From c8470f7b0f14d97697d34785cdb6e24e61f691bc Mon Sep 17 00:00:00 2001 From: Arun Date: Sat, 19 Apr 2025 14:25:09 -0500 Subject: [PATCH 01/19] add backstage template to create a ephemeral cluster --- .../template-ephemeral-cluster.yaml | 79 +++++++++++++++++++ .../catalog-info.yaml | 12 +++ .../application-ephemeral-cluster.yaml | 34 ++++++++ 3 files changed, 125 insertions(+) create mode 100644 platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster.yaml create mode 100644 platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster/catalog-info.yaml create mode 100644 platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster/manifests/application-ephemeral-cluster.yaml diff --git a/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster.yaml b/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster.yaml new file mode 100644 index 000000000..882422454 --- /dev/null +++ b/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster.yaml @@ -0,0 +1,79 @@ +apiVersion: scaffolder.backstage.io/v1beta3 +kind: Template +metadata: + description: Create a ephemeral kubernetes cluster + name: ephemeral-cluster + title: Ephemeral Kubernetes Cluster +spec: + owner: guest + type: service + parameters: + - properties: + tfVars: + title: Terraform variables + properties: + name: + title: Name of the ephemeral cluster + type: string + aws_region: + description: AWS Region + type: string + required: + - name + - aws_region + type: object + repoUrl: + description: Gitea URL on management cluster + title: Gitea URL + type: string + adminRoleName: + description: Name of the role to give the administrative rights + title: Admin role name + type: string + namespace: + default: flux-system + title: Existing namespace to create this resource + type: string + title: Configuration options + required: + - repoUrl + steps: + - action: fetch:template + id: fetch-base + input: + url: ./template-ephemeral-cluster/ + values: + adminRoleName: ${{parameters.adminRoleName}} + name: ${{parameters.tfVars.name}} + namespace: ${{parameters.namespace}} + tfVars: ${{parameters.tfVars}} + name: Fetch Base + - id: publish + name: Publishing to a gitea git repository + action: publish:gitea + input: + description: Example of ephemeral cluster + repoUrl: ${{parameters.repoUrl}}?repo=${{parameters.tfVars.name}} + defaultBranch: main + - id: create-argocd-app + name: Create ArgoCD App + action: cnoe:create-argocd-app + input: + appName: ${{parameters.tfVars.name}} + appNamespace: ${{parameters.namespace}} + argoInstance: in-cluster + projectName: default + # necessary until we generate our own cert + repoUrl: http://my-gitea-http.gitea.svc.cluster.local:3000/giteaAdmin/${{parameters.tfVars.name}} + path: "manifests" + - id: register + name: Register + action: catalog:register + input: + repoContentsUrl: ${{ steps['publish'].output.repoContentsUrl }} + catalogInfoPath: 'catalog-info.yaml' + output: + links: + - title: Open in catalog + icon: catalog + entityRef: ${{ steps['register'].output.entityRef }} \ No newline at end of file diff --git a/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster/catalog-info.yaml b/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster/catalog-info.yaml new file mode 100644 index 000000000..b09323341 --- /dev/null +++ b/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster/catalog-info.yaml @@ -0,0 +1,12 @@ +apiVersion: backstage.io/v1alpha1 +kind: Component +metadata: + name: ephemeral-cluster-${{values.name}} + annotations: + backstage.io/kubernetes-namespace: ${{values.namespace}} + backstage.io/kubernetes-id: ephemeral-cluster-${{values.name}} + argocd/app-name: ${{values.name | dump}} +spec: + type: service + lifecycle: experimental + owner: guest \ No newline at end of file diff --git a/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster/manifests/application-ephemeral-cluster.yaml b/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster/manifests/application-ephemeral-cluster.yaml new file mode 100644 index 000000000..77e950118 --- /dev/null +++ b/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster/manifests/application-ephemeral-cluster.yaml @@ -0,0 +1,34 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: ${{values.name}}-ephemeral-cluster + namespace: argocd + labels: + cnoe.io/stackName: ${{values.name}}-ephemeral-cluster + cnoe.io/applicationName: ${{values.name}}-ephemeral-cluster-helm +spec: + project: default + source: + chart: vcluster + repoURL: https://charts.loft.sh + targetRevision: 0.24.0 + helm: + valuesObject: + sync: + fromHost: + nodes: + enabled: true + controlPlane: + advanced: + virtualScheduler: + enabled: true + statefulSet: + scheduling: + podManagementPolicy: OrderedReady + destination: + server: https://kubernetes.default.svc + namespace: ephemeral-cluster + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true \ No newline at end of file From 207f9475a3fd06292afd48fb17c77279b8cfef50 Mon Sep 17 00:00:00 2001 From: Arun Date: Mon, 21 Apr 2025 16:46:16 -0500 Subject: [PATCH 02/19] updates catalog-info.yaml --- platform/backstage/templates/catalog-info.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/platform/backstage/templates/catalog-info.yaml b/platform/backstage/templates/catalog-info.yaml index 95c552bc0..745a1c943 100644 --- a/platform/backstage/templates/catalog-info.yaml +++ b/platform/backstage/templates/catalog-info.yaml @@ -26,6 +26,8 @@ spec: - ./stepfunctions-bedrock-terraform/template-stepfunctions-bedrock-terraform.yaml - ./apigw-sqs-terraform/template-apigw-sqs-terraform.yaml - ./eventbridge-to-lambda-terraform/template-eventbridge-to-lambda-terraform.yaml + - ./ephemeral-cluster/template-ephemeral-cluster.yaml + --- apiVersion: backstage.io/v1alpha1 kind: System From 2315f485fc0a500b0f74dc624a0867e385612fc3 Mon Sep 17 00:00:00 2001 From: Arun Date: Mon, 21 Apr 2025 16:47:32 -0500 Subject: [PATCH 03/19] updates HOSTNAME --- platform/backstage/templates/catalog-info.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform/backstage/templates/catalog-info.yaml b/platform/backstage/templates/catalog-info.yaml index 745a1c943..02e03f27e 100644 --- a/platform/backstage/templates/catalog-info.yaml +++ b/platform/backstage/templates/catalog-info.yaml @@ -36,4 +36,4 @@ metadata: description: Holds system information i.e, hostname, IP, OS, etc spec: owner: guest - hostname: HOSTNAME \ No newline at end of file + hostname: modern-engg-e1d85d1af4a9365b.elb.us-west-2.amazonaws.com #HOSTNAME \ No newline at end of file From 668d14565e39bccaa76793b4b13741b3fcc7b89a Mon Sep 17 00:00:00 2001 From: Arun Date: Thu, 24 Apr 2025 16:07:29 -0500 Subject: [PATCH 04/19] updates hostname for testing --- platform/backstage/templates/catalog-info.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform/backstage/templates/catalog-info.yaml b/platform/backstage/templates/catalog-info.yaml index 02e03f27e..08d028c9c 100644 --- a/platform/backstage/templates/catalog-info.yaml +++ b/platform/backstage/templates/catalog-info.yaml @@ -36,4 +36,4 @@ metadata: description: Holds system information i.e, hostname, IP, OS, etc spec: owner: guest - hostname: modern-engg-e1d85d1af4a9365b.elb.us-west-2.amazonaws.com #HOSTNAME \ No newline at end of file + hostname: modern-engg-a35d36ac27cc895e.elb.us-west-2.amazonaws.com #HOSTNAME \ No newline at end of file From 28af2cda0769d7ac3f3441810d196864f4d861d2 Mon Sep 17 00:00:00 2001 From: Arun Date: Fri, 25 Apr 2025 13:48:08 -0500 Subject: [PATCH 05/19] updates hostname for testing --- platform/backstage/templates/catalog-info.