = "dictionary"
+  tags = {
+  }
+  dictionary = {
+    example = "value"
+  }
+}
+```
+
+Supported all types of the secrets which can be configured in Control Plane.
+
+#### Policy
+
+CPLN template in YAML format:
+
+```yaml
+kind: policy
+name: policy-name
+description: policy description
+tags:
+  tag1: tag1_value
+  tag2: tag2_value
+target: all
+targetKind: secret
+targetLinks:
+- "//secret/postgres-poc-credentials"
+- "//secret/postgres-poc-entrypoint-script"
+bindings:
+  - permissions:
+    - reveal
+    - view
+    - use
+    principalLinks:
+      - "//gvc/{{APP_NAME}}/identity/postgres-poc-identity"
+  - permissions:
+    - view
+    principalLinks:
+      - user/fake-user@fake-email.com
+```
+
+Will be transformed to Terraform config:
+
+```hcl
+resource "cpln_policy" "policy-name" {
+  name = "policy-name"
+  description = "policy description"
+  tags = {
+    tag1 = "tag1_value"
+    tag2 = "tag2_value"
+  }
+  target_kind = "secret"
+  gvc = cpln_gvc.app-name.name
+  target = "all"
+  target_links = ["postgres-poc-credentials", "postgres-poc-entrypoint-script"]
+  binding {
+    permissions = ["reveal", "view", "use"]
+    principal_links = ["gvc/app-name/identity/postgres-poc-identity"]
+  }
+  binding {
+    permissions = ["view"]
+    principal_links = ["user/fake-user@fake-email.com"]
+  }
+}
+```
+
+#### Volumeset
+
+CPLN template in YAML format:
+
+```yaml
+kind: volumeset
+name: postgres-poc-vs
+description: postgres-poc-vs
+spec:
+  autoscaling:
+    maxCapacity: 1000
+    minFreePercentage: 1
+    scalingFactor: 1.1
+  fileSystemType: ext4
+  initialCapacity: 10
+  performanceClass: general-purpose-ssd
+  snapshots:
+    createFinalSnapshot: true
+    retentionDuration: 7d
+```
+
+Will be transformed to Terraform config:
+
+```hcl
+resource "cpln_volume_set" "postgres-poc-vs" {
+  gvc = cpln_gvc.app-name.name
+  name = "postgres-poc-vs"
+  description = "postgres-poc-vs"
+  initial_capacity = 10
+  performance_class = "general-purpose-ssd"
+  file_system_type = "ext4"
+  snapshots {
+    create_final_snapshot = true
+    retention_duration = "7d"
+  }
+  autoscaling {
+    max_capacity = 1000
+    min_free_percentage = 1
+    scaling_factor = 1.1
+  }
+}
+```
+
+#### Workload
+
+CPLN template in YAML format:
+
+```yaml
+kind: workload
+name: rails
+spec:
+  type: standard
+  containers:
+    - name: rails
+      cpu: 300m
+      env:
+        - name: LOG_LEVEL
+          value: debug
+      inheritEnv: true
+      image: {{APP_IMAGE_LINK}}
+      memory: 512Mi
+      ports:
+        - number: 3000
+          protocol: http
+  defaultOptions:
+    autoscaling:
+      maxScale: 1
+    capacityAI: false
+  firewallConfig:
+    external:
+      inboundAllowCIDR:
+        - 0.0.0.0/0
+      outboundAllowCIDR:
+        - 0.0.0.0/0
+```
+
+Will be transformed to Terraform configs:
+
+- **`rails.tf`**
+
+```hcl
+module "rails" {
+  source = "../workload"
+  type = "standard"
+  name = "rails"
+  gvc = cpln_gvc.my-app-production.name
+  containers = {
+    rails: {
+      image: "/org/shakacode-demo/image/my-app-production:rails",
+      cpu: "300m",
+      memory: "512Mi",
+      inherit_env: true,
+      envs: local.rails_envs,
+      ports: [
+        {
+          number: 3000,
+          protocol: "http"
+        }
+      ]
+    }
+  }
+  options = {
+    autoscaling: {
+      max_scale: 1
+    }
+    capacity_ai: false
+  }
+  firewall_spec = {
+    external: {
+      inbound_allow_cidr: [
+        "0.0.0.0/0"
+      ],
+      outbound_allow_cidr: [
+        "0.0.0.0/0"
+      ]
+    }
+  }
+}
+```
+
+Notice the `source: ../workload` line - there is a common `workload` module which is used for generating Terraform configs from workload templates:
+```
+workload/
+├── main.tf -- Configurable workload resource in HCL
+├── required_providers.tf -- Required providers for Terraform in HCL
+├── variables.tf -- Variables used to configure workload resource above
+```
+
+- **`rails_envs.tf`**
+
+```hcl
+locals {
+  rails_envs = {
+    LOG_LEVEL = "debug"
+  }
+}
+```
+
+### References
+
+- [Control Plane Terraform Provider](https://registry.terraform.io/providers/controlplane-com/cpln/latest/docs)

