build: add AWSClusterStaticIdentity in example file

Author: dkoshkin

README.md

@@ -29,6 +29,22 @@ To create the ClusterClass and it's Templates with this runtime extension enable
 kubectl apply --server-side -f examples/capi-quick-start/docker-cluster-class.yaml
 ```
 
+If creating an AWS cluster using the files in `examples/`, you will also need to create a secret with your AWS credentials:
+
+```shell
+kubectl apply --server-side -f - <<EOF
+apiVersion: v1
+kind: Secret
+metadata:
+  name: "aws-quick-start-creds"
+  namespace: capa-system
+stringData:
+ AccessKeyID: ${AWS_ACCESS_KEY_ID}
+ SecretAccessKey: ${AWS_SECRET_ACCESS_KEY}
+ SessionToken: ${AWS_SESSION_TOKEN}
+EOF
+```
+
 To create a cluster, update `clusterConfig` variable and run:
 
 ```shell

examples/capi-quick-start/aws-cluster-class.yaml

@@ -39,6 +39,21 @@ spec:
               infrastructureCluster: true
       description: aws region to target for cluster creation
       name: region
+    - definitions:
+        - jsonPatches:
+            - op: add
+              path: /spec/template/spec/identityRef
+              valueFrom:
+                template: |
+                  kind: AWSClusterStaticIdentity
+                  name: {{ .builtin.cluster.name }}
+          selector:
+            apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
+            kind: AWSClusterTemplate
+            matchResources:
+              infrastructureCluster: true
+      description: AWSClusterStaticIdentity identityRef to use when creating the cluster
+      name: identityRef
   variables:
     - name: region
       schema:

examples/capi-quick-start/aws-cluster.yaml

@@ -28,3 +28,15 @@ spec:
         - class: default-worker
           name: md-0
           replicas: 1
+---
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+kind: AWSClusterStaticIdentity
+metadata:
+  labels:
+    cluster.x-k8s.io/provider: aws
+  name: aws-quick-start
+spec:
+  allowedNamespaces:
+    list:
+      - default
+  secretRef: aws-quick-start-creds

hack/examples/bases/aws/AWSClusterStaticIdentity.yaml

@@ -0,0 +1,13 @@
+# Copyright 2023 D2iQ, Inc. All rights reserved.
+# SPDX-License-Identifier: Apache-2.0
+
+---
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+kind: AWSClusterStaticIdentity
+metadata:
+  name: "quick-start"
+spec:
+  secretRef: aws-quick-start-creds
+  allowedNamespaces:
+    list:
+      - "default"

hack/examples/bases/aws/kustomization.yaml.tmpl

@@ -6,6 +6,7 @@ kind: Kustomization
 
 resources:
 - https://github.com/kubernetes-sigs/cluster-api-provider-aws/releases/download/${CAPA_VERSION}/cluster-template-simple-clusterclass.yaml
+- AWSClusterStaticIdentity.yaml
 
 namePrefix: aws-
 
@@ -61,6 +62,21 @@ patches:
                 matchResources:
                   infrastructureCluster: true
           description: aws region to target for cluster creation
+        - name: identityRef
+          definitions:
+            - jsonPatches:
+                - op: add
+                  path: /spec/template/spec/identityRef
+                  valueFrom:
+                    template: |
+                      kind: AWSClusterStaticIdentity
+                      name: {{ .builtin.cluster.name }}
+              selector:
+                apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
+                kind: AWSClusterTemplate
+                matchResources:
+                  infrastructureCluster: true
+          description: AWSClusterStaticIdentity identityRef to use when creating the cluster
     - op: "add"
       path: "/spec/variables"
       value:

hack/examples/sync.sh

@@ -19,6 +19,6 @@ mkdir -p examples/capi-quick-start
 kustomize build ./hack/examples |
   tee >(gojq --yaml-input --yaml-output '. | select(.metadata.labels["cluster.x-k8s.io/provider"] == "docker" and .kind != "Cluster")' >examples/capi-quick-start/docker-cluster-class.yaml) \
     >(gojq --yaml-input --yaml-output '. | select(.metadata.labels["cluster.x-k8s.io/provider"] == "docker" and .kind == "Cluster")' >examples/capi-quick-start/docker-cluster.yaml) \
-    >(gojq --yaml-input --yaml-output '. | select(.metadata.labels["cluster.x-k8s.io/provider"] == "aws" and .kind != "Cluster")' >examples/capi-quick-start/aws-cluster-class.yaml) \
-    >(gojq --yaml-input --yaml-output '. | select(.metadata.labels["cluster.x-k8s.io/provider"] == "aws" and .kind == "Cluster")' >examples/capi-quick-start/aws-cluster.yaml) \
+    >(gojq --yaml-input --yaml-output '. | select(.metadata.labels["cluster.x-k8s.io/provider"] == "aws" and ( .kind != "Cluster" and .kind != "AWSClusterStaticIdentity"))' >examples/capi-quick-start/aws-cluster-class.yaml) \
+    >(gojq --yaml-input --yaml-output '. | select(.metadata.labels["cluster.x-k8s.io/provider"] == "aws" and ( .kind == "Cluster" or .kind == "AWSClusterStaticIdentity"))' >examples/capi-quick-start/aws-cluster.yaml) \
     >/dev/null