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform/backstage/templates/catalog-info.yaml b/platform/backstage/templates/catalog-info.yaml index 08d028c9c..b3950f727 100644 --- a/platform/backstage/templates/catalog-info.yaml +++ b/platform/backstage/templates/catalog-info.yaml @@ -36,4 +36,4 @@ metadata: description: Holds system information i.e, hostname, IP, OS, etc spec: owner: guest - hostname: modern-engg-a35d36ac27cc895e.elb.us-west-2.amazonaws.com #HOSTNAME \ No newline at end of file + hostname: modern-engg-9ca643bfc922d87e.elb.us-west-2.amazonaws.com #HOSTNAME \ No newline at end of file From 5144b016522ccebdb317124a530b4ae7372a2ef6 Mon Sep 17 00:00:00 2001 From: Arun Date: Fri, 25 Apr 2025 16:07:56 -0500 Subject: [PATCH 06/19] adds kyverno policy exception for ephemeral cluster --- .../enforce/exceptions/ephemeral-cluster.yaml | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 packages/kyverno/enforce/exceptions/ephemeral-cluster.yaml diff --git a/packages/kyverno/enforce/exceptions/ephemeral-cluster.yaml b/packages/kyverno/enforce/exceptions/ephemeral-cluster.yaml new file mode 100644 index 000000000..95061ce79 --- /dev/null +++ b/packages/kyverno/enforce/exceptions/ephemeral-cluster.yaml @@ -0,0 +1,35 @@ +apiVersion: kyverno.io/v2beta1 +kind: PolicyException +metadata: + name: ephemeral-cluster-operation + namespace: kyverno +spec: + exceptions: + - policyName: disallow-privilege-escalation + ruleNames: + - privilege-escalation + - autogen-privilege-escalation + - policyName: disallow-capabilities-strict + ruleNames: + - require-drop-all + - autogen-require-drop-all + - policyName: require-run-as-nonroot + ruleNames: + - run-as-non-root + - autogen-run-as-non-root + - policyName: restrict-seccomp-strict + ruleNames: + - check-seccomp-strict + - autogen-check-seccomp-strict + match: + any: + - resources: + kinds: + - Pod + - Deployment + - ReplicaSet + - StatefulSet + namespaces: + - ephemeral-cluster + names: + - ephemeral-cluster* From d7a3733f7716cdbca96ec705f4ea98fe47f3745a Mon Sep 17 00:00:00 2001 From: Arun Date: Thu, 1 May 2025 16:18:15 -0500 Subject: [PATCH 07/19] updates hostname for testing --- platform/backstage/templates/catalog-info.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform/backstage/templates/catalog-info.yaml b/platform/backstage/templates/catalog-info.yaml index b3950f727..c2521ee60 100644 --- a/platform/backstage/templates/catalog-info.yaml +++ b/platform/backstage/templates/catalog-info.yaml @@ -36,4 +36,4 @@ metadata: description: Holds system information i.e, hostname, IP, OS, etc spec: owner: guest - hostname: modern-engg-9ca643bfc922d87e.elb.us-west-2.amazonaws.com #HOSTNAME \ No newline at end of file + hostname: modern-engg-f7453e9f90fc77a8.elb.us-west-2.amazonaws.com #HOSTNAME \ No newline at end of file From dce573a78875b66cec7c8581639872b67890dd60 Mon Sep 17 00:00:00 2001 From: Arun Date: Fri, 2 May 2025 15:17:24 -0500 Subject: [PATCH 08/19] updates hostname for testing --- platform/backstage/templates/catalog-info.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform/backstage/templates/catalog-info.yaml b/platform/backstage/templates/catalog-info.yaml index c2521ee60..a87698890 100644 --- a/platform/backstage/templates/catalog-info.yaml +++ b/platform/backstage/templates/catalog-info.yaml @@ -36,4 +36,4 @@ metadata: description: Holds system information i.e, hostname, IP, OS, etc spec: owner: guest - hostname: modern-engg-f7453e9f90fc77a8.elb.us-west-2.amazonaws.com #HOSTNAME \ No newline at end of file + hostname: modern-engg-473923a2bc843541.elb.us-west-2.amazonaws.com #HOSTNAME \ No newline at end of file From e75cabef0ca48d7a28549c938755937ac8305671 Mon Sep 17 00:00:00 2001 From: Arun Date: Tue, 6 May 2025 15:02:36 -0500 Subject: [PATCH 09/19] updates HOSTNAME for testing --- platform/backstage/templates/catalog-info.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform/backstage/templates/catalog-info.yaml b/platform/backstage/templates/catalog-info.yaml index a87698890..39f620156 100644 --- a/platform/backstage/templates/catalog-info.yaml +++ b/platform/backstage/templates/catalog-info.yaml @@ -36,4 +36,4 @@ metadata: description: Holds system information i.e, hostname, IP, OS, etc spec: owner: guest - hostname: modern-engg-473923a2bc843541.elb.us-west-2.amazonaws.com #HOSTNAME \ No newline at end of file + hostname: modern-engg-e1968acdfed85ec8.elb.us-west-2.amazonaws.com #HOSTNAME \ No newline at end of file From 58f5f949179f05de504d8c6d507843b3045e525a Mon Sep 17 00:00:00 2001 From: Arun Date: Fri, 9 May 2025 16:10:19 -0500 Subject: [PATCH 10/19] sets storage class as gp3 --- .../manifests/application-ephemeral-cluster.