data/docs/terraform/example/.controlplane/controlplane.yml

@@ -0,0 +1,29 @@
+allow_org_override_by_env: true
+allow_app_override_by_env: true
+
+aliases:
+  common: &common
+    cpln_org: my-org-staging
+    default_location: aws-us-east-2
+    setup_app_templates:
+      - app
+      - postgres
+      - rails
+    one_off_workload: rails
+    app_workloads:
+      - rails
+    additional_workloads:
+      - postgres
+apps:
+  rails-app-staging:
+    <<: *common
+    hooks:
+      post_creation: bundle exec rake db:prepare
+      pre_deletion: bundle exec rake db:drop
+
+  rails-app-production:
+    <<: *common
+    allow_org_override_by_env: false
+    allow_app_override_by_env: false
+    cpln_org: my-org-production
+    upstream: rails-app-staging

data/docs/terraform/example/.controlplane/templates/app.yml

@@ -0,0 +1,38 @@
+kind: gvc
+name: {{APP_NAME}}
+description: Global Virtual Cloud for Rails Application
+spec:
+  env:
+    - name: DATABASE_URL
+      value: "postgres://user:password@postgres.{{APP_NAME}}.cpln.local:5432/{{APP_NAME}}"
+    - name: RAILS_ENV
+      value: production
+    - name: RAILS_SERVE_STATIC_FILES
+      value: "true"
+  staticPlacement:
+    locationLinks:
+      - {{APP_LOCATION_LINK}}
+  pullSecretLinks:
+    - "/org/org-name/secret/rails-app-secret"
+  loadBalancer:
+    dedicated: true
+    trustedProxies: 0
+
+---
+
+kind: identity
+name: rails-app-identity
+description: Identity for Rails Application
+tags:
+  environment: production
+
+---
+
+kind: secret
+name: rails-app-secret
+description: Secret for Rails Application
+type: aws
+data:
+  accessKey: 'AccessKeyExample'
+  secretKey: 'SecretKeyExample'
+  region: 'us-west-2'

data/docs/terraform/example/.controlplane/templates/postgres.yml

@@ -0,0 +1,30 @@
+kind: workload
+name: postgres
+spec:
+  type: standard
+  containers:
+    - name: postgres
+      cpu: 500m
+      env:
+        - name: POSTGRES_USER
+          value: "user"
+        - name: POSTGRES_PASSWORD
+          value: "password"
+        - name: POSTGRES_DB
+          value: "rails_app"
+      inheritEnv: true
+      image: "postgres:latest"
+      memory: 1Gi
+      ports:
+        - number: 5432
+          protocol: tcp
+  defaultOptions:
+    autoscaling:
+      maxScale: 1
+    capacityAI: false
+  firewallConfig:
+    external:
+      inboundAllowCIDR:
+        - 0.0.0.0/0
+      outboundAllowCIDR:
+        - 0.0.0.0/0

data/docs/terraform/example/.controlplane/templates/rails.yml

@@ -0,0 +1,26 @@
+kind: workload
+name: rails
+spec:
+  type: standard
+  containers:
+    - name: rails
+      cpu: 300m
+      env:
+        - name: LOG_LEVEL
+          value: debug
+      inheritEnv: true
+      image: {{APP_IMAGE_LINK}}
+      memory: 512Mi
+      ports:
+        - number: 3000
+          protocol: http
+  defaultOptions:
+    autoscaling:
+      maxScale: 1
+    capacityAI: false
+  firewallConfig:
+    external:
+      inboundAllowCIDR:
+        - 0.0.0.0/0
+      outboundAllowCIDR:
+        - 0.0.0.0/0