diff --git a/charts/aiven-operator-crds/Chart.yaml b/charts/aiven-operator-crds/Chart.yaml index 38fd4a4..412f8c6 100644 --- a/charts/aiven-operator-crds/Chart.yaml +++ b/charts/aiven-operator-crds/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: aiven-operator-crds description: A Helm chart to deploy the aiven operator custom resource definitions type: application -version: v0.11.0 -appVersion: v0.11.0 +version: v0.12.0 +appVersion: v0.12.0 maintainers: - name: mhoffm-aiven url: https://www.aiven.io diff --git a/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml b/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml index 4d211bf..61905b2 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml @@ -66,7 +66,9 @@ spec: maxLength: 256 type: string connInfoSecretTarget: - description: Information regarding secret creation + description: "Information regarding secret creation. \n Exposed keys: + `CASSANDRA_HOST`, `CASSANDRA_PORT`, `CASSANDRA_USER`, `CASSANDRA_PASSWORD`, + `CASSANDRA_URI`, `CASSANDRA_HOSTS`" properties: annotations: additionalProperties: @@ -84,6 +86,11 @@ spec: description: Name of the secret resource to be created. By default, is equal to the resource name type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string required: - name type: object diff --git a/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml b/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml index 4993c27..ab6c466 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml @@ -53,7 +53,8 @@ spec: maxLength: 256 type: string connInfoSecretTarget: - description: Information regarding secret creation + description: "Information regarding secret creation. \n Exposed keys: + `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`" properties: annotations: additionalProperties: @@ -71,6 +72,11 @@ spec: description: Name of the secret resource to be created. By default, is equal to the resource name type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string required: - name type: object diff --git a/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml b/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml index 7ee4ecb..7d58599 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml @@ -59,7 +59,9 @@ spec: - name type: object connInfoSecretTarget: - description: Information regarding secret creation + description: "Information regarding secret creation. \n Exposed keys: + `CLICKHOUSEUSER_HOST`, `CLICKHOUSEUSER_PORT`, `CLICKHOUSEUSER_USER`, + `CLICKHOUSEUSER_PASSWORD`" properties: annotations: additionalProperties: @@ -77,6 +79,11 @@ spec: description: Name of the secret resource to be created. By default, is equal to the resource name type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string required: - name type: object diff --git a/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml b/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml index 4867ca0..e34da0f 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml @@ -68,7 +68,10 @@ spec: - name type: object connInfoSecretTarget: - description: Information regarding secret creation + description: "Information regarding secret creation. \n Exposed keys: + `CONNECTIONPOOL_HOST`, `CONNECTIONPOOL_PORT`, `CONNECTIONPOOL_DATABASE`, + `CONNECTIONPOOL_USER`, `CONNECTIONPOOL_PASSWORD`, `CONNECTIONPOOL_SSLMODE`, + `CONNECTIONPOOL_DATABASE_URI`" properties: annotations: additionalProperties: @@ -86,6 +89,11 @@ spec: description: Name of the secret resource to be created. By default, is equal to the resource name type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string required: - name type: object diff --git a/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml b/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml index a75c901..368bbf6 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml @@ -66,7 +66,9 @@ spec: maxLength: 256 type: string connInfoSecretTarget: - description: Information regarding secret creation + description: "Information regarding secret creation. \n Exposed keys: + `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, + `GRAFANA_URI`, `GRAFANA_HOSTS`" properties: annotations: additionalProperties: @@ -84,6 +86,11 @@ spec: description: Name of the secret resource to be created. By default, is equal to the resource name type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string required: - name type: object diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml index 9534c7c..8990073 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml @@ -66,7 +66,9 @@ spec: maxLength: 256 type: string connInfoSecretTarget: - description: Information regarding secret creation + description: "Information regarding secret creation. \n Exposed keys: + `KAFKA_HOST`, `KAFKA_PORT`, `KAFKA_USERNAME`, `KAFKA_PASSWORD`, + `KAFKA_ACCESS_CERT`, `KAFKA_ACCESS_KEY`" properties: annotations: additionalProperties: @@ -84,6 +86,11 @@ spec: description: Name of the secret resource to be created. By default, is equal to the resource name type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string required: - name type: object diff --git a/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml b/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml index 77dd78b..7682d22 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml @@ -66,7 +66,9 @@ spec: maxLength: 256 type: string connInfoSecretTarget: - description: Information regarding secret creation + description: "Information regarding secret creation. \n Exposed keys: + `MYSQL_HOST`, `MYSQL_PORT`, `MYSQL_DATABASE`, `MYSQL_USER`, `MYSQL_PASSWORD`, + `MYSQL_SSL_MODE`, `MYSQL_URI`, `MYSQL_REPLICA_URI`" properties: annotations: additionalProperties: @@ -84,6 +86,11 @@ spec: description: Name of the secret resource to be created. By default, is equal to the resource name type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string required: - name type: object diff --git a/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml index fd9a8fb..8a0ab79 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml @@ -53,7 +53,8 @@ spec: maxLength: 256 type: string connInfoSecretTarget: - description: Information regarding secret creation + description: "Information regarding secret creation. \n Exposed keys: + `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`" properties: annotations: additionalProperties: @@ -71,6 +72,11 @@ spec: description: Name of the secret resource to be created. By default, is equal to the resource name type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string required: - name type: object @@ -600,6 +606,14 @@ spec: maxLength: 2048 minLength: 1 type: string + idp_pemtrustedcas_content: + description: This parameter specifies the PEM-encoded root + certificate authority (CA) content for the SAML identity + provider (IdP) server verification. The root CA content + is used to verify the SSL/TLS certificate presented by the + server. + maxLength: 16384 + type: string roles_key: description: Optional. Specifies the attribute in the SAML response where role information is stored, if available. diff --git a/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml b/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml index a67b5a8..e2278ca 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml @@ -66,7 +66,9 @@ spec: maxLength: 256 type: string connInfoSecretTarget: - description: Information regarding secret creation + description: "Information regarding secret creation. \n Exposed keys: + `POSTGRESQL_HOST`, `POSTGRESQL_PORT`, `POSTGRESQL_DATABASE`, `POSTGRESQL_USER`, + `POSTGRESQL_PASSWORD`, `POSTGRESQL_SSLMODE`, `POSTGRESQL_DATABASE_URI`" properties: annotations: additionalProperties: @@ -84,6 +86,11 @@ spec: description: Name of the secret resource to be created. By default, is equal to the resource name type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string required: - name type: object diff --git a/charts/aiven-operator-crds/templates/aiven.io_projects.yaml b/charts/aiven-operator-crds/templates/aiven.io_projects.yaml index 865d07b..5768743 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_projects.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_projects.yaml @@ -95,7 +95,8 @@ spec: maxLength: 256 type: string connInfoSecretTarget: - description: Information regarding secret creation + description: "Information regarding secret creation. \n Exposed keys: + `PROJECT_CA_CERT`" properties: annotations: additionalProperties: @@ -113,6 +114,11 @@ spec: description: Name of the secret resource to be created. By default, is equal to the resource name type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string required: - name type: object diff --git a/charts/aiven-operator-crds/templates/aiven.io_redis.yaml b/charts/aiven-operator-crds/templates/aiven.io_redis.yaml index 534c15d..f3fdd12 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_redis.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_redis.yaml @@ -53,7 +53,8 @@ spec: maxLength: 256 type: string connInfoSecretTarget: - description: Information regarding secret creation + description: "Information regarding secret creation. \n Exposed keys: + `REDIS_HOST`, `REDIS_PORT`, `REDIS_USER`, `REDIS_PASSWORD`" properties: annotations: additionalProperties: @@ -71,6 +72,11 @@ spec: description: Name of the secret resource to be created. By default, is equal to the resource name type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string required: - name type: object diff --git a/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml b/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml index 10f27ee..f6e40a4 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml @@ -65,7 +65,10 @@ spec: - mysql_native_password type: string connInfoSecretTarget: - description: Information regarding secret creation + description: "Information regarding secret creation. \n Exposed keys: + `SERVICEUSER_HOST`, `SERVICEUSER_PORT`, `SERVICEUSER_USERNAME`, + `SERVICEUSER_PASSWORD`, `SERVICEUSER_CA_CERT`, `SERVICEUSER_ACCESS_CERT`, + `SERVICEUSER_ACCESS_KEY`" properties: annotations: additionalProperties: @@ -83,6 +86,11 @@ spec: description: Name of the secret resource to be created. By default, is equal to the resource name type: string + prefix: + description: Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string required: - name type: object diff --git a/charts/aiven-operator/Chart.yaml b/charts/aiven-operator/Chart.yaml index 5b39efa..e1c2af0 100644 --- a/charts/aiven-operator/Chart.yaml +++ b/charts/aiven-operator/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: aiven-operator description: A Helm chart to deploy the aiven operator type: application -version: v0.11.0 -appVersion: v0.11.0 +version: v0.12.0 +appVersion: v0.12.0 maintainers: - name: mhoffm-aiven url: https://www.aiven.io diff --git a/charts/aiven-operator/templates/cluster_role.yaml b/charts/aiven-operator/templates/cluster_role.yaml index 5a8e501..9161738 100644 --- a/charts/aiven-operator/templates/cluster_role.yaml +++ b/charts/aiven-operator/templates/cluster_role.yaml @@ -1,3 +1,4 @@ +{{- if .Values.clusterRole.create -}} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -42,7 +43,13 @@ rules: resources: - cassandras/finalizers verbs: + - create + - delete + - get + - list + - patch - update + - watch - apiGroups: - aiven.io resources: @@ -68,7 +75,13 @@ rules: resources: - clickhouses/finalizers verbs: + - create + - delete + - get + - list + - patch - update + - watch - apiGroups: - aiven.io resources: @@ -94,7 +107,13 @@ rules: resources: - clickhouseusers/finalizers verbs: + - create + - delete + - get + - list + - patch - update + - watch - apiGroups: - aiven.io resources: @@ -120,7 +139,13 @@ rules: resources: - connectionpools/finalizers verbs: + - create + - delete + - get + - list + - patch - update + - watch - apiGroups: - aiven.io resources: @@ -166,7 +191,13 @@ rules: resources: - grafanas/finalizers verbs: + - create + - delete + - get + - list + - patch - update + - watch - apiGroups: - aiven.io resources: @@ -214,7 +245,13 @@ rules: resources: - kafkaconnectors/finalizers verbs: + - create + - delete + - get + - list + - patch - update + - watch - apiGroups: - aiven.io resources: @@ -240,7 +277,13 @@ rules: resources: - kafkaconnects/finalizers verbs: + - create + - delete + - get + - list + - patch - update + - watch - apiGroups: - aiven.io resources: @@ -266,7 +309,13 @@ rules: resources: - kafkas/finalizers verbs: + - create + - delete + - get + - list + - patch - update + - watch - apiGroups: - aiven.io resources: @@ -332,7 +381,13 @@ rules: resources: - mysqls/finalizers verbs: + - create + - delete + - get + - list + - patch - update + - watch - apiGroups: - aiven.io resources: @@ -358,7 +413,13 @@ rules: resources: - opensearches/finalizers verbs: + - create + - delete + - get + - list + - patch - update + - watch - apiGroups: - aiven.io resources: @@ -384,7 +445,13 @@ rules: resources: - postgresqls/finalizers verbs: + - create + - delete + - get + - list + - patch - update + - watch - apiGroups: - aiven.io resources: @@ -410,7 +477,13 @@ rules: resources: - projects/finalizers verbs: + - create + - delete + - get + - list + - patch - update + - watch - apiGroups: - aiven.io resources: @@ -456,7 +529,13 @@ rules: resources: - redis/finalizers verbs: + - create + - delete + - get + - list + - patch - update + - watch - apiGroups: - aiven.io resources: @@ -501,7 +580,13 @@ rules: resources: - serviceusers/finalizers verbs: + - create + - delete + - get + - list + - patch - update + - watch - apiGroups: - aiven.io resources: @@ -518,3 +603,4 @@ rules: - get - list - update +{{- end }} diff --git a/charts/aiven-operator/templates/cluster_role_binding.yaml b/charts/aiven-operator/templates/cluster_role_binding.yaml index b0e189e..2c0178b 100644 --- a/charts/aiven-operator/templates/cluster_role_binding.yaml +++ b/charts/aiven-operator/templates/cluster_role_binding.yaml @@ -1,3 +1,4 @@ +{{- if .Values.clusterRole.create -}} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -13,3 +14,4 @@ subjects: - kind: ServiceAccount name: {{ include "aiven-operator.serviceAccountName" . }} namespace: {{ include "aiven-operator.namespace" . }} +{{- end }} diff --git a/charts/aiven-operator/values.yaml b/charts/aiven-operator/values.yaml index 4144120..b63d30c 100644 --- a/charts/aiven-operator/values.yaml +++ b/charts/aiven-operator/values.yaml @@ -77,3 +77,6 @@ nodeSelector: {} tolerations: [] affinity: {} + +clusterRole: + create: true