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster/manifests/application-ephemeral-cluster.yaml b/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster/manifests/application-ephemeral-cluster.yaml index 77e950118..2d977ae82 100644 --- a/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster/manifests/application-ephemeral-cluster.yaml +++ b/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster/manifests/application-ephemeral-cluster.yaml @@ -18,11 +18,16 @@ spec: fromHost: nodes: enabled: true + storageClasses: + enabled: true controlPlane: advanced: virtualScheduler: enabled: true statefulSet: + persistence: + volumeClaim: + storageClass: "gp3" scheduling: podManagementPolicy: OrderedReady destination: From ecc906b0f2e225258a9483fc2e902164fd41ebee Mon Sep 17 00:00:00 2001 From: Arun Date: Fri, 9 May 2025 20:57:20 -0500 Subject: [PATCH 11/19] updates hostname for testing --- platform/backstage/templates/catalog-info.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform/backstage/templates/catalog-info.yaml b/platform/backstage/templates/catalog-info.yaml index 39f620156..66352e026 100644 --- a/platform/backstage/templates/catalog-info.yaml +++ b/platform/backstage/templates/catalog-info.yaml @@ -36,4 +36,4 @@ metadata: description: Holds system information i.e, hostname, IP, OS, etc spec: owner: guest - hostname: modern-engg-e1968acdfed85ec8.elb.us-west-2.amazonaws.com #HOSTNAME \ No newline at end of file + hostname: modern-engg-0ea36fd4e6e31001.elb.us-west-2.amazonaws.com #HOSTNAME \ No newline at end of file From c54ab75fda003cc618fad11f3ef1b9ccbffe35ad Mon Sep 17 00:00:00 2001 From: Arun Date: Fri, 9 May 2025 20:57:58 -0500 Subject: [PATCH 12/19] updates PolicyException for eppemeral cluster --- packages/kyverno/enforce/exceptions/ephemeral-cluster.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/kyverno/enforce/exceptions/ephemeral-cluster.yaml b/packages/kyverno/enforce/exceptions/ephemeral-cluster.yaml index 95061ce79..ba45f7897 100644 --- a/packages/kyverno/enforce/exceptions/ephemeral-cluster.yaml +++ b/packages/kyverno/enforce/exceptions/ephemeral-cluster.yaml @@ -32,4 +32,4 @@ spec: namespaces: - ephemeral-cluster names: - - ephemeral-cluster* + - "*" From 113f69c37d76f648a398c7c5fa06c7635d7267cd Mon Sep 17 00:00:00 2001 From: Arun Date: Tue, 20 May 2025 10:48:56 -0500 Subject: [PATCH 13/19] removes gitea URL param --- .../ephemeral-cluster/template-ephemeral-cluster.yaml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster.yaml b/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster.yaml index 882422454..7efabffc4 100644 --- a/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster.yaml +++ b/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster.yaml @@ -22,10 +22,6 @@ spec: - name - aws_region type: object - repoUrl: - description: Gitea URL on management cluster - title: Gitea URL - type: string adminRoleName: description: Name of the role to give the administrative rights title: Admin role name @@ -53,7 +49,7 @@ spec: action: publish:gitea input: description: Example of ephemeral cluster - repoUrl: ${{parameters.repoUrl}}?repo=${{parameters.tfVars.name}} + repoUrl: ${{ steps['fetchSystem'].output.entity.spec.hostname }}/gitea?repo=${{parameters.tfVars.name}} defaultBranch: main - id: create-argocd-app name: Create ArgoCD App From 948de4a52ecd9a65ba1371c3ca050d30a60dde49 Mon Sep 17 00:00:00 2001 From: Arun Date: Tue, 20 May 2025 10:49:09 -0500 Subject: [PATCH 14/19] updates hostname for testing --- platform/backstage/templates/catalog-info.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform/backstage/templates/catalog-info.yaml b/platform/backstage/templates/catalog-info.yaml index 66352e026..da88582ae 100644 --- a/platform/backstage/templates/catalog-info.yaml +++ b/platform/backstage/templates/catalog-info.yaml @@ -36,4 +36,4 @@ metadata: description: Holds system information i.e, hostname, IP, OS, etc spec: owner: guest - hostname: modern-engg-0ea36fd4e6e31001.elb.us-west-2.amazonaws.com #HOSTNAME \ No newline at end of file + hostname: modern-engg-9d74b50126130076.elb.us-west-2.amazonaws.com #HOSTNAME \ No newline at end of file From c042a3c8fdb86130769cf3524bfc414273327036 Mon Sep 17 00:00:00 2001 From: Arun Date: Tue, 20 May 2025 10:52:46 -0500 Subject: [PATCH 15/19] updates catalog info --- platform/backstage/templates/catalog-info.