# provider-exoscale-sos

`provider-exoscale-sos` is a [Crossplane](https://crossplane.io/) provider built with [Upjet](https://github.com/crossplane/upjet) that exposes Exoscale [Simple Object Storage (SOS)](https://www.exoscale.com/object-storage/) resources as Kubernetes custom resources.

> **Note:** This provider is generated from the [AWS S3 Terraform provider](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket). Exoscale SOS implements the S3-compatible API, so most common operations work seamlessly. A small number of AWS-specific features (such as certain IAM ARN formats or AWS-proprietary storage classes) are not available on Exoscale SOS.

This provider is designed to be used **alongside [provider-exoscale](provider-exoscale)**, which manages IAM roles and other Exoscale resources required for advanced SOS configurations such as cross-zone bucket replication.

Source and full list of managed resources: [Upbound Marketplace](https://marketplace.upbound.io/providers/exoscale/provider-exoscale-sos)

## Prerequisites

- An existing Kubernetes cluster
- [`kubectl`](https://kubernetes.io/docs/tasks/tools/#kubectl) installed and configured
- [Helm](https://helm.sh/docs/intro/install/) installed
- An [Exoscale](https://portal.exoscale.com/register) account with [API credentials](https://community.exoscale.com/documentation/iam/quick-start/)

## Install Crossplane

```bash
helm repo add crossplane-stable https://charts.crossplane.io/stable
helm repo update

helm install crossplane crossplane-stable/crossplane \
  --namespace crossplane-system \
  --create-namespace

kubectl wait deployment crossplane \
  --namespace crossplane-system \
  --for=condition=Available \
  --timeout=120s
```

## Install the Provider

```bash
export PROVIDER_EXOSCALE_SOS_VERSION=v0.1.0

cat <<EOF | kubectl apply -f -
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
  name: provider-exoscale-sos
spec:
  package: xpkg.upbound.io/exoscale/provider-exoscale-sos:$PROVIDER_EXOSCALE_SOS_VERSION
EOF

kubectl wait provider/provider-exoscale-sos \
  --for=condition=Healthy \
  --timeout=120s
```

## Configure

Exoscale SOS is **zone-specific**: each zone exposes its own S3-compatible endpoint. Create one `ClusterProviderConfig` per zone, each referencing a secret that includes the endpoint URL for that zone.

```bash
export EXOSCALE_API_KEY=<your-api-key>
export EXOSCALE_API_SECRET=<your-api-secret>

kubectl create secret generic exoscale-credentials-ch-gva-2 \
  --namespace crossplane-system \
  --from-literal=credentials="{\"key\": \"$EXOSCALE_API_KEY\", \"secret\": \"$EXOSCALE_API_SECRET\", \"endpoint\": \"https://sos-ch-gva-2.exo.io\"}"

cat <<EOF | kubectl apply -f -
apiVersion: sos.m.exoscale.ch/v1beta1
kind: ClusterProviderConfig
metadata:
  name: sos-ch-gva-2
spec:
  credentials:
    source: Secret
    secretRef:
      name: exoscale-credentials-ch-gva-2
      namespace: crossplane-system
      key: credentials
EOF
```

## Usage

Bucket names must be globally unique. The example below uses `$(date +%N)` (nanoseconds) as a suffix to avoid collisions:

```bash
export BUCKET=my-bucket-$(date +%N)

cat <<EOF | kubectl apply -f -
apiVersion: sos.sos.m.exoscale.ch/v1alpha1
kind: Bucket
metadata:
  name: $BUCKET
  namespace: crossplane-system
spec:
  forProvider: {}
  providerConfigRef:
    kind: ClusterProviderConfig
    name: sos-ch-gva-2
EOF

kubectl wait bucket.sos.sos.m.exoscale.ch/$BUCKET \
  --namespace crossplane-system \
  --for=condition=Ready \
  --timeout=120s
```

Ready-to-use example manifests for all supported resources — including a full cross-zone replication setup using `provider-exoscale` for IAM — are available in github readme.md.