---
apiVersion: litmuschaos.io/v1alpha1
description:
  message: |
    Execute AWS SSM Chaos on given EC2 instance IDs
kind: ChaosExperiment
metadata:
  name: aws-ssm-chaos-by-id
  labels:
    name: aws-ssm-chaos-by-id
    app.kubernetes.io/part-of: litmus
    app.kubernetes.io/component: chaosexperiment
    app.kubernetes.io/version: ci
spec:
  definition:
    scope: Cluster
    permissions:
      # Create and monitor the experiment & helper pods
      - apiGroups: [""]
        resources: ["pods"]
        verbs:
          [
            "create",
            "delete",
            "get",
            "list",
            "patch",
            "update",
            "deletecollection",
          ]
      # Performs CRUD operations on the events inside chaosengine and chaosresult
      - apiGroups: [""]
        resources: ["events"]
        verbs: ["create", "get", "list", "patch", "update"]
      # Fetch configmaps & secrets details and mount it to the experiment pod (if specified)
      - apiGroups: [""]
        resources: ["secrets", "configmaps"]
        verbs: ["get", "list"]
      # Track and get the runner, experiment, and helper pods log
      - apiGroups: [""]
        resources: ["pods/log"]
        verbs: ["get", "list", "watch"]
      # for creating and managing to execute commands inside target container
      - apiGroups: [""]
        resources: ["pods/exec"]
        verbs: ["get", "list", "create"]
      # for configuring and monitor the experiment job by the chaos-runner pod
      - apiGroups: ["batch"]
        resources: ["jobs"]
        verbs: ["create", "list", "get", "delete", "deletecollection"]
      # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow
      - apiGroups: ["litmuschaos.io"]
        resources: ["chaosengines", "chaosexperiments", "chaosresults"]
        verbs: ["create", "list", "get", "patch", "update", "delete"]
    image: "litmuschaos.docker.scarf.sh/litmuschaos/go-runner:latest"
    imagePullPolicy: Always
    args:
      - -c
      - ./experiments -name aws-ssm-chaos-by-id
    command:
      - /bin/bash
    env:
      - name: TOTAL_CHAOS_DURATION
        value: "60"

      - name: CHAOS_INTERVAL
        value: "60"

      # Period to wait before and after injection of chaos in sec
      - name: RAMP_TIME
        value: ""

      # Instance ID of the target EC2 instance
      # Multiple IDs can also be provided as comma separated values ex: id1,id2
      - name: EC2_INSTANCE_ID
        value: ""

      - name: REGION
        value: ""

      # it defines the sequence of chaos execution for multiple target instances
      # supported values: serial, parallel
      - name: SEQUENCE
        value: "parallel"

      # Provide the path of AWS credentials mounted from secret
      - name: AWS_SHARED_CREDENTIALS_FILE
        value: "/tmp/cloud_config.yml"

      # provide the number of workers for memory stress
      - name: NUMBER_OF_WORKERS
        value: "1"

      # provide the percentage of available memory to stress
      - name: MEMORY_PERCENTAGE
        value: "80"

      # provide the CPU chores to be consumed
      # 0 will consume all the available CPU cores
      - name: CPU_CORE
        value: "0"

      - name: DEFAULT_HEALTH_CHECK
        value: "false"

      # Provide the name of SSM doc
      # if not using the default stress docs
      - name: DOCUMENT_NAME
        value: "LitmusChaos-AWS-SSM-Doc"

      # Provide the type of SSM doc
      # if not using the default stress docs
      - name: DOCUMENT_TYPE
        value: "Command"

      # Provide the format of SSM doc
      # if not using the default stress docs
      - name: DOCUMENT_FORMAT
        value: "YAML"

      # Provide the path of SSM doc
      # if not using the default stress docs
      - name: DOCUMENT_PATH
        value: "Litmus-AWS-SSM-Docs-For-EC2-CPU-Hog.yml"

        # if you want to install dependencies to run default SSM docs
      - name: INSTALL_DEPENDENCIES
        value: "True"

    labels:
      name: aws-ssm-chaos-by-id
      app.kubernetes.io/part-of: litmus
      app.kubernetes.io/component: experiment-job
      app.kubernetes.io/version: ci
    secrets:
      - name: cloud-secret
        mountPath: /tmp/