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform/backstage/templates/catalog-info.yaml b/platform/backstage/templates/catalog-info.yaml index da88582ae..745a1c943 100644 --- a/platform/backstage/templates/catalog-info.yaml +++ b/platform/backstage/templates/catalog-info.yaml @@ -36,4 +36,4 @@ metadata: description: Holds system information i.e, hostname, IP, OS, etc spec: owner: guest - hostname: modern-engg-9d74b50126130076.elb.us-west-2.amazonaws.com #HOSTNAME \ No newline at end of file + hostname: HOSTNAME \ No newline at end of file From cd7233d6f02ecb8f53adcb9a6b2038f08740befb Mon Sep 17 00:00:00 2001 From: Arun Date: Wed, 21 May 2025 10:43:12 -0500 Subject: [PATCH 16/19] uses dynamic namespace in argo app for ephemeral cluster --- .../manifests/application-ephemeral-cluster.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster/manifests/application-ephemeral-cluster.yaml b/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster/manifests/application-ephemeral-cluster.yaml index 2d977ae82..6a6746bee 100644 --- a/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster/manifests/application-ephemeral-cluster.yaml +++ b/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster/manifests/application-ephemeral-cluster.yaml @@ -32,7 +32,7 @@ spec: podManagementPolicy: OrderedReady destination: server: https://kubernetes.default.svc - namespace: ephemeral-cluster + namespace: ${{values.name}}-ephemeral-cluster syncPolicy: automated: {} syncOptions: From 3b162a8ed39f09c7f41a4795936ec665bb741abf Mon Sep 17 00:00:00 2001 From: Arun Date: Thu, 24 Jul 2025 21:28:01 -0500 Subject: [PATCH 17/19] removes repo URL as required param --- .../templates/ephemeral-cluster/template-ephemeral-cluster.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster.yaml b/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster.yaml index 7efabffc4..fbe464f37 100644 --- a/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster.yaml +++ b/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster.yaml @@ -31,8 +31,6 @@ spec: title: Existing namespace to create this resource type: string title: Configuration options - required: - - repoUrl steps: - action: fetch:template id: fetch-base From d668ddc5b7bc69231e488def9b7963a19dd91994 Mon Sep 17 00:00:00 2001 From: Arun Date: Thu, 24 Jul 2025 21:39:26 -0500 Subject: [PATCH 18/19] updates hostname for testing --- platform/backstage/templates/catalog-info.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform/backstage/templates/catalog-info.yaml b/platform/backstage/templates/catalog-info.yaml index 745a1c943..1773c00ba 100644 --- a/platform/backstage/templates/catalog-info.yaml +++ b/platform/backstage/templates/catalog-info.yaml @@ -36,4 +36,4 @@ metadata: description: Holds system information i.e, hostname, IP, OS, etc spec: owner: guest - hostname: HOSTNAME \ No newline at end of file + hostname: modern-engg-591204cb6d7471ff.elb.us-west-2.amazonaws.com #HOSTNAME \ No newline at end of file From e6c30b2c7e2543abba7f5d4e4846fa78555c6c66 Mon Sep 17 00:00:00 2001 From: Arun Date: Fri, 25 Jul 2025 13:20:29 -0500 Subject: [PATCH 19/19] adds fetch system step --- .../ephemeral-cluster/template-ephemeral-cluster.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster.yaml b/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster.yaml index fbe464f37..33b8f587b 100644 --- a/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster.yaml +++ b/platform/backstage/templates/ephemeral-cluster/template-ephemeral-cluster.yaml @@ -32,6 +32,11 @@ spec: type: string title: Configuration options steps: + - id: fetchSystem + name: Fetch System + action: catalog:fetch + input: + entityRef: system:default/system-info - action: fetch:template id: fetch-base input: