automated commit

Signed-off-by: Public copy <41898282+github-actions[bot]@users.noreply.github.com>
chainguard-images · Aug 30, 2024 · 56d09b8 · 56d09b8
1 parent 3127a92
commit 56d09b8
Show file tree

Hide file tree

Showing 4 changed files with 62 additions and 0 deletions.
diff --git a/images/cilium/README.md b/images/cilium/README.md
@@ -46,6 +46,12 @@ The Cilium operator is the control plane component of Cilium. It is responsible
 
 Cloud-specific flavors of the Cilium operator exists, but the image here is the generic flavor of the Cilium operator.
 
+## cilium-operator-aws
+
+The Cilium operator is the control plane component of Cilium. It is responsible for managing Cilium resources across the cluster, such as NetworkPolicy, or IP address management.
+
+This image is the AWS-specific flavor of the Cilium operator.
+
 ## cilium-hubble-relay
 
 The Hubble Relay aggregates the observability provided by the Hubble servers (embedded in the Cilium agents) across the nodes. In other words is the Hubble component that brings multi-node support. It leverages the Peer service to obtain information about Hubble instances and consume their gRPC API in order to provide a more rich API that covers events from across the entire cluster (or even multiple clusters in a ClusterMesh scenario).

diff --git a/images/cilium/configs/operator-aws/main.tf b/images/cilium/configs/operator-aws/main.tf
@@ -0,0 +1,38 @@
+terraform {
+  required_providers {
+    apko = { source = "chainguard-dev/apko" }
+  }
+}
+
+variable "extra_packages" {
+  default     = ["cilium-operator-aws", "gops"]
+  description = "The additional packages to install (e.g. gops, cilium-operator-generic...)"
+}
+
+output "config" {
+  value = jsonencode({
+    "contents" : {
+      "packages" : var.extra_packages
+    },
+    "entrypoint" : {
+      "command" : "/usr/bin/cilium-operator-aws"
+    },
+    "accounts" : {
+      "run-as" : "65532",
+      "users" : [
+        {
+          "username" : "nobody",
+          "uid" : 65532,
+          "gid" : 65532
+        }
+      ],
+      "groups" : [
+        {
+          "groupname" : "nonroot",
+          "gid" : 65532
+        }
+      ]
+    }
+  })
+}
+
diff --git a/images/cilium/generated.tf b/images/cilium/generated.tf
diff --git a/images/cilium/operator-aws.tf b/images/cilium/operator-aws.tf
@@ -0,0 +1,11 @@
+module "operator-aws-config" { source = "./configs/operator-aws" }
+
+module "operator-aws" {
+  source = "../../tflib/publisher"
+
+  name = basename(path.module)
+
+  target_repository = "${var.target_repository}-operator-aws"
+  config            = module.operator-aws-config.config
+  build-dev         = true
+}