From da92ba6d1657cc237497258c47ca84474c93d45b Mon Sep 17 00:00:00 2001 From: Aleksander Zaruczewski Date: Thu, 1 Feb 2024 12:41:19 +0200 Subject: [PATCH] chore: synced file(s) with aiven/aiven-operator (#39) * chore: synced local 'charts/aiven-operator/' with remote 'charts/aiven-operator/' * chore: synced local 'charts/aiven-operator-crds/' with remote 'charts/aiven-operator-crds/' --- charts/aiven-operator-crds/Chart.yaml | 4 +- .../templates/aiven.io_cassandras.yaml | 775 ++++--- .../templates/aiven.io_clickhouses.yaml | 741 +++--- .../templates/aiven.io_clickhouseusers.yaml | 362 +-- .../templates/aiven.io_connectionpools.yaml | 405 ++-- .../templates/aiven.io_databases.yaml | 300 +-- .../templates/aiven.io_grafanas.yaml | 1631 ++++++------- .../templates/aiven.io_kafkaacls.yaml | 325 +-- .../templates/aiven.io_kafkaconnectors.yaml | 409 ++-- .../templates/aiven.io_kafkaconnects.yaml | 863 +++---- .../templates/aiven.io_kafkas.yaml | 2013 +++++++++-------- .../templates/aiven.io_kafkaschemas.yaml | 334 +-- .../templates/aiven.io_kafkatopics.yaml | 535 ++--- .../templates/aiven.io_mysqls.yaml | 1356 ++++++----- .../templates/aiven.io_opensearches.yaml | 1943 ++++++++-------- .../templates/aiven.io_postgresqls.yaml | 1964 ++++++++-------- .../templates/aiven.io_projects.yaml | 459 ++-- .../templates/aiven.io_projectvpcs.yaml | 321 +-- .../templates/aiven.io_redis.yaml | 943 ++++---- .../aiven.io_serviceintegrations.yaml | 1476 ++++++------ .../templates/aiven.io_serviceusers.yaml | 362 +-- charts/aiven-operator/Chart.yaml | 4 +- charts/aiven-operator/values.yaml | 10 +- 23 files changed, 9318 insertions(+), 8217 deletions(-) diff --git a/charts/aiven-operator-crds/Chart.yaml b/charts/aiven-operator-crds/Chart.yaml index 40dd6a6..62b143a 100644 --- a/charts/aiven-operator-crds/Chart.yaml +++ b/charts/aiven-operator-crds/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: aiven-operator-crds description: A Helm chart to deploy the aiven operator custom resource definitions type: application -version: v0.16.1 -appVersion: v0.16.1 +version: v0.17.0 +appVersion: v0.17.0 maintainers: - name: ivan-savciuc url: https://www.aiven.io diff --git a/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml b/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml index b92c2e9..b2ccc32 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml @@ -15,381 +15,446 @@ spec: singular: cassandra scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Cassandra is the Schema for the cassandras API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CassandraSpec defines the desired state of Cassandra - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CASSANDRA_HOST`, `CASSANDRA_PORT`, `CASSANDRA_USER`, `CASSANDRA_PASSWORD`, - `CASSANDRA_URI`, `CASSANDRA_HOSTS`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Cassandra is the Schema for the cassandras API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: CassandraSpec defines the desired state of Cassandra + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Cassandra specific user configuration options - properties: - additional_backup_regions: - description: Deprecated. Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - backup_hour: - description: The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 - minimum: 0 - type: integer - cassandra: - description: cassandra configuration values - properties: - batch_size_fail_threshold_in_kb: - description: Fail any multiple-partition batch exceeding this - value. 50kb (10x warn threshold) by default. - maximum: 1000000 - minimum: 1 - type: integer - batch_size_warn_threshold_in_kb: - description: Log a warning message on any multiple-partition - batch size exceeding this value.5kb per batch by default.Caution - should be taken on increasing the size of this thresholdas - it can lead to node instability. - maximum: 1000000 - minimum: 1 - type: integer - datacenter: - description: Name of the datacenter to which nodes of this - service belong. Can be set only when creating the service. - maxLength: 128 + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CASSANDRA_HOST`, `CASSANDRA_PORT`, `CASSANDRA_USER`, `CASSANDRA_PASSWORD`, + `CASSANDRA_URI`, `CASSANDRA_HOSTS`" + properties: + annotations: + additionalProperties: type: string - type: object - cassandra_version: - description: Cassandra major version - enum: - - "4" - - "3" - type: string - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network + description: Annotations added to the secret type: object - maxItems: 1024 - type: array - migrate_sstableloader: - description: Sets the service into migration mode enabling the - sstableloader utility to be used to upload Cassandra data files. - Available only on service create. - type: boolean - private_access: - description: Allow access to selected service ports from private - networks - properties: - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + connInfoSecretTargetDisabled: + description: + When true, the secret containing connection information + will not be created, defaults to false. This field cannot be changed + after resource creation. + type: boolean + x-kubernetes-validations: + - message: connInfoSecretTargetDisabled is immutable. + rule: self == oldSelf + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - service_to_join_with: - description: When bootstrapping, instead of creating a new Cassandra - cluster try to join an existing one from another service. Can - only be set on service creation. - maxLength: 64 + tags: + additionalProperties: type: string - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + technicalEmails: + description: + Defines the email addresses that will receive alerts + about upcoming maintenance updates or warnings about service instability. + items: + properties: + email: + description: Email address. + format: ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ + type: string + required: + - email + type: object + maxItems: 10 + type: array + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Cassandra specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + additional_backup_regions: + description: Deprecated. Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + backup_hour: + description: + The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + backup_minute: + description: + The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + cassandra: + description: cassandra configuration values + properties: + batch_size_fail_threshold_in_kb: + description: + Fail any multiple-partition batch exceeding this + value. 50kb (10x warn threshold) by default. + maximum: 1000000 + minimum: 1 + type: integer + batch_size_warn_threshold_in_kb: + description: + Log a warning message on any multiple-partition + batch size exceeding this value.5kb per batch by default.Caution + should be taken on increasing the size of this thresholdas + it can lead to node instability. + maximum: 1000000 + minimum: 1 + type: integer + datacenter: + description: + Name of the datacenter to which nodes of this + service belong. Can be set only when creating the service. + maxLength: 128 + type: string + type: object + cassandra_version: + description: Cassandra version enum: - - "True" - - "False" - - Unknown + - "4" + - "4.1" type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migrate_sstableloader: + description: + Sets the service into migration mode enabling the + sstableloader utility to be used to upload Cassandra data files. + Available only on service create. + type: boolean + private_access: + description: + Allow access to selected service ports from private + networks + properties: + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_to_join_with: + description: + When bootstrapping, instead of creating a new Cassandra + cluster try to join an existing one from another service. Can + only be set on service creation. + maxLength: 64 + type: string + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + x-kubernetes-validations: + - message: + connInfoSecretTargetDisabled can only be set during resource + creation. + rule: has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled) + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml b/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml index 6fbd5c4..3bebac7 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml @@ -15,360 +15,425 @@ spec: singular: clickhouse scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Clickhouse is the Schema for the clickhouses API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClickhouseSpec defines the desired state of Clickhouse - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`' - properties: - annotations: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Clickhouse is the Schema for the clickhouses API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ClickhouseSpec defines the desired state of Clickhouse + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`" properties: - integrationType: - enum: - - read_replica + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - integrationType - - sourceServiceName + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + connInfoSecretTargetDisabled: + description: + When true, the secret containing connection information + will not be created, defaults to false. This field cannot be changed + after resource creation. + type: boolean + x-kubernetes-validations: + - message: connInfoSecretTargetDisabled is immutable. + rule: self == oldSelf + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: OpenSearch specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 type: string - maxItems: 1 - type: array - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - private_access: - description: Allow access to selected service ports from private - networks - properties: - clickhouse: - description: Allow clients to connect to clickhouse with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - clickhouse_https: - description: Allow clients to connect to clickhouse_https - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - clickhouse_mysql: - description: Allow clients to connect to clickhouse_mysql - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - clickhouse: - description: Enable clickhouse - type: boolean - clickhouse_https: - description: Enable clickhouse_https - type: boolean - clickhouse_mysql: - description: Enable clickhouse_mysql - type: boolean - prometheus: - description: Enable prometheus - type: boolean + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + technicalEmails: + description: + Defines the email addresses that will receive alerts + about upcoming maintenance updates or warnings about service instability. + items: properties: - clickhouse: - description: Allow clients to connect to clickhouse from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - clickhouse_https: - description: Allow clients to connect to clickhouse_https - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - clickhouse_mysql: - description: Allow clients to connect to clickhouse_mysql - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + email: + description: Email address. + format: ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ + type: string + required: + - email type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + maxItems: 10 + type: array + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: OpenSearch specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + additional_backup_regions: + description: Deprecated. Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + private_access: + description: + Allow access to selected service ports from private + networks + properties: + clickhouse: + description: + Allow clients to connect to clickhouse with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + clickhouse_https: + description: + Allow clients to connect to clickhouse_https + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + clickhouse_mysql: + description: + Allow clients to connect to clickhouse_mysql + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + clickhouse: + description: Enable clickhouse + type: boolean + clickhouse_https: + description: Enable clickhouse_https + type: boolean + clickhouse_mysql: + description: Enable clickhouse_mysql + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + clickhouse: + description: + Allow clients to connect to clickhouse from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + clickhouse_https: + description: + Allow clients to connect to clickhouse_https + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + clickhouse_mysql: + description: + Allow clients to connect to clickhouse_mysql + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + x-kubernetes-validations: + - message: + connInfoSecretTargetDisabled can only be set during resource + creation. + rule: has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled) + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml b/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml index d28df3a..ed8134b 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml @@ -15,179 +15,205 @@ spec: singular: clickhouseuser scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connInfoSecretTarget.name - name: Connection Information Secret - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ClickhouseUser is the Schema for the clickhouseusers API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClickhouseUserSpec defines the desired state of ClickhouseUser - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CLICKHOUSEUSER_HOST`, `CLICKHOUSEUSER_PORT`, `CLICKHOUSEUSER_USER`, - `CLICKHOUSEUSER_PASSWORD`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - project: - description: Project to link the user to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - serviceName: - description: Service to link the user to - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - project - - serviceName - type: object - status: - description: ClickhouseUserStatus defines the observed state of ClickhouseUser - properties: - conditions: - description: Conditions represent the latest available observations - of an ClickhouseUser state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connInfoSecretTarget.name + name: Connection Information Secret + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ClickhouseUser is the Schema for the clickhouseusers API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ClickhouseUserSpec defines the desired state of ClickhouseUser + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + key: + minLength: 1 type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + name: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + required: + - key + - name + type: object + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CLICKHOUSEUSER_HOST`, `CLICKHOUSEUSER_PORT`, `CLICKHOUSEUSER_USER`, + `CLICKHOUSEUSER_PASSWORD`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name type: object - type: array - uuid: - description: Clickhouse user UUID - type: string - required: - - conditions - - uuid - type: object - type: object - served: true - storage: true - subresources: - status: {} + connInfoSecretTargetDisabled: + description: + When true, the secret containing connection information + will not be created, defaults to false. This field cannot be changed + after resource creation. + type: boolean + x-kubernetes-validations: + - message: connInfoSecretTargetDisabled is immutable. + rule: self == oldSelf + project: + description: Project to link the user to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + serviceName: + description: Service to link the user to + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - project + - serviceName + type: object + x-kubernetes-validations: + - message: + connInfoSecretTargetDisabled can only be set during resource + creation. + rule: has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled) + status: + description: ClickhouseUserStatus defines the observed state of ClickhouseUser + properties: + conditions: + description: + Conditions represent the latest available observations + of an ClickhouseUser state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + uuid: + description: Clickhouse user UUID + type: string + required: + - conditions + - uuid + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml b/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml index f8b3d43..d40e27b 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml @@ -15,200 +15,227 @@ spec: singular: connectionpool scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.databaseName - name: Database - type: string - - jsonPath: .spec.username - name: Username - type: string - - jsonPath: .spec.poolSize - name: Pool Size - type: string - - jsonPath: .spec.poolMode - name: Pool Mode - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ConnectionPool is the Schema for the connectionpools API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConnectionPoolSpec defines the desired state of ConnectionPool - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CONNECTIONPOOL_NAME`, `CONNECTIONPOOL_HOST`, `CONNECTIONPOOL_PORT`, - `CONNECTIONPOOL_DATABASE`, `CONNECTIONPOOL_USER`, `CONNECTIONPOOL_PASSWORD`, - `CONNECTIONPOOL_SSLMODE`, `CONNECTIONPOOL_DATABASE_URI`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - databaseName: - description: Name of the database the pool connects to - maxLength: 40 - type: string - poolMode: - description: Mode the pool operates in (session, transaction, statement) - enum: - - session - - transaction - - statement - type: string - poolSize: - description: Number of connections the pool may create towards the - backend server - type: integer - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service name. - maxLength: 63 - type: string - username: - description: Name of the service user used to connect to the database - maxLength: 64 - type: string - required: - - databaseName - - project - - serviceName - - username - type: object - status: - description: ConnectionPoolStatus defines the observed state of ConnectionPool - properties: - conditions: - description: Conditions represent the latest available observations - of an ConnectionPool state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.databaseName + name: Database + type: string + - jsonPath: .spec.username + name: Username + type: string + - jsonPath: .spec.poolSize + name: Pool Size + type: string + - jsonPath: .spec.poolMode + name: Pool Mode + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ConnectionPool is the Schema for the connectionpools API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ConnectionPoolSpec defines the desired state of ConnectionPool + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + key: + minLength: 1 type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + name: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + required: + - key + - name + type: object + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CONNECTIONPOOL_NAME`, `CONNECTIONPOOL_HOST`, `CONNECTIONPOOL_PORT`, + `CONNECTIONPOOL_DATABASE`, `CONNECTIONPOOL_USER`, `CONNECTIONPOOL_PASSWORD`, + `CONNECTIONPOOL_SSLMODE`, `CONNECTIONPOOL_DATABASE_URI`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name type: object - type: array - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + connInfoSecretTargetDisabled: + description: + When true, the secret containing connection information + will not be created, defaults to false. This field cannot be changed + after resource creation. + type: boolean + x-kubernetes-validations: + - message: connInfoSecretTargetDisabled is immutable. + rule: self == oldSelf + databaseName: + description: Name of the database the pool connects to + maxLength: 40 + type: string + poolMode: + description: Mode the pool operates in (session, transaction, statement) + enum: + - session + - transaction + - statement + type: string + poolSize: + description: + Number of connections the pool may create towards the + backend server + type: integer + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service name. + maxLength: 63 + type: string + username: + description: Name of the service user used to connect to the database + maxLength: 64 + type: string + required: + - databaseName + - project + - serviceName + - username + type: object + x-kubernetes-validations: + - message: + connInfoSecretTargetDisabled can only be set during resource + creation. + rule: has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled) + status: + description: ConnectionPoolStatus defines the observed state of ConnectionPool + properties: + conditions: + description: + Conditions represent the latest available observations + of an ConnectionPool state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_databases.yaml b/charts/aiven-operator-crds/templates/aiven.io_databases.yaml index 8a25500..eb5e09e 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_databases.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_databases.yaml @@ -15,153 +15,165 @@ spec: singular: database scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Database is the Schema for the databases API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DatabaseSpec defines the desired state of Database - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - lcCollate: - description: 'Default string sort order (LC_COLLATE) of the database. - Default value: en_US.UTF-8' - maxLength: 128 - type: string - lcCtype: - description: 'Default character classification (LC_CTYPE) of the database. - Default value: en_US.UTF-8' - maxLength: 128 - type: string - project: - description: Project to link the database to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: PostgreSQL service to link the database to - maxLength: 63 - type: string - terminationProtection: - description: It is a Kubernetes side deletion protections, which prevents - the database from being deleted by Kubernetes. It is recommended - to enable this for any production databases containing critical - data. - type: boolean - required: - - project - - serviceName - type: object - status: - description: DatabaseStatus defines the observed state of Database - properties: - conditions: - description: Conditions represent the latest available observations - of an Database state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Database is the Schema for the databases API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: DatabaseSpec defines the desired state of Database + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + lcCollate: + description: + "Default string sort order (LC_COLLATE) of the database. + Default value: en_US.UTF-8" + maxLength: 128 + type: string + lcCtype: + description: + "Default character classification (LC_CTYPE) of the database. + Default value: en_US.UTF-8" + maxLength: 128 + type: string + project: + description: Project to link the database to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: PostgreSQL service to link the database to + maxLength: 63 + type: string + terminationProtection: + description: + It is a Kubernetes side deletion protections, which prevents + the database from being deleted by Kubernetes. It is recommended + to enable this for any production databases containing critical + data. + type: boolean + required: + - project + - serviceName + type: object + status: + description: DatabaseStatus defines the observed state of Database + properties: + conditions: + description: + Conditions represent the latest available observations + of an Database state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml b/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml index 7a9247f..a9e3de5 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml @@ -15,799 +15,906 @@ spec: singular: grafana scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Grafana is the Schema for the grafanas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: GrafanaSpec defines the desired state of Grafana - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, - `GRAFANA_URI`, `GRAFANA_HOSTS`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Grafana is the Schema for the grafanas API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: GrafanaSpec defines the desired state of Grafana + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Cassandra specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - alerting_enabled: - description: Enable or disable Grafana legacy alerting functionality. - This should not be enabled with unified_alerting_enabled. - type: boolean - alerting_error_or_timeout: - description: Default error or timeout setting for new alerting - rules - enum: - - alerting - - keep_state - type: string - alerting_max_annotations_to_keep: - description: Max number of alert annotations that Grafana stores. - 0 (default) keeps all alert annotations. - maximum: 1000000 - minimum: 0 - type: integer - alerting_nodata_or_nullvalues: - description: Default value for 'no data or null values' for new - alerting rules - enum: - - alerting - - no_data - - keep_state - - ok - type: string - allow_embedding: - description: Allow embedding Grafana dashboards with iframe/frame/object/embed - tags. Disabled by default to limit impact of clickjacking - type: boolean - auth_azuread: - description: Azure AD OAuth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Allowed domains - items: - type: string - maxItems: 50 - type: array - allowed_groups: - description: Require users to belong to one of given groups - items: - type: string - maxItems: 50 - type: array - auth_url: - description: Authorization URL - maxLength: 2048 - type: string - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - token_url: - description: Token URL - maxLength: 2048 - type: string - required: - - auth_url - - client_id - - client_secret - - token_url - type: object - auth_basic_enabled: - description: Enable or disable basic authentication form, used - by Grafana built-in login - type: boolean - auth_generic_oauth: - description: Generic OAuth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Allowed domains - items: - type: string - maxItems: 50 - type: array - allowed_organizations: - description: Require user to be member of one of the listed - organizations - items: - type: string - maxItems: 50 - type: array - api_url: - description: API URL - maxLength: 2048 - type: string - auth_url: - description: Authorization URL - maxLength: 2048 - type: string - auto_login: - description: Allow users to bypass the login screen and automatically - log in - type: boolean - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - name: - description: Name of the OAuth integration - maxLength: 128 - pattern: ^[a-zA-Z0-9_\- ]+$ - type: string - scopes: - description: OAuth scopes - items: - type: string - maxItems: 50 - type: array - token_url: - description: Token URL - maxLength: 2048 - type: string - required: - - api_url - - auth_url - - client_id - - client_secret - - token_url - type: object - auth_github: - description: Github Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_organizations: - description: Require users to belong to one of given organizations - items: - type: string - maxItems: 50 - type: array - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - team_ids: - description: Require users to belong to one of given team - IDs - items: - type: integer - maxItems: 50 - type: array - required: - - client_id - - client_secret - type: object - auth_gitlab: - description: GitLab Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_groups: - description: Require users to belong to one of given groups - items: - type: string - maxItems: 50 - type: array - api_url: - description: API URL. This only needs to be set when using - self hosted GitLab - maxLength: 2048 - type: string - auth_url: - description: Authorization URL. This only needs to be set - when using self hosted GitLab - maxLength: 2048 - type: string - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, + `GRAFANA_URI`, `GRAFANA_HOSTS`" + properties: + annotations: + additionalProperties: type: string - token_url: - description: Token URL. This only needs to be set when using - self hosted GitLab - maxLength: 2048 + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - required: - - allowed_groups - - client_id - - client_secret - type: object - auth_google: - description: Google Auth integration + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + connInfoSecretTargetDisabled: + description: + When true, the secret containing connection information + will not be created, defaults to false. This field cannot be changed + after resource creation. + type: boolean + x-kubernetes-validations: + - message: connInfoSecretTargetDisabled is immutable. + rule: self == oldSelf + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Domains allowed to sign-in to this Grafana - items: - type: string - maxItems: 64 - type: array - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ + integrationType: + enum: + - read_replica type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ + sourceServiceName: + maxLength: 64 + minLength: 1 type: string required: - - allowed_domains - - client_id - - client_secret + - integrationType + - sourceServiceName type: object - cookie_samesite: - description: 'Cookie SameSite attribute: ''strict'' prevents sending - cookie for cross-site requests, effectively disabling direct - linking from other sites to Grafana. ''lax'' is the default - value.' - enum: - - lax - - strict - - none - type: string - custom_domain: - description: Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 - type: string - dashboard_previews_enabled: - description: This feature is new in Grafana 9 and is quite resource - intensive. It may cause low-end plans to work more slowly while - the dashboard previews are rendering. - type: boolean - dashboards_min_refresh_interval: - description: Signed sequence of decimal numbers, followed by a - unit suffix (ms, s, m, h, d), e.g. 30s, 1h - maxLength: 16 - pattern: ^[0-9]+(ms|s|m|h|d)$ + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - dashboards_versions_to_keep: - description: Dashboard versions to keep per dashboard - maximum: 100 - minimum: 1 - type: integer - dataproxy_send_user_header: - description: Send 'X-Grafana-User' header to data source - type: boolean - dataproxy_timeout: - description: Timeout for data proxy requests in seconds - maximum: 90 - minimum: 15 - type: integer - date_formats: - description: Grafana date format specifications - properties: - default_timezone: - description: Default time zone for user preferences. Value - 'browser' uses browser local time zone. - maxLength: 64 - pattern: (?i)^([a-zA-Z_]+/){1,2}[a-zA-Z_-]+$|^(Etc/)?(UTC|GMT)([+-](\d){1,2})?$|^(Factory)$|^(browser)$ - type: string - full_date: - description: Moment.js style format string for cases where - full date is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_day: - description: Moment.js style format string used when a time - requiring day accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_hour: - description: Moment.js style format string used when a time - requiring hour accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_minute: - description: Moment.js style format string used when a time - requiring minute accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_month: - description: Moment.js style format string used when a time - requiring month accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_second: - description: Moment.js style format string used when a time - requiring second accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_year: - description: Moment.js style format string used when a time - requiring year accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - type: object - disable_gravatar: - description: Set to true to disable gravatar. Defaults to false - (gravatar is enabled) - type: boolean - editors_can_admin: - description: Editors can manage folders, teams and dashboards - created by them - type: boolean - external_image_storage: - description: External image store settings + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + technicalEmails: + description: + Defines the email addresses that will receive alerts + about upcoming maintenance updates or warnings about service instability. + items: properties: - access_key: - description: S3 access key. Requires permissions to the S3 - bucket for the s3:PutObject and s3:PutObjectAcl actions - maxLength: 4096 - pattern: ^[A-Z0-9]+$ - type: string - bucket_url: - description: Bucket URL for S3 - maxLength: 2048 - type: string - provider: - description: Provider type - enum: - - s3 - type: string - secret_key: - description: S3 secret key - maxLength: 4096 - pattern: ^[A-Za-z0-9/+=]+$ + email: + description: Email address. + format: ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ type: string required: - - access_key - - bucket_url - - provider - - secret_key + - email type: object - google_analytics_ua_id: - description: Google Analytics ID - maxLength: 64 - pattern: ^(G|UA|YT|MO)-[a-zA-Z0-9-]+$ - type: string - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field + maxItems: 10 + type: array + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Cassandra specific user configuration options + properties: + additional_backup_regions: + description: Deprecated. Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + alerting_enabled: + description: + Enable or disable Grafana legacy alerting functionality. + This should not be enabled with unified_alerting_enabled. + type: boolean + alerting_error_or_timeout: + description: + Default error or timeout setting for new alerting + rules + enum: + - alerting + - keep_state + type: string + alerting_max_annotations_to_keep: + description: + Max number of alert annotations that Grafana stores. + 0 (default) keeps all alert annotations. + maximum: 1000000 + minimum: 0 + type: integer + alerting_nodata_or_nullvalues: + description: + Default value for 'no data or null values' for new + alerting rules + enum: + - alerting + - no_data + - keep_state + - ok + type: string + allow_embedding: + description: + Allow embedding Grafana dashboards with iframe/frame/object/embed + tags. Disabled by default to limit impact of clickjacking + type: boolean + auth_azuread: + description: Azure AD OAuth integration properties: - description: - description: Description for IP filter list entry + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Allowed domains + items: + type: string + maxItems: 50 + type: array + allowed_groups: + description: Require users to belong to one of given groups + items: + type: string + maxItems: 50 + type: array + auth_url: + description: Authorization URL + maxLength: 2048 + type: string + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider maxLength: 1024 + pattern: ^[\040-\176]+$ type: string - network: - description: CIDR address block - maxLength: 43 + token_url: + description: Token URL + maxLength: 2048 type: string required: - - network + - auth_url + - client_id + - client_secret + - token_url type: object - maxItems: 1024 - type: array - metrics_enabled: - description: Enable Grafana /metrics endpoint - type: boolean - oauth_allow_insecure_email_lookup: - description: Enforce user lookup based on email instead of the - unique ID provided by the IdP - type: boolean - private_access: - description: Allow access to selected service ports from private - networks - properties: - grafana: - description: Allow clients to connect to grafana with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - grafana: - description: Enable grafana - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - grafana: - description: Allow clients to connect to grafana from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ - type: string - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - smtp_server: - description: SMTP server settings + auth_basic_enabled: + description: + Enable or disable basic authentication form, used + by Grafana built-in login + type: boolean + auth_generic_oauth: + description: Generic OAuth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Allowed domains + items: + type: string + maxItems: 50 + type: array + allowed_organizations: + description: + Require user to be member of one of the listed + organizations + items: + type: string + maxItems: 50 + type: array + api_url: + description: API URL + maxLength: 2048 + type: string + auth_url: + description: Authorization URL + maxLength: 2048 + type: string + auto_login: + description: + Allow users to bypass the login screen and automatically + log in + type: boolean + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + name: + description: Name of the OAuth integration + maxLength: 128 + pattern: ^[a-zA-Z0-9_\- ]+$ + type: string + scopes: + description: OAuth scopes + items: + type: string + maxItems: 50 + type: array + token_url: + description: Token URL + maxLength: 2048 + type: string + required: + - api_url + - auth_url + - client_id + - client_secret + - token_url + type: object + auth_github: + description: Github Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_organizations: + description: Require users to belong to one of given organizations + items: + type: string + maxItems: 50 + type: array + auto_login: + description: + Allow users to bypass the login screen and automatically + log in + type: boolean + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + skip_org_role_sync: + description: Stop automatically syncing user roles + type: boolean + team_ids: + description: + Require users to belong to one of given team + IDs + items: + type: integer + maxItems: 50 + type: array + required: + - client_id + - client_secret + type: object + auth_gitlab: + description: GitLab Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_groups: + description: Require users to belong to one of given groups + items: + type: string + maxItems: 50 + type: array + api_url: + description: + API URL. This only needs to be set when using + self hosted GitLab + maxLength: 2048 + type: string + auth_url: + description: + Authorization URL. This only needs to be set + when using self hosted GitLab + maxLength: 2048 + type: string + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + token_url: + description: + Token URL. This only needs to be set when using + self hosted GitLab + maxLength: 2048 + type: string + required: + - allowed_groups + - client_id + - client_secret + type: object + auth_google: + description: Google Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Domains allowed to sign-in to this Grafana + items: + type: string + maxItems: 64 + type: array + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + required: + - allowed_domains + - client_id + - client_secret + type: object + cookie_samesite: + description: + "Cookie SameSite attribute: 'strict' prevents sending + cookie for cross-site requests, effectively disabling direct + linking from other sites to Grafana. 'lax' is the default + value." + enum: + - lax + - strict + - none + type: string + custom_domain: + description: + Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + dashboard_previews_enabled: + description: + This feature is new in Grafana 9 and is quite resource + intensive. It may cause low-end plans to work more slowly while + the dashboard previews are rendering. + type: boolean + dashboards_min_refresh_interval: + description: + Signed sequence of decimal numbers, followed by a + unit suffix (ms, s, m, h, d), e.g. 30s, 1h + maxLength: 16 + pattern: ^[0-9]+(ms|s|m|h|d)$ + type: string + dashboards_versions_to_keep: + description: Dashboard versions to keep per dashboard + maximum: 100 + minimum: 1 + type: integer + dataproxy_send_user_header: + description: Send 'X-Grafana-User' header to data source + type: boolean + dataproxy_timeout: + description: Timeout for data proxy requests in seconds + maximum: 90 + minimum: 15 + type: integer + date_formats: + description: Grafana date format specifications + properties: + default_timezone: + description: + Default time zone for user preferences. Value + 'browser' uses browser local time zone. + maxLength: 64 + pattern: (?i)^([a-zA-Z_]+/){1,2}[a-zA-Z_-]+$|^(Etc/)?(UTC|GMT)([+-](\d){1,2})?$|^(Factory)$|^(browser)$ + type: string + full_date: + description: + Moment.js style format string for cases where + full date is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_day: + description: + Moment.js style format string used when a time + requiring day accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_hour: + description: + Moment.js style format string used when a time + requiring hour accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_minute: + description: + Moment.js style format string used when a time + requiring minute accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_month: + description: + Moment.js style format string used when a time + requiring month accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_second: + description: + Moment.js style format string used when a time + requiring second accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_year: + description: + Moment.js style format string used when a time + requiring year accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + type: object + disable_gravatar: + description: + Set to true to disable gravatar. Defaults to false + (gravatar is enabled) + type: boolean + editors_can_admin: + description: + Editors can manage folders, teams and dashboards + created by them + type: boolean + external_image_storage: + description: External image store settings + properties: + access_key: + description: + S3 access key. Requires permissions to the S3 + bucket for the s3:PutObject and s3:PutObjectAcl actions + maxLength: 4096 + pattern: ^[A-Z0-9]+$ + type: string + bucket_url: + description: Bucket URL for S3 + maxLength: 2048 + type: string + provider: + description: Provider type + enum: + - s3 + type: string + secret_key: + description: S3 secret key + maxLength: 4096 + pattern: ^[A-Za-z0-9/+=]+$ + type: string + required: + - access_key + - bucket_url + - provider + - secret_key + type: object + google_analytics_ua_id: + description: Google Analytics ID + maxLength: 64 + pattern: ^(G|UA|YT|MO)-[a-zA-Z0-9-]+$ + type: string + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + metrics_enabled: + description: Enable Grafana /metrics endpoint + type: boolean + oauth_allow_insecure_email_lookup: + description: + Enforce user lookup based on email instead of the + unique ID provided by the IdP + type: boolean + private_access: + description: + Allow access to selected service ports from private + networks + properties: + grafana: + description: + Allow clients to connect to grafana with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + grafana: + description: Enable grafana + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + grafana: + description: + Allow clients to connect to grafana from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ + type: string + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + smtp_server: + description: SMTP server settings + properties: + from_address: + description: Address used for sending emails + maxLength: 319 + pattern: ^[A-Za-z0-9_\-\.+\'&]+@(([\da-zA-Z])([_\w-]{,62})\.){,127}(([\da-zA-Z])[_\w-]{,61})?([\da-zA-Z]\.((xn\-\-[a-zA-Z\d]+)|([a-zA-Z\d]{2,})))$ + type: string + from_name: + description: Name used in outgoing emails, defaults to Grafana + maxLength: 128 + pattern: ^[^\x00-\x1F]+$ + type: string + host: + description: Server hostname or IP + maxLength: 255 + type: string + password: + description: Password for SMTP authentication + maxLength: 255 + pattern: ^[^\x00-\x1F]+$ + type: string + port: + description: SMTP server port + maximum: 65535 + minimum: 1 + type: integer + skip_verify: + description: + Skip verifying server certificate. Defaults to + false + type: boolean + starttls_policy: + description: + Either OpportunisticStartTLS, MandatoryStartTLS + or NoStartTLS. Default is OpportunisticStartTLS. + enum: + - OpportunisticStartTLS + - MandatoryStartTLS + - NoStartTLS + type: string + username: + description: Username for SMTP authentication + maxLength: 255 + pattern: ^[^\x00-\x1F]+$ + type: string + required: + - from_address + - host + - port + type: object + static_ips: + description: Use static public IP addresses + type: boolean + unified_alerting_enabled: + description: + Enable or disable Grafana unified alerting functionality. + By default this is enabled and any legacy alerts will be migrated + on upgrade to Grafana 9+. To stay on legacy alerting, set unified_alerting_enabled + to false and alerting_enabled to true. See https://grafana.com/docs/grafana/latest/alerting/set-up/migrating-alerts/ + for more details. + type: boolean + user_auto_assign_org: + description: + Auto-assign new users on signup to main organization. + Defaults to false + type: boolean + user_auto_assign_org_role: + description: Set role for new signups. Defaults to Viewer + enum: + - Viewer + - Admin + - Editor + type: string + viewers_can_edit: + description: + Users with view-only permission can edit but not + save dashboards + type: boolean + type: object + required: + - plan + - project + type: object + x-kubernetes-validations: + - message: + connInfoSecretTargetDisabled can only be set during resource + creation. + rule: has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled) + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - from_address: - description: Address used for sending emails - maxLength: 319 - pattern: ^[A-Za-z0-9_\-\.+\'&]+@(([\da-zA-Z])([_\w-]{,62})\.){,127}(([\da-zA-Z])[_\w-]{,61})?([\da-zA-Z]\.((xn\-\-[a-zA-Z\d]+)|([a-zA-Z\d]{2,})))$ - type: string - from_name: - description: Name used in outgoing emails, defaults to Grafana - maxLength: 128 - pattern: ^[^\x00-\x1F]+$ - type: string - host: - description: Server hostname or IP - maxLength: 255 + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - password: - description: Password for SMTP authentication - maxLength: 255 - pattern: ^[^\x00-\x1F]+$ + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - port: - description: SMTP server port - maximum: 65535 - minimum: 1 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 type: integer - skip_verify: - description: Skip verifying server certificate. Defaults to - false - type: boolean - starttls_policy: - description: Either OpportunisticStartTLS, MandatoryStartTLS - or NoStartTLS. Default is OpportunisticStartTLS. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. enum: - - OpportunisticStartTLS - - MandatoryStartTLS - - NoStartTLS + - "True" + - "False" + - Unknown type: string - username: - description: Username for SMTP authentication - maxLength: 255 - pattern: ^[^\x00-\x1F]+$ + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - from_address - - host - - port + - lastTransitionTime + - message + - reason + - status + - type type: object - static_ips: - description: Use static public IP addresses - type: boolean - unified_alerting_enabled: - description: Enable or disable Grafana unified alerting functionality. - By default this is enabled and any legacy alerts will be migrated - on upgrade to Grafana 9+. To stay on legacy alerting, set unified_alerting_enabled - to false and alerting_enabled to true. See https://grafana.com/docs/grafana/latest/alerting/set-up/migrating-alerts/ - for more details. - type: boolean - user_auto_assign_org: - description: Auto-assign new users on signup to main organization. - Defaults to false - type: boolean - user_auto_assign_org_role: - description: Set role for new signups. Defaults to Viewer - enum: - - Viewer - - Admin - - Editor - type: string - viewers_can_edit: - description: Users with view-only permission can edit but not - save dashboards - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkaacls.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkaacls.yaml index 30e2e2b..6f03147 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkaacls.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkaacls.yaml @@ -15,167 +15,176 @@ spec: singular: kafkaacl scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.username - name: Username - type: string - - jsonPath: .spec.permission - name: Permission - type: string - - jsonPath: .spec.topic - name: Topic - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaACL is the Schema for the kafkaacls API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaACLSpec defines the desired state of KafkaACL - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - permission: - description: Kafka permission to grant (admin, read, readwrite, write) - enum: - - admin - - read - - readwrite - - write - type: string - project: - description: Project to link the Kafka ACL to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service to link the Kafka ACL to - maxLength: 63 - type: string - topic: - description: Topic name pattern for the ACL entry - type: string - username: - description: Username pattern for the ACL entry - type: string - required: - - permission - - project - - serviceName - - topic - - username - type: object - status: - description: KafkaACLStatus defines the observed state of KafkaACL - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaACL state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.username + name: Username + type: string + - jsonPath: .spec.permission + name: Permission + type: string + - jsonPath: .spec.topic + name: Topic + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaACL is the Schema for the kafkaacls API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaACLSpec defines the desired state of KafkaACL + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - id: - description: Kafka ACL ID - type: string - required: - - conditions - - id - type: object - type: object - served: true - storage: true - subresources: - status: {} + permission: + description: Kafka permission to grant (admin, read, readwrite, write) + enum: + - admin + - read + - readwrite + - write + type: string + project: + description: Project to link the Kafka ACL to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service to link the Kafka ACL to + maxLength: 63 + type: string + topic: + description: Topic name pattern for the ACL entry + type: string + username: + description: Username pattern for the ACL entry + type: string + required: + - permission + - project + - serviceName + - topic + - username + type: object + status: + description: KafkaACLStatus defines the observed state of KafkaACL + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaACL state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + id: + description: Kafka ACL ID + type: string + required: + - conditions + - id + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkaconnectors.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkaconnectors.yaml index 2058658..91871b0 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkaconnectors.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkaconnectors.yaml @@ -15,212 +15,223 @@ spec: singular: kafkaconnector scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connectorClass - name: Connector Class - type: string - - jsonPath: .status.state - name: State - type: string - - jsonPath: .status.tasksStatus.total - name: Tasks Total - type: integer - - jsonPath: .status.tasksStatus.running - name: Tasks Running - type: integer - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaConnector is the Schema for the kafkaconnectors API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaConnectorSpec defines the desired state of KafkaConnector - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connectorClass: - description: The Java class of the connector. - maxLength: 1024 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service name. - maxLength: 63 - type: string - userConfig: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connectorClass + name: Connector Class + type: string + - jsonPath: .status.state + name: State + type: string + - jsonPath: .status.tasksStatus.total + name: Tasks Total + type: integer + - jsonPath: .status.tasksStatus.running + name: Tasks Running + type: integer + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaConnector is the Schema for the kafkaconnectors API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaConnectorSpec defines the desired state of KafkaConnector + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + connectorClass: + description: The Java class of the connector. + maxLength: 1024 type: string - description: The connector specific configuration To build config - values from secret the template function {{`{{ fromSecret "name" "key" - }}`}} is provided when interpreting the keys - type: object - required: - - connectorClass - - project - - serviceName - - userConfig - type: object - status: - description: KafkaConnectorStatus defines the observed state of KafkaConnector - properties: - conditions: - description: Conditions represent the latest available observations - of an kafka connector state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service name. + maxLength: 63 + type: string + userConfig: + additionalProperties: + type: string + description: + The connector specific configuration To build config + values from secret the template function {{`{{ fromSecret "name" "key" + }}`}} is provided when interpreting the keys + type: object + required: + - connectorClass + - project + - serviceName + - userConfig + type: object + status: + description: KafkaConnectorStatus defines the observed state of KafkaConnector + properties: + conditions: + description: + Conditions represent the latest available observations + of an kafka connector state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + pluginStatus: + description: + PluginStatus contains metadata about the configured connector + plugin properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + author: type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + class: type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + docUrl: type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + title: type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + version: type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - author + - class + - docUrl + - title + - type + - version type: object - type: array - pluginStatus: - description: PluginStatus contains metadata about the configured connector - plugin - properties: - author: - type: string - class: - type: string - docUrl: - type: string - title: - type: string - type: - type: string - version: - type: string - required: - - author - - class - - docUrl - - title - - type - - version - type: object - state: - description: Connector state - type: string - tasksStatus: - description: TasksStatus contains metadata about the running tasks - properties: - failed: - type: integer - paused: - type: integer - running: - type: integer - stackTrace: - type: string - total: - type: integer - unassigned: - type: integer - unknown: - type: integer - required: - - total - type: object - required: - - conditions - - pluginStatus - - state - - tasksStatus - type: object - type: object - served: true - storage: true - subresources: - status: {} + state: + description: Connector state + type: string + tasksStatus: + description: TasksStatus contains metadata about the running tasks + properties: + failed: + type: integer + paused: + type: integer + running: + type: integer + stackTrace: + type: string + total: + type: integer + unassigned: + type: integer + unknown: + type: integer + required: + - total + type: object + required: + - conditions + - pluginStatus + - state + - tasksStatus + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkaconnects.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkaconnects.yaml index 2abf81f..03b0152 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkaconnects.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkaconnects.yaml @@ -15,426 +15,483 @@ spec: singular: kafkaconnect scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaConnect is the Schema for the kafkaconnects API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaConnectSpec defines the desired state of KafkaConnect - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaConnect is the Schema for the kafkaconnects API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaConnectSpec defines the desired state of KafkaConnect + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: KafkaConnect specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 type: string - maxItems: 1 - type: array - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + properties: + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName + type: object + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + technicalEmails: + description: + Defines the email addresses that will receive alerts + about upcoming maintenance updates or warnings about service instability. + items: + properties: + email: + description: Email address. + format: ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ + type: string + required: + - email + type: object + maxItems: 10 + type: array + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: KafkaConnect specific user configuration options + properties: + additional_backup_regions: + description: Deprecated. Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: description: - description: Description for IP filter list entry - maxLength: 1024 + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + kafka_connect: + description: Kafka Connect configuration values + properties: + connector_client_config_override_policy: + description: + Defines what client configurations can be overridden + by the connector. Default is None + enum: + - None + - All + type: string + consumer_auto_offset_reset: + description: + What to do when there is no initial offset in + Kafka or if the current offset does not exist any more on + the server. Default is earliest + enum: + - earliest + - latest + type: string + consumer_fetch_max_bytes: + description: + Records are fetched in batches by the consumer, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that the consumer can make + progress. As such, this is not a absolute maximum. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_isolation_level: + description: + Transaction read isolation level. read_uncommitted + is the default, but read_committed can be used if consume-exactly-once + behavior is desired. + enum: + - read_uncommitted + - read_committed type: string - network: - description: CIDR address block - maxLength: 43 + consumer_max_partition_fetch_bytes: + description: + Records are fetched in batches by the consumer.If + the first record batch in the first non-empty partition + of the fetch is larger than this limit, the batch will still + be returned to ensure that the consumer can make progress. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_max_poll_interval_ms: + description: + The maximum delay in milliseconds between invocations + of poll() when using consumer group management (defaults + to 300000). + maximum: 2147483647 + minimum: 1 + type: integer + consumer_max_poll_records: + description: + The maximum number of records returned in a single + call to poll() (defaults to 500). + maximum: 10000 + minimum: 1 + type: integer + offset_flush_interval_ms: + description: + The interval at which to try committing offsets + for tasks (defaults to 60000). + maximum: 100000000 + minimum: 1 + type: integer + offset_flush_timeout_ms: + description: + Maximum number of milliseconds to wait for records + to flush and partition offset data to be committed to offset + storage before cancelling the process and restoring the + offset data to be committed in a future attempt (defaults + to 5000). + maximum: 2147483647 + minimum: 1 + type: integer + producer_batch_size: + description: + This setting gives the upper bound of the batch + size to be sent. If there are fewer than this many bytes + accumulated for this partition, the producer will 'linger' + for the linger.ms time waiting for more records to show + up. A batch size of zero will disable batching entirely + (defaults to 16384). + maximum: 5242880 + minimum: 0 + type: integer + producer_buffer_memory: + description: + The total bytes of memory the producer can use + to buffer records waiting to be sent to the broker (defaults + to 33554432). + maximum: 134217728 + minimum: 5242880 + type: integer + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none type: string - required: - - network + producer_linger_ms: + description: + "This setting gives the upper bound on the delay + for batching: once there is batch.size worth of records + for a partition it will be sent immediately regardless of + this setting, however if there are fewer than this many + bytes accumulated for this partition the producer will 'linger' + for the specified time waiting for more records to show + up. Defaults to 0." + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: + This setting will limit the number of record + batches the producer will send in a single request to avoid + sending huge requests. + maximum: 67108864 + minimum: 131072 + type: integer + scheduled_rebalance_max_delay_ms: + description: + The maximum delay that is scheduled in order + to wait for the return of one or more departed workers before + rebalancing and reassigning their connectors and tasks to + the group. During this period the connectors and tasks of + the departed workers remain unassigned. Defaults to 5 minutes. + maximum: 600000 + minimum: 0 + type: integer + session_timeout_ms: + description: + The timeout in milliseconds used to detect failures + when using Kafka’s group management facilities (defaults + to 10000). + maximum: 2147483647 + minimum: 1 + type: integer + type: object + private_access: + description: + Allow access to selected service ports from private + networks + properties: + kafka_connect: + description: + Allow clients to connect to kafka_connect with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean type: object - maxItems: 1024 - type: array - kafka_connect: - description: Kafka Connect configuration values + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + jolokia: + description: Enable jolokia + type: boolean + kafka_connect: + description: Enable kafka_connect + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + kafka_connect: + description: + Allow clients to connect to kafka_connect from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - connector_client_config_override_policy: - description: Defines what client configurations can be overridden - by the connector. Default is None - enum: - - None - - All - type: string - consumer_auto_offset_reset: - description: What to do when there is no initial offset in - Kafka or if the current offset does not exist any more on - the server. Default is earliest - enum: - - earliest - - latest + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - consumer_fetch_max_bytes: - description: Records are fetched in batches by the consumer, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that the consumer can make - progress. As such, this is not a absolute maximum. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_isolation_level: - description: Transaction read isolation level. read_uncommitted - is the default, but read_committed can be used if consume-exactly-once - behavior is desired. - enum: - - read_uncommitted - - read_committed + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - consumer_max_partition_fetch_bytes: - description: Records are fetched in batches by the consumer.If - the first record batch in the first non-empty partition - of the fetch is larger than this limit, the batch will still - be returned to ensure that the consumer can make progress. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_max_poll_interval_ms: - description: The maximum delay in milliseconds between invocations - of poll() when using consumer group management (defaults - to 300000). - maximum: 2147483647 - minimum: 1 - type: integer - consumer_max_poll_records: - description: The maximum number of records returned in a single - call to poll() (defaults to 500). - maximum: 10000 - minimum: 1 - type: integer - offset_flush_interval_ms: - description: The interval at which to try committing offsets - for tasks (defaults to 60000). - maximum: 100000000 - minimum: 1 - type: integer - offset_flush_timeout_ms: - description: Maximum number of milliseconds to wait for records - to flush and partition offset data to be committed to offset - storage before cancelling the process and restoring the - offset data to be committed in a future attempt (defaults - to 5000). - maximum: 2147483647 - minimum: 1 - type: integer - producer_batch_size: - description: This setting gives the upper bound of the batch - size to be sent. If there are fewer than this many bytes - accumulated for this partition, the producer will 'linger' - for the linger.ms time waiting for more records to show - up. A batch size of zero will disable batching entirely - (defaults to 16384). - maximum: 5242880 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - producer_buffer_memory: - description: The total bytes of memory the producer can use - to buffer records waiting to be sent to the broker (defaults - to 33554432). - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. enum: - - gzip - - snappy - - lz4 - - zstd - - none + - "True" + - "False" + - Unknown type: string - producer_linger_ms: - description: 'This setting gives the upper bound on the delay - for batching: once there is batch.size worth of records - for a partition it will be sent immediately regardless of - this setting, however if there are fewer than this many - bytes accumulated for this partition the producer will ''linger'' - for the specified time waiting for more records to show - up. Defaults to 0.' - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: This setting will limit the number of record - batches the producer will send in a single request to avoid - sending huge requests. - maximum: 67108864 - minimum: 131072 - type: integer - scheduled_rebalance_max_delay_ms: - description: The maximum delay that is scheduled in order - to wait for the return of one or more departed workers before - rebalancing and reassigning their connectors and tasks to - the group. During this period the connectors and tasks of - the departed workers remain unassigned. Defaults to 5 minutes. - maximum: 600000 - minimum: 0 - type: integer - session_timeout_ms: - description: The timeout in milliseconds used to detect failures - when using Kafka’s group management facilities (defaults - to 10000). - maximum: 2147483647 - minimum: 1 - type: integer - type: object - private_access: - description: Allow access to selected service ports from private - networks - properties: - kafka_connect: - description: Allow clients to connect to kafka_connect with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - jolokia: - description: Enable jolokia - type: boolean - kafka_connect: - description: Enable kafka_connect - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - kafka_connect: - description: Allow clients to connect to kafka_connect from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml index d359f37..589d893 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml @@ -15,966 +15,1105 @@ spec: singular: kafka scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Kafka is the Schema for the kafkas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaSpec defines the desired state of Kafka - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `KAFKA_HOST`, `KAFKA_PORT`, `KAFKA_USERNAME`, `KAFKA_PASSWORD`, - `KAFKA_ACCESS_CERT`, `KAFKA_ACCESS_KEY`, `KAFKA_SASL_HOST`, `KAFKA_SASL_PORT`, - `KAFKA_SCHEMA_REGISTRY_HOST`, `KAFKA_SCHEMA_REGISTRY_PORT`, `KAFKA_CONNECT_HOST`, - `KAFKA_CONNECT_PORT`, `KAFKA_REST_HOST`, `KAFKA_REST_PORT`' - properties: - annotations: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Kafka is the Schema for the kafkas API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaSpec defines the desired state of Kafka + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - karapace: - description: Switch the service to use Karapace for schema registry - and REST proxy - type: boolean - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `KAFKA_HOST`, `KAFKA_PORT`, `KAFKA_USERNAME`, `KAFKA_PASSWORD`, + `KAFKA_ACCESS_CERT`, `KAFKA_ACCESS_KEY`, `KAFKA_SASL_HOST`, `KAFKA_SASL_PORT`, + `KAFKA_SCHEMA_REGISTRY_HOST`, `KAFKA_SCHEMA_REGISTRY_PORT`, `KAFKA_CONNECT_HOST`, + `KAFKA_CONNECT_PORT`, `KAFKA_REST_HOST`, `KAFKA_REST_PORT`" properties: - integrationType: - enum: - - read_replica + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - integrationType - - sourceServiceName + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + connInfoSecretTargetDisabled: + description: + When true, the secret containing connection information + will not be created, defaults to false. This field cannot be changed + after resource creation. + type: boolean + x-kubernetes-validations: + - message: connInfoSecretTargetDisabled is immutable. + rule: self == oldSelf + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + karapace: + description: + Switch the service to use Karapace for schema registry + and REST proxy + type: boolean + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Kafka specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 type: string - maxItems: 1 - type: array - aiven_kafka_topic_messages: - description: Allow access to read Kafka topic messages in the - Aiven Console and REST API. - type: boolean - custom_domain: - description: Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 - type: string - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - kafka: - description: Kafka broker configuration values + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - auto_create_topics_enable: - description: Enable auto creation of topics - type: boolean - compression_type: - description: Specify the final compression type for a given - topic. This configuration accepts the standard compression - codecs ('gzip', 'snappy', 'lz4', 'zstd'). It additionally - accepts 'uncompressed' which is equivalent to no compression; - and 'producer' which means retain the original compression - codec set by the producer. - enum: - - gzip - - snappy - - lz4 - - zstd - - uncompressed - - producer - type: string - connections_max_idle_ms: - description: 'Idle connections timeout: the server socket - processor threads close the connections that idle for longer - than this.' - maximum: 3600000 - minimum: 1000 - type: integer - default_replication_factor: - description: Replication factor for autocreated topics - maximum: 10 - minimum: 1 - type: integer - group_initial_rebalance_delay_ms: - description: The amount of time, in milliseconds, the group - coordinator will wait for more consumers to join a new group - before performing the first rebalance. A longer delay means - potentially fewer rebalances, but increases the time until - processing begins. The default value for this is 3 seconds. - During development and testing it might be desirable to - set this to 0 in order to not delay test execution time. - maximum: 300000 - minimum: 0 - type: integer - group_max_session_timeout_ms: - description: The maximum allowed session timeout for registered - consumers. Longer timeouts give consumers more time to process - messages in between heartbeats at the cost of a longer time - to detect failures. - maximum: 1800000 - minimum: 0 - type: integer - group_min_session_timeout_ms: - description: The minimum allowed session timeout for registered - consumers. Longer timeouts give consumers more time to process - messages in between heartbeats at the cost of a longer time - to detect failures. - maximum: 60000 - minimum: 0 - type: integer - log_cleaner_delete_retention_ms: - description: How long are delete records retained? - maximum: 315569260000 - minimum: 0 - type: integer - log_cleaner_max_compaction_lag_ms: - description: The maximum amount of time message will remain - uncompacted. Only applicable for logs that are being compacted - minimum: 30000 - type: integer - log_cleaner_min_cleanable_ratio: - description: Controls log compactor frequency. Larger value - means more frequent compactions but also more space wasted - for logs. Consider setting log.cleaner.max.compaction.lag.ms - to enforce compactions sooner, instead of setting a very - high value for this option. - maximum: 0.9 - minimum: 0.2 - type: number - log_cleaner_min_compaction_lag_ms: - description: The minimum time a message will remain uncompacted - in the log. Only applicable for logs that are being compacted. - minimum: 0 - type: integer - log_cleanup_policy: - description: The default cleanup policy for segments beyond - the retention window + integrationType: enum: - - delete - - compact - - compact,delete - type: string - log_flush_interval_messages: - description: The number of messages accumulated on a log partition - before messages are flushed to disk - minimum: 1 - type: integer - log_flush_interval_ms: - description: The maximum time in ms that a message in any - topic is kept in memory before flushed to disk. If not set, - the value in log.flush.scheduler.interval.ms is used - minimum: 0 - type: integer - log_index_interval_bytes: - description: The interval with which Kafka adds an entry to - the offset index - maximum: 104857600 - minimum: 0 - type: integer - log_index_size_max_bytes: - description: The maximum size in bytes of the offset index - maximum: 104857600 - minimum: 1048576 - type: integer - log_local_retention_bytes: - description: The maximum size of local log segments that can - grow for a partition before it gets eligible for deletion. - If set to -2, the value of log.retention.bytes is used. - The effective value should always be less than or equal - to log.retention.bytes value. - minimum: -2 - type: integer - log_local_retention_ms: - description: The number of milliseconds to keep the local - log segments before it gets eligible for deletion. If set - to -2, the value of log.retention.ms is used. The effective - value should always be less than or equal to log.retention.ms - value. - minimum: -2 - type: integer - log_message_downconversion_enable: - description: This configuration controls whether down-conversion - of message formats is enabled to satisfy consume requests. - type: boolean - log_message_timestamp_difference_max_ms: - description: The maximum difference allowed between the timestamp - when a broker receives a message and the timestamp specified - in the message - minimum: 0 - type: integer - log_message_timestamp_type: - description: Define whether the timestamp in the message is - message create time or log append time. - enum: - - CreateTime - - LogAppendTime - type: string - log_preallocate: - description: Should pre allocate file when create new segment? - type: boolean - log_retention_bytes: - description: The maximum size of the log before deleting messages - minimum: -1 - type: integer - log_retention_hours: - description: The number of hours to keep a log file before - deleting it - maximum: 2147483647 - minimum: -1 - type: integer - log_retention_ms: - description: The number of milliseconds to keep a log file - before deleting it (in milliseconds), If not set, the value - in log.retention.minutes is used. If set to -1, no time - limit is applied. - minimum: -1 - type: integer - log_roll_jitter_ms: - description: The maximum jitter to subtract from logRollTimeMillis - (in milliseconds). If not set, the value in log.roll.jitter.hours - is used - minimum: 0 - type: integer - log_roll_ms: - description: The maximum time before a new log segment is - rolled out (in milliseconds). - minimum: 1 - type: integer - log_segment_bytes: - description: The maximum size of a single log file - maximum: 1073741824 - minimum: 10485760 - type: integer - log_segment_delete_delay_ms: - description: The amount of time to wait before deleting a - file from the filesystem - maximum: 3600000 - minimum: 0 - type: integer - max_connections_per_ip: - description: The maximum number of connections allowed from - each ip address (defaults to 2147483647). - maximum: 2147483647 - minimum: 256 - type: integer - max_incremental_fetch_session_cache_slots: - description: The maximum number of incremental fetch sessions - that the broker will maintain. - maximum: 10000 - minimum: 1000 - type: integer - message_max_bytes: - description: The maximum size of message that the server can - receive. - maximum: 100001200 - minimum: 0 - type: integer - min_insync_replicas: - description: When a producer sets acks to 'all' (or '-1'), - min.insync.replicas specifies the minimum number of replicas - that must acknowledge a write for the write to be considered - successful. - maximum: 7 - minimum: 1 - type: integer - num_partitions: - description: Number of partitions for autocreated topics - maximum: 1000 - minimum: 1 - type: integer - offsets_retention_minutes: - description: Log retention window in minutes for offsets topic - maximum: 2147483647 - minimum: 1 - type: integer - producer_purgatory_purge_interval_requests: - description: The purge interval (in number of requests) of - the producer request purgatory(defaults to 1000). - maximum: 10000 - minimum: 10 - type: integer - replica_fetch_max_bytes: - description: The number of bytes of messages to attempt to - fetch for each partition (defaults to 1048576). This is - not an absolute maximum, if the first record batch in the - first non-empty partition of the fetch is larger than this - value, the record batch will still be returned to ensure - that progress can be made. - maximum: 104857600 - minimum: 1048576 - type: integer - replica_fetch_response_max_bytes: - description: Maximum bytes expected for the entire fetch response - (defaults to 10485760). Records are fetched in batches, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that progress can be made. - As such, this is not an absolute maximum. - maximum: 1048576000 - minimum: 10485760 - type: integer - sasl_oauthbearer_expected_audience: - description: The (optional) comma-delimited setting for the - broker to use to verify that the JWT was issued for one - of the expected audiences. - maxLength: 128 - type: string - sasl_oauthbearer_expected_issuer: - description: Optional setting for the broker to use to verify - that the JWT was created by the expected issuer. - maxLength: 128 - type: string - sasl_oauthbearer_jwks_endpoint_url: - description: OIDC JWKS endpoint URL. By setting this the SASL - SSL OAuth2/OIDC authentication is enabled. See also other - options for SASL OAuth2/OIDC. - maxLength: 2048 + - read_replica type: string - sasl_oauthbearer_sub_claim_name: - description: Name of the scope from which to extract the subject - claim from the JWT. Defaults to sub. - maxLength: 128 + sourceServiceName: + maxLength: 64 + minLength: 1 type: string - socket_request_max_bytes: - description: The maximum number of bytes in a socket request - (defaults to 104857600). - maximum: 209715200 - minimum: 10485760 - type: integer - transaction_partition_verification_enable: - description: Enable verification that checks that the partition - has been added to the transaction before writing transactional - records to the partition - type: boolean - transaction_remove_expired_transaction_cleanup_interval_ms: - description: The interval at which to remove transactions - that have expired due to transactional.id.expiration.ms - passing (defaults to 3600000 (1 hour)). - maximum: 3600000 - minimum: 600000 - type: integer - transaction_state_log_segment_bytes: - description: The transaction topic segment bytes should be - kept relatively small in order to facilitate faster log - compaction and cache loads (defaults to 104857600 (100 mebibytes)). - maximum: 2147483647 - minimum: 1048576 - type: integer - type: object - kafka_authentication_methods: - description: Kafka authentication methods - properties: - certificate: - description: Enable certificate/SSL authentication - type: boolean - sasl: - description: Enable SASL authentication - type: boolean + required: + - integrationType + - sourceServiceName type: object - kafka_connect: - description: Enable Kafka Connect service - type: boolean - kafka_connect_config: - description: Kafka Connect configuration values + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + technicalEmails: + description: + Defines the email addresses that will receive alerts + about upcoming maintenance updates or warnings about service instability. + items: properties: - connector_client_config_override_policy: - description: Defines what client configurations can be overridden - by the connector. Default is None - enum: - - None - - All + email: + description: Email address. + format: ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ type: string - consumer_auto_offset_reset: - description: What to do when there is no initial offset in - Kafka or if the current offset does not exist any more on - the server. Default is earliest - enum: - - earliest - - latest + required: + - email + type: object + maxItems: 10 + type: array + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Kafka specific user configuration options + properties: + additional_backup_regions: + description: Deprecated. Additional Cloud Regions for Backup Replication + items: type: string - consumer_fetch_max_bytes: - description: Records are fetched in batches by the consumer, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that the consumer can make - progress. As such, this is not a absolute maximum. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_isolation_level: - description: Transaction read isolation level. read_uncommitted - is the default, but read_committed can be used if consume-exactly-once - behavior is desired. - enum: - - read_uncommitted - - read_committed + maxItems: 1 + type: array + aiven_kafka_topic_messages: + description: + Allow access to read Kafka topic messages in the + Aiven Console and REST API. + type: boolean + custom_domain: + description: + Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + kafka: + description: Kafka broker configuration values + properties: + auto_create_topics_enable: + description: Enable auto creation of topics + type: boolean + compression_type: + description: + Specify the final compression type for a given + topic. This configuration accepts the standard compression + codecs ('gzip', 'snappy', 'lz4', 'zstd'). It additionally + accepts 'uncompressed' which is equivalent to no compression; + and 'producer' which means retain the original compression + codec set by the producer. + enum: + - gzip + - snappy + - lz4 + - zstd + - uncompressed + - producer + type: string + connections_max_idle_ms: + description: + "Idle connections timeout: the server socket + processor threads close the connections that idle for longer + than this." + maximum: 3600000 + minimum: 1000 + type: integer + default_replication_factor: + description: Replication factor for autocreated topics + maximum: 10 + minimum: 1 + type: integer + group_initial_rebalance_delay_ms: + description: + The amount of time, in milliseconds, the group + coordinator will wait for more consumers to join a new group + before performing the first rebalance. A longer delay means + potentially fewer rebalances, but increases the time until + processing begins. The default value for this is 3 seconds. + During development and testing it might be desirable to + set this to 0 in order to not delay test execution time. + maximum: 300000 + minimum: 0 + type: integer + group_max_session_timeout_ms: + description: + The maximum allowed session timeout for registered + consumers. Longer timeouts give consumers more time to process + messages in between heartbeats at the cost of a longer time + to detect failures. + maximum: 1800000 + minimum: 0 + type: integer + group_min_session_timeout_ms: + description: + The minimum allowed session timeout for registered + consumers. Longer timeouts give consumers more time to process + messages in between heartbeats at the cost of a longer time + to detect failures. + maximum: 60000 + minimum: 0 + type: integer + log_cleaner_delete_retention_ms: + description: How long are delete records retained? + maximum: 315569260000 + minimum: 0 + type: integer + log_cleaner_max_compaction_lag_ms: + description: + The maximum amount of time message will remain + uncompacted. Only applicable for logs that are being compacted + minimum: 30000 + type: integer + log_cleaner_min_cleanable_ratio: + description: + Controls log compactor frequency. Larger value + means more frequent compactions but also more space wasted + for logs. Consider setting log.cleaner.max.compaction.lag.ms + to enforce compactions sooner, instead of setting a very + high value for this option. + maximum: 0.9 + minimum: 0.2 + type: number + log_cleaner_min_compaction_lag_ms: + description: + The minimum time a message will remain uncompacted + in the log. Only applicable for logs that are being compacted. + minimum: 0 + type: integer + log_cleanup_policy: + description: + The default cleanup policy for segments beyond + the retention window + enum: + - delete + - compact + - compact,delete + type: string + log_flush_interval_messages: + description: + The number of messages accumulated on a log partition + before messages are flushed to disk + minimum: 1 + type: integer + log_flush_interval_ms: + description: + The maximum time in ms that a message in any + topic is kept in memory before flushed to disk. If not set, + the value in log.flush.scheduler.interval.ms is used + minimum: 0 + type: integer + log_index_interval_bytes: + description: + The interval with which Kafka adds an entry to + the offset index + maximum: 104857600 + minimum: 0 + type: integer + log_index_size_max_bytes: + description: The maximum size in bytes of the offset index + maximum: 104857600 + minimum: 1048576 + type: integer + log_local_retention_bytes: + description: + The maximum size of local log segments that can + grow for a partition before it gets eligible for deletion. + If set to -2, the value of log.retention.bytes is used. + The effective value should always be less than or equal + to log.retention.bytes value. + minimum: -2 + type: integer + log_local_retention_ms: + description: + The number of milliseconds to keep the local + log segments before it gets eligible for deletion. If set + to -2, the value of log.retention.ms is used. The effective + value should always be less than or equal to log.retention.ms + value. + minimum: -2 + type: integer + log_message_downconversion_enable: + description: + This configuration controls whether down-conversion + of message formats is enabled to satisfy consume requests. + type: boolean + log_message_timestamp_difference_max_ms: + description: + The maximum difference allowed between the timestamp + when a broker receives a message and the timestamp specified + in the message + minimum: 0 + type: integer + log_message_timestamp_type: + description: + Define whether the timestamp in the message is + message create time or log append time. + enum: + - CreateTime + - LogAppendTime + type: string + log_preallocate: + description: Should pre allocate file when create new segment? + type: boolean + log_retention_bytes: + description: The maximum size of the log before deleting messages + minimum: -1 + type: integer + log_retention_hours: + description: + The number of hours to keep a log file before + deleting it + maximum: 2147483647 + minimum: -1 + type: integer + log_retention_ms: + description: + The number of milliseconds to keep a log file + before deleting it (in milliseconds), If not set, the value + in log.retention.minutes is used. If set to -1, no time + limit is applied. + minimum: -1 + type: integer + log_roll_jitter_ms: + description: + The maximum jitter to subtract from logRollTimeMillis + (in milliseconds). If not set, the value in log.roll.jitter.hours + is used + minimum: 0 + type: integer + log_roll_ms: + description: + The maximum time before a new log segment is + rolled out (in milliseconds). + minimum: 1 + type: integer + log_segment_bytes: + description: The maximum size of a single log file + maximum: 1073741824 + minimum: 10485760 + type: integer + log_segment_delete_delay_ms: + description: + The amount of time to wait before deleting a + file from the filesystem + maximum: 3600000 + minimum: 0 + type: integer + max_connections_per_ip: + description: + The maximum number of connections allowed from + each ip address (defaults to 2147483647). + maximum: 2147483647 + minimum: 256 + type: integer + max_incremental_fetch_session_cache_slots: + description: + The maximum number of incremental fetch sessions + that the broker will maintain. + maximum: 10000 + minimum: 1000 + type: integer + message_max_bytes: + description: + The maximum size of message that the server can + receive. + maximum: 100001200 + minimum: 0 + type: integer + min_insync_replicas: + description: + When a producer sets acks to 'all' (or '-1'), + min.insync.replicas specifies the minimum number of replicas + that must acknowledge a write for the write to be considered + successful. + maximum: 7 + minimum: 1 + type: integer + num_partitions: + description: Number of partitions for autocreated topics + maximum: 1000 + minimum: 1 + type: integer + offsets_retention_minutes: + description: Log retention window in minutes for offsets topic + maximum: 2147483647 + minimum: 1 + type: integer + producer_purgatory_purge_interval_requests: + description: + The purge interval (in number of requests) of + the producer request purgatory(defaults to 1000). + maximum: 10000 + minimum: 10 + type: integer + replica_fetch_max_bytes: + description: + The number of bytes of messages to attempt to + fetch for each partition (defaults to 1048576). This is + not an absolute maximum, if the first record batch in the + first non-empty partition of the fetch is larger than this + value, the record batch will still be returned to ensure + that progress can be made. + maximum: 104857600 + minimum: 1048576 + type: integer + replica_fetch_response_max_bytes: + description: + Maximum bytes expected for the entire fetch response + (defaults to 10485760). Records are fetched in batches, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that progress can be made. + As such, this is not an absolute maximum. + maximum: 1048576000 + minimum: 10485760 + type: integer + sasl_oauthbearer_expected_audience: + description: + The (optional) comma-delimited setting for the + broker to use to verify that the JWT was issued for one + of the expected audiences. + maxLength: 128 + type: string + sasl_oauthbearer_expected_issuer: + description: + Optional setting for the broker to use to verify + that the JWT was created by the expected issuer. + maxLength: 128 + type: string + sasl_oauthbearer_jwks_endpoint_url: + description: + OIDC JWKS endpoint URL. By setting this the SASL + SSL OAuth2/OIDC authentication is enabled. See also other + options for SASL OAuth2/OIDC. + maxLength: 2048 + type: string + sasl_oauthbearer_sub_claim_name: + description: + Name of the scope from which to extract the subject + claim from the JWT. Defaults to sub. + maxLength: 128 + type: string + socket_request_max_bytes: + description: + The maximum number of bytes in a socket request + (defaults to 104857600). + maximum: 209715200 + minimum: 10485760 + type: integer + transaction_partition_verification_enable: + description: + Enable verification that checks that the partition + has been added to the transaction before writing transactional + records to the partition + type: boolean + transaction_remove_expired_transaction_cleanup_interval_ms: + description: + The interval at which to remove transactions + that have expired due to transactional.id.expiration.ms + passing (defaults to 3600000 (1 hour)). + maximum: 3600000 + minimum: 600000 + type: integer + transaction_state_log_segment_bytes: + description: + The transaction topic segment bytes should be + kept relatively small in order to facilitate faster log + compaction and cache loads (defaults to 104857600 (100 mebibytes)). + maximum: 2147483647 + minimum: 1048576 + type: integer + type: object + kafka_authentication_methods: + description: Kafka authentication methods + properties: + certificate: + description: Enable certificate/SSL authentication + type: boolean + sasl: + description: Enable SASL authentication + type: boolean + type: object + kafka_connect: + description: Enable Kafka Connect service + type: boolean + kafka_connect_config: + description: Kafka Connect configuration values + properties: + connector_client_config_override_policy: + description: + Defines what client configurations can be overridden + by the connector. Default is None + enum: + - None + - All + type: string + consumer_auto_offset_reset: + description: + What to do when there is no initial offset in + Kafka or if the current offset does not exist any more on + the server. Default is earliest + enum: + - earliest + - latest + type: string + consumer_fetch_max_bytes: + description: + Records are fetched in batches by the consumer, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that the consumer can make + progress. As such, this is not a absolute maximum. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_isolation_level: + description: + Transaction read isolation level. read_uncommitted + is the default, but read_committed can be used if consume-exactly-once + behavior is desired. + enum: + - read_uncommitted + - read_committed + type: string + consumer_max_partition_fetch_bytes: + description: + Records are fetched in batches by the consumer.If + the first record batch in the first non-empty partition + of the fetch is larger than this limit, the batch will still + be returned to ensure that the consumer can make progress. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_max_poll_interval_ms: + description: + The maximum delay in milliseconds between invocations + of poll() when using consumer group management (defaults + to 300000). + maximum: 2147483647 + minimum: 1 + type: integer + consumer_max_poll_records: + description: + The maximum number of records returned in a single + call to poll() (defaults to 500). + maximum: 10000 + minimum: 1 + type: integer + offset_flush_interval_ms: + description: + The interval at which to try committing offsets + for tasks (defaults to 60000). + maximum: 100000000 + minimum: 1 + type: integer + offset_flush_timeout_ms: + description: + Maximum number of milliseconds to wait for records + to flush and partition offset data to be committed to offset + storage before cancelling the process and restoring the + offset data to be committed in a future attempt (defaults + to 5000). + maximum: 2147483647 + minimum: 1 + type: integer + producer_batch_size: + description: + This setting gives the upper bound of the batch + size to be sent. If there are fewer than this many bytes + accumulated for this partition, the producer will 'linger' + for the linger.ms time waiting for more records to show + up. A batch size of zero will disable batching entirely + (defaults to 16384). + maximum: 5242880 + minimum: 0 + type: integer + producer_buffer_memory: + description: + The total bytes of memory the producer can use + to buffer records waiting to be sent to the broker (defaults + to 33554432). + maximum: 134217728 + minimum: 5242880 + type: integer + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: + "This setting gives the upper bound on the delay + for batching: once there is batch.size worth of records + for a partition it will be sent immediately regardless of + this setting, however if there are fewer than this many + bytes accumulated for this partition the producer will 'linger' + for the specified time waiting for more records to show + up. Defaults to 0." + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: + This setting will limit the number of record + batches the producer will send in a single request to avoid + sending huge requests. + maximum: 67108864 + minimum: 131072 + type: integer + scheduled_rebalance_max_delay_ms: + description: + The maximum delay that is scheduled in order + to wait for the return of one or more departed workers before + rebalancing and reassigning their connectors and tasks to + the group. During this period the connectors and tasks of + the departed workers remain unassigned. Defaults to 5 minutes. + maximum: 600000 + minimum: 0 + type: integer + session_timeout_ms: + description: + The timeout in milliseconds used to detect failures + when using Kafka’s group management facilities (defaults + to 10000). + maximum: 2147483647 + minimum: 1 + type: integer + type: object + kafka_rest: + description: Enable Kafka-REST service + type: boolean + kafka_rest_authorization: + description: Enable authorization in Kafka-REST service + type: boolean + kafka_rest_config: + description: Kafka REST configuration + properties: + consumer_enable_auto_commit: + description: + If true the consumer's offset will be periodically + committed to Kafka in the background + type: boolean + consumer_request_max_bytes: + description: + Maximum number of bytes in unencoded message + keys and values by a single request + maximum: 671088640 + minimum: 0 + type: integer + consumer_request_timeout_ms: + description: + The maximum total time to wait for messages for + a request if the maximum number of messages has not yet + been reached + enum: + - 1000 + - 15000 + - 30000 + maximum: 30000 + minimum: 1000 + type: integer + name_strategy: + description: + Name strategy to use when selecting subject for + storing schemas + enum: + - topic_name + - record_name + - topic_record_name + type: string + name_strategy_validation: + description: + If true, validate that given schema is registered + under expected subject name by the used name strategy when + producing messages. + type: boolean + producer_acks: + description: + The number of acknowledgments the producer requires + the leader to have received before considering a request + complete. If set to 'all' or '-1', the leader will wait + for the full set of in-sync replicas to acknowledge the + record. + enum: + - all + - "-1" + - "0" + - "1" + type: string + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: + Wait for up to the given delay to allow batching + records together + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: + The maximum size of a request in bytes. Note + that Kafka broker can also cap the record batch size. + maximum: 2147483647 + minimum: 0 + type: integer + simpleconsumer_pool_size_max: + description: + Maximum number of SimpleConsumers that can be + instantiated per broker + maximum: 250 + minimum: 10 + type: integer + type: object + kafka_version: + description: Kafka major version + enum: + - "3.4" + - "3.5" + - "3.6" + type: string + private_access: + description: + Allow access to selected service ports from private + networks + properties: + kafka: + description: + Allow clients to connect to kafka with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + kafka_connect: + description: + Allow clients to connect to kafka_connect with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + kafka_rest: + description: + Allow clients to connect to kafka_rest with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + schema_registry: + description: + Allow clients to connect to schema_registry with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + jolokia: + description: Enable jolokia + type: boolean + kafka: + description: Enable kafka + type: boolean + kafka_connect: + description: Enable kafka_connect + type: boolean + kafka_rest: + description: Enable kafka_rest + type: boolean + prometheus: + description: Enable prometheus + type: boolean + schema_registry: + description: Enable schema_registry + type: boolean + type: object + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + kafka: + description: + Allow clients to connect to kafka from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + kafka_connect: + description: + Allow clients to connect to kafka_connect from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + kafka_rest: + description: + Allow clients to connect to kafka_rest from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + schema_registry: + description: + Allow clients to connect to schema_registry from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + schema_registry: + description: Enable Schema-Registry service + type: boolean + schema_registry_config: + description: Schema Registry configuration + properties: + leader_eligibility: + description: + If true, Karapace / Schema Registry on the service + nodes can participate in leader election. It might be needed + to disable this when the schemas topic is replicated to + a secondary cluster and Karapace / Schema Registry there + must not participate in leader election. Defaults to `true`. + type: boolean + topic_name: + description: + The durable single partition topic that acts + as the durable log for the data. This topic must be compacted + to avoid losing data due to retention policy. Please note + that changing this configuration in an existing Schema Registry + / Karapace setup leads to previous schemas being inaccessible, + data encoded with them potentially unreadable and schema + ID sequence put out of order. It's only possible to do the + switch while Schema Registry / Karapace is disabled. Defaults + to `_schemas`. + maxLength: 249 + minLength: 1 + type: string + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + static_ips: + description: Use static public IP addresses + type: boolean + tiered_storage: + description: Tiered storage configuration + properties: + enabled: + description: Whether to enable the tiered storage functionality + type: boolean + local_cache: + description: Deprecated. Local cache configuration + properties: + size: + description: Deprecated. Local cache size in bytes + maximum: 107374182400 + minimum: 1 + type: integer + type: object + type: object + type: object + required: + - plan + - project + type: object + x-kubernetes-validations: + - message: + connInfoSecretTargetDisabled can only be set during resource + creation. + rule: has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled) + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - consumer_max_partition_fetch_bytes: - description: Records are fetched in batches by the consumer.If - the first record batch in the first non-empty partition - of the fetch is larger than this limit, the batch will still - be returned to ensure that the consumer can make progress. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_max_poll_interval_ms: - description: The maximum delay in milliseconds between invocations - of poll() when using consumer group management (defaults - to 300000). - maximum: 2147483647 - minimum: 1 - type: integer - consumer_max_poll_records: - description: The maximum number of records returned in a single - call to poll() (defaults to 500). - maximum: 10000 - minimum: 1 - type: integer - offset_flush_interval_ms: - description: The interval at which to try committing offsets - for tasks (defaults to 60000). - maximum: 100000000 - minimum: 1 - type: integer - offset_flush_timeout_ms: - description: Maximum number of milliseconds to wait for records - to flush and partition offset data to be committed to offset - storage before cancelling the process and restoring the - offset data to be committed in a future attempt (defaults - to 5000). - maximum: 2147483647 - minimum: 1 - type: integer - producer_batch_size: - description: This setting gives the upper bound of the batch - size to be sent. If there are fewer than this many bytes - accumulated for this partition, the producer will 'linger' - for the linger.ms time waiting for more records to show - up. A batch size of zero will disable batching entirely - (defaults to 16384). - maximum: 5242880 - minimum: 0 - type: integer - producer_buffer_memory: - description: The total bytes of memory the producer can use - to buffer records waiting to be sent to the broker (defaults - to 33554432). - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. - enum: - - gzip - - snappy - - lz4 - - zstd - - none + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - producer_linger_ms: - description: 'This setting gives the upper bound on the delay - for batching: once there is batch.size worth of records - for a partition it will be sent immediately regardless of - this setting, however if there are fewer than this many - bytes accumulated for this partition the producer will ''linger'' - for the specified time waiting for more records to show - up. Defaults to 0.' - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: This setting will limit the number of record - batches the producer will send in a single request to avoid - sending huge requests. - maximum: 67108864 - minimum: 131072 - type: integer - scheduled_rebalance_max_delay_ms: - description: The maximum delay that is scheduled in order - to wait for the return of one or more departed workers before - rebalancing and reassigning their connectors and tasks to - the group. During this period the connectors and tasks of - the departed workers remain unassigned. Defaults to 5 minutes. - maximum: 600000 - minimum: 0 - type: integer - session_timeout_ms: - description: The timeout in milliseconds used to detect failures - when using Kafka’s group management facilities (defaults - to 10000). - maximum: 2147483647 - minimum: 1 - type: integer - type: object - kafka_rest: - description: Enable Kafka-REST service - type: boolean - kafka_rest_authorization: - description: Enable authorization in Kafka-REST service - type: boolean - kafka_rest_config: - description: Kafka REST configuration - properties: - consumer_enable_auto_commit: - description: If true the consumer's offset will be periodically - committed to Kafka in the background - type: boolean - consumer_request_max_bytes: - description: Maximum number of bytes in unencoded message - keys and values by a single request - maximum: 671088640 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - consumer_request_timeout_ms: - description: The maximum total time to wait for messages for - a request if the maximum number of messages has not yet - been reached - enum: - - 1000 - - 15000 - - 30000 - maximum: 30000 - minimum: 1000 - type: integer - name_strategy_validation: - description: If true, validate that given schema is registered - under expected subject name by the used name strategy when - producing messages. - type: boolean - producer_acks: - description: The number of acknowledgments the producer requires - the leader to have received before considering a request - complete. If set to 'all' or '-1', the leader will wait - for the full set of in-sync replicas to acknowledge the - record. - enum: - - all - - "-1" - - "0" - - "1" + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. + status: + description: status of the condition, one of True, False, Unknown. enum: - - gzip - - snappy - - lz4 - - zstd - - none + - "True" + - "False" + - Unknown type: string - producer_linger_ms: - description: Wait for up to the given delay to allow batching - records together - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: The maximum size of a request in bytes. Note - that Kafka broker can also cap the record batch size. - maximum: 2147483647 - minimum: 0 - type: integer - simpleconsumer_pool_size_max: - description: Maximum number of SimpleConsumers that can be - instantiated per broker - maximum: 250 - minimum: 10 - type: integer - type: object - kafka_version: - description: Kafka major version - enum: - - "3.3" - - "3.1" - - "3.4" - - "3.5" - - "3.6" - type: string - private_access: - description: Allow access to selected service ports from private - networks - properties: - kafka: - description: Allow clients to connect to kafka with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - kafka_connect: - description: Allow clients to connect to kafka_connect with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - kafka_rest: - description: Allow clients to connect to kafka_rest with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - schema_registry: - description: Allow clients to connect to schema_registry with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - jolokia: - description: Enable jolokia - type: boolean - kafka: - description: Enable kafka - type: boolean - kafka_connect: - description: Enable kafka_connect - type: boolean - kafka_rest: - description: Enable kafka_rest - type: boolean - prometheus: - description: Enable prometheus - type: boolean - schema_registry: - description: Enable schema_registry - type: boolean - type: object - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - kafka: - description: Allow clients to connect to kafka from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - kafka_connect: - description: Allow clients to connect to kafka_connect from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - kafka_rest: - description: Allow clients to connect to kafka_rest from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - schema_registry: - description: Allow clients to connect to schema_registry from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - schema_registry: - description: Enable Schema-Registry service - type: boolean - schema_registry_config: - description: Schema Registry configuration - properties: - leader_eligibility: - description: If true, Karapace / Schema Registry on the service - nodes can participate in leader election. It might be needed - to disable this when the schemas topic is replicated to - a secondary cluster and Karapace / Schema Registry there - must not participate in leader election. Defaults to `true`. - type: boolean - topic_name: - description: The durable single partition topic that acts - as the durable log for the data. This topic must be compacted - to avoid losing data due to retention policy. Please note - that changing this configuration in an existing Schema Registry - / Karapace setup leads to previous schemas being inaccessible, - data encoded with them potentially unreadable and schema - ID sequence put out of order. It's only possible to do the - switch while Schema Registry / Karapace is disabled. Defaults - to `_schemas`. - maxLength: 249 - minLength: 1 + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - static_ips: - description: Use static public IP addresses - type: boolean - tiered_storage: - description: Tiered storage configuration - properties: - enabled: - description: Whether to enable the tiered storage functionality - type: boolean - local_cache: - description: Deprecated. Local cache configuration - properties: - size: - description: Deprecated. Local cache size in bytes - maximum: 107374182400 - minimum: 1 - type: integer - type: object - type: object - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkaschemas.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkaschemas.yaml index e96a87b..ffb7aa2 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkaschemas.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkaschemas.yaml @@ -15,171 +15,181 @@ spec: singular: kafkaschema scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.subjectName - name: Subject - type: string - - jsonPath: .spec.compatibilityLevel - name: Compatibility Level - type: string - - jsonPath: .status.version - name: Version - type: number - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaSchema is the Schema for the kafkaschemas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaSchemaSpec defines the desired state of KafkaSchema - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - compatibilityLevel: - description: Kafka Schemas compatibility level - enum: - - BACKWARD - - BACKWARD_TRANSITIVE - - FORWARD - - FORWARD_TRANSITIVE - - FULL - - FULL_TRANSITIVE - - NONE - type: string - project: - description: Project to link the Kafka Schema to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - schema: - description: Kafka Schema configuration should be a valid Avro Schema - JSON format - type: string - serviceName: - description: Service to link the Kafka Schema to - maxLength: 63 - type: string - subjectName: - description: Kafka Schema Subject name - maxLength: 63 - type: string - required: - - project - - schema - - serviceName - - subjectName - type: object - status: - description: KafkaSchemaStatus defines the observed state of KafkaSchema - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaSchema state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.subjectName + name: Subject + type: string + - jsonPath: .spec.compatibilityLevel + name: Compatibility Level + type: string + - jsonPath: .status.version + name: Version + type: number + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaSchema is the Schema for the kafkaschemas API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaSchemaSpec defines the desired state of KafkaSchema + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - version: - description: Kafka Schema configuration version - type: integer - required: - - conditions - - version - type: object - type: object - served: true - storage: true - subresources: - status: {} + compatibilityLevel: + description: Kafka Schemas compatibility level + enum: + - BACKWARD + - BACKWARD_TRANSITIVE + - FORWARD + - FORWARD_TRANSITIVE + - FULL + - FULL_TRANSITIVE + - NONE + type: string + project: + description: Project to link the Kafka Schema to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + schema: + description: + Kafka Schema configuration should be a valid Avro Schema + JSON format + type: string + serviceName: + description: Service to link the Kafka Schema to + maxLength: 63 + type: string + subjectName: + description: Kafka Schema Subject name + maxLength: 63 + type: string + required: + - project + - schema + - serviceName + - subjectName + type: object + status: + description: KafkaSchemaStatus defines the observed state of KafkaSchema + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaSchema state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + version: + description: Kafka Schema configuration version + type: integer + required: + - conditions + - version + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkatopics.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkatopics.yaml index b48be5e..dbddcef 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkatopics.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkatopics.yaml @@ -15,280 +15,291 @@ spec: singular: kafkatopic scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.partitions - name: Partitions - type: string - - jsonPath: .spec.replication - name: Replication - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaTopic is the Schema for the kafkatopics API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaTopicSpec defines the desired state of KafkaTopic - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - config: - description: Kafka topic configuration - properties: - cleanup_policy: - description: cleanup.policy value - type: string - compression_type: - description: compression.type value - type: string - delete_retention_ms: - description: delete.retention.ms value - format: int64 - type: integer - file_delete_delay_ms: - description: file.delete.delay.ms value - format: int64 - type: integer - flush_messages: - description: flush.messages value - format: int64 - type: integer - flush_ms: - description: flush.ms value - format: int64 - type: integer - index_interval_bytes: - description: index.interval.bytes value - format: int64 - type: integer - max_compaction_lag_ms: - description: max.compaction.lag.ms value - format: int64 - type: integer - max_message_bytes: - description: max.message.bytes value - format: int64 - type: integer - message_downconversion_enable: - description: message.downconversion.enable value - type: boolean - message_format_version: - description: message.format.version value - type: string - message_timestamp_difference_max_ms: - description: message.timestamp.difference.max.ms value - format: int64 - type: integer - message_timestamp_type: - description: message.timestamp.type value - type: string - min_cleanable_dirty_ratio: - description: min.cleanable.dirty.ratio value - type: number - min_compaction_lag_ms: - description: min.compaction.lag.ms value - format: int64 - type: integer - min_insync_replicas: - description: min.insync.replicas value - format: int64 - type: integer - preallocate: - description: preallocate value - type: boolean - retention_bytes: - description: retention.bytes value - format: int64 - type: integer - retention_ms: - description: retention.ms value - format: int64 - type: integer - segment_bytes: - description: segment.bytes value - format: int64 - type: integer - segment_index_bytes: - description: segment.index.bytes value - format: int64 - type: integer - segment_jitter_ms: - description: segment.jitter.ms value - format: int64 - type: integer - segment_ms: - description: segment.ms value - format: int64 - type: integer - type: object - partitions: - description: Number of partitions to create in the topic - maximum: 1000000 - minimum: 1 - type: integer - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - replication: - description: Replication factor for the topic - minimum: 2 - type: integer - serviceName: - description: Service name. - maxLength: 63 - type: string - tags: - description: Kafka topic tags - items: + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.partitions + name: Partitions + type: string + - jsonPath: .spec.replication + name: Replication + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaTopic is the Schema for the kafkatopics API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaTopicSpec defines the desired state of KafkaTopic + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: key: - format: ^[a-zA-Z0-9_-]*$ - maxLength: 64 minLength: 1 type: string - value: - format: ^[a-zA-Z0-9_-]*$ - maxLength: 256 + name: + minLength: 1 type: string required: - - key + - key + - name type: object - type: array - termination_protection: - description: It is a Kubernetes side deletion protections, which prevents - the kafka topic from being deleted by Kubernetes. It is recommended - to enable this for any production databases containing critical - data. - type: boolean - topicName: - description: Topic name. If provided, is used instead of metadata.name. - This field supports additional characters, has a longer length, - and will replace metadata.name in future releases - maxLength: 249 - minLength: 1 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - partitions - - project - - replication - - serviceName - type: object - status: - description: KafkaTopicStatus defines the observed state of KafkaTopic - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaTopic state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + config: + description: Kafka topic configuration properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + cleanup_policy: + description: cleanup.policy value type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + compression_type: + description: compression.type value type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + delete_retention_ms: + description: delete.retention.ms value format: int64 - minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + file_delete_delay_ms: + description: file.delete.delay.ms value + format: int64 + type: integer + flush_messages: + description: flush.messages value + format: int64 + type: integer + flush_ms: + description: flush.ms value + format: int64 + type: integer + index_interval_bytes: + description: index.interval.bytes value + format: int64 + type: integer + max_compaction_lag_ms: + description: max.compaction.lag.ms value + format: int64 + type: integer + max_message_bytes: + description: max.message.bytes value + format: int64 + type: integer + message_downconversion_enable: + description: message.downconversion.enable value + type: boolean + message_format_version: + description: message.format.version value type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + message_timestamp_difference_max_ms: + description: message.timestamp.difference.max.ms value + format: int64 + type: integer + message_timestamp_type: + description: message.timestamp.type value type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + min_cleanable_dirty_ratio: + description: min.cleanable.dirty.ratio value + type: number + min_compaction_lag_ms: + description: min.compaction.lag.ms value + format: int64 + type: integer + min_insync_replicas: + description: min.insync.replicas value + format: int64 + type: integer + preallocate: + description: preallocate value + type: boolean + retention_bytes: + description: retention.bytes value + format: int64 + type: integer + retention_ms: + description: retention.ms value + format: int64 + type: integer + segment_bytes: + description: segment.bytes value + format: int64 + type: integer + segment_index_bytes: + description: segment.index.bytes value + format: int64 + type: integer + segment_jitter_ms: + description: segment.jitter.ms value + format: int64 + type: integer + segment_ms: + description: segment.ms value + format: int64 + type: integer type: object - type: array - state: - description: State represents the state of the kafka topic - type: string - required: - - conditions - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + partitions: + description: Number of partitions to create in the topic + maximum: 1000000 + minimum: 1 + type: integer + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + replication: + description: Replication factor for the topic + minimum: 2 + type: integer + serviceName: + description: Service name. + maxLength: 63 + type: string + tags: + description: Kafka topic tags + items: + properties: + key: + format: ^[a-zA-Z0-9_-]*$ + maxLength: 64 + minLength: 1 + type: string + value: + format: ^[a-zA-Z0-9_-]*$ + maxLength: 256 + type: string + required: + - key + type: object + type: array + termination_protection: + description: + It is a Kubernetes side deletion protections, which prevents + the kafka topic from being deleted by Kubernetes. It is recommended + to enable this for any production databases containing critical + data. + type: boolean + topicName: + description: + Topic name. If provided, is used instead of metadata.name. + This field supports additional characters, has a longer length, + and will replace metadata.name in future releases + maxLength: 249 + minLength: 1 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - partitions + - project + - replication + - serviceName + type: object + status: + description: KafkaTopicStatus defines the observed state of KafkaTopic + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaTopic state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: State represents the state of the kafka topic + type: string + required: + - conditions + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml b/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml index 635c30b..853d3ac 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml @@ -15,658 +15,764 @@ spec: singular: mysql scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: MySQL is the Schema for the mysqls API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MySQLSpec defines the desired state of MySQL - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `MYSQL_HOST`, `MYSQL_PORT`, `MYSQL_DATABASE`, `MYSQL_USER`, `MYSQL_PASSWORD`, - `MYSQL_SSL_MODE`, `MYSQL_URI`, `MYSQL_REPLICA_URI`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: MySQL is the Schema for the mysqls API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: MySQLSpec defines the desired state of MySQL + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: MySQL specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `MYSQL_HOST`, `MYSQL_PORT`, `MYSQL_DATABASE`, `MYSQL_USER`, `MYSQL_PASSWORD`, + `MYSQL_SSL_MODE`, `MYSQL_URI`, `MYSQL_REPLICA_URI`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - maxItems: 1 - type: array - admin_password: - description: Custom password for admin user. Defaults to random - string. This must be set only when a new service is being created. - maxLength: 256 - minLength: 8 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - x-kubernetes-validations: - - message: Value is immutable + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + connInfoSecretTargetDisabled: + description: + When true, the secret containing connection information + will not be created, defaults to false. This field cannot be changed + after resource creation. + type: boolean + x-kubernetes-validations: + - message: connInfoSecretTargetDisabled is immutable. rule: self == oldSelf - admin_username: - description: Custom username for admin user. This must be set - only when a new service is being created. - maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - x-kubernetes-validations: + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - backup_hour: - description: The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 - minimum: 0 - type: integer - binlog_retention_period: - description: The minimum amount of time in seconds to keep binlog - entries before deletion. This may be extended for services that - require binlog entries for longer than the default for example - if using the MySQL Debezium Kafka connector. - maximum: 86400 - minimum: 600 - type: integer - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) + integrationType: enum: - - dump - - replication + - read_replica type: string - password: - description: Password for authentication with the server where - to migrate data from - maxLength: 256 - type: string - port: - description: Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: The server where to migrate data from is secured - with SSL - type: boolean - username: - description: User name for authentication with the server - where to migrate data from - maxLength: 256 + sourceServiceName: + maxLength: 64 + minLength: 1 type: string required: - - host - - port + - integrationType + - sourceServiceName type: object - mysql: - description: mysql.conf configuration values - properties: - connect_timeout: - description: The number of seconds that the mysqld server - waits for a connect packet before responding with Bad handshake - maximum: 3600 - minimum: 2 - type: integer - default_time_zone: - description: Default server time zone as an offset from UTC - (from -12:00 to +12:00), a time zone name, or 'SYSTEM' to - use the MySQL server default. - maxLength: 100 - minLength: 2 - type: string - group_concat_max_len: - description: The maximum permitted result length in bytes - for the GROUP_CONCAT() function. - minimum: 4 - type: integer - information_schema_stats_expiry: - description: The time, in seconds, before cached statistics - expire - maximum: 31536000 - minimum: 900 - type: integer - innodb_change_buffer_max_size: - description: Maximum size for the InnoDB change buffer, as - a percentage of the total size of the buffer pool. Default - is 25 - maximum: 50 - minimum: 0 - type: integer - innodb_flush_neighbors: - description: 'Specifies whether flushing a page from the InnoDB - buffer pool also flushes other dirty pages in the same extent - (default is 1): 0 - dirty pages in the same extent are not - flushed, 1 - flush contiguous dirty pages in the same extent, 2 - - flush dirty pages in the same extent' - maximum: 2 - minimum: 0 - type: integer - innodb_ft_min_token_size: - description: Minimum length of words that are stored in an - InnoDB FULLTEXT index. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 16 - minimum: 0 - type: integer - innodb_ft_server_stopword_table: - description: This option is used to specify your own InnoDB - FULLTEXT index stopword list for all InnoDB tables. - maxLength: 1024 - pattern: ^.+/.+$ - type: string - innodb_lock_wait_timeout: - description: The length of time in seconds an InnoDB transaction - waits for a row lock before giving up. Default is 120. - maximum: 3600 - minimum: 1 - type: integer - innodb_log_buffer_size: - description: The size in bytes of the buffer that InnoDB uses - to write to the log files on disk. - maximum: 4294967295 - minimum: 1048576 - type: integer - innodb_online_alter_log_max_size: - description: The upper limit in bytes on the size of the temporary - log files used during online DDL operations for InnoDB tables. - maximum: 1099511627776 - minimum: 65536 - type: integer - innodb_print_all_deadlocks: - description: When enabled, information about all deadlocks - in InnoDB user transactions is recorded in the error log. - Disabled by default. - type: boolean - innodb_read_io_threads: - description: The number of I/O threads for read operations - in InnoDB. Default is 4. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 64 - minimum: 1 - type: integer - innodb_rollback_on_timeout: - description: When enabled a transaction timeout causes InnoDB - to abort and roll back the entire transaction. Changing - this parameter will lead to a restart of the MySQL service. - type: boolean - innodb_thread_concurrency: - description: Defines the maximum number of threads permitted - inside of InnoDB. Default is 0 (infinite concurrency - no - limit) - maximum: 1000 - minimum: 0 - type: integer - innodb_write_io_threads: - description: The number of I/O threads for write operations - in InnoDB. Default is 4. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 64 - minimum: 1 - type: integer - interactive_timeout: - description: The number of seconds the server waits for activity - on an interactive connection before closing it. - maximum: 604800 - minimum: 30 - type: integer - internal_tmp_mem_storage_engine: - description: The storage engine for in-memory internal temporary - tables. - enum: - - TempTable - - MEMORY - type: string - long_query_time: - description: The slow_query_logs work as SQL statements that - take more than long_query_time seconds to execute. Default - is 10s - maximum: 3600 - minimum: 0 - type: number - max_allowed_packet: - description: Size of the largest message in bytes that can - be received by the server. Default is 67108864 (64M) - maximum: 1073741824 - minimum: 102400 - type: integer - max_heap_table_size: - description: Limits the size of internal in-memory tables. - Also set tmp_table_size. Default is 16777216 (16M) - maximum: 1073741824 - minimum: 1048576 - type: integer - net_buffer_length: - description: Start sizes of connection buffer and result buffer. - Default is 16384 (16K). Changing this parameter will lead - to a restart of the MySQL service. - maximum: 1048576 - minimum: 1024 - type: integer - net_read_timeout: - description: The number of seconds to wait for more data from - a connection before aborting the read. - maximum: 3600 - minimum: 1 - type: integer - net_write_timeout: - description: The number of seconds to wait for a block to - be written to a connection before aborting the write. - maximum: 3600 - minimum: 1 - type: integer - slow_query_log: - description: Slow query log enables capturing of slow queries. - Setting slow_query_log to false also truncates the mysql.slow_log - table. Default is off - type: boolean - sort_buffer_size: - description: Sort buffer size in bytes for ORDER BY optimization. - Default is 262144 (256K) - maximum: 1073741824 - minimum: 32768 - type: integer - sql_mode: - description: Global SQL mode. Set to empty to use MySQL server - defaults. When creating a new service and not setting this - field Aiven default SQL mode (strict, SQL standard compliant) - will be assigned. - maxLength: 1024 - pattern: ^[A-Z_]*(,[A-Z_]+)*$ - type: string - sql_require_primary_key: - description: Require primary key to be defined for new tables - or old tables modified with ALTER TABLE and fail if missing. - It is recommended to always have primary keys because various - functionality may break if any large table is missing them. - type: boolean - tmp_table_size: - description: Limits the size of internal in-memory tables. - Also set max_heap_table_size. Default is 16777216 (16M) - maximum: 1073741824 - minimum: 1048576 - type: integer - wait_timeout: - description: The number of seconds the server waits for activity - on a noninteractive connection before closing it. - maximum: 2147483 - minimum: 1 - type: integer - type: object - mysql_version: - description: MySQL major version - enum: - - "8" - type: string - private_access: - description: Allow access to selected service ports from private - networks - properties: - mysql: - description: Allow clients to connect to mysql with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - mysqlx: - description: Allow clients to connect to mysqlx with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - mysql: - description: Enable mysql - type: boolean - mysqlx: - description: Enable mysqlx - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + technicalEmails: + description: + Defines the email addresses that will receive alerts + about upcoming maintenance updates or warnings about service instability. + items: properties: - mysql: - description: Allow clients to connect to mysql from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - mysqlx: - description: Allow clients to connect to mysqlx from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + email: + description: Email address. + format: ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ + type: string + required: + - email type: object - recovery_target_time: - description: Recovery target time when forking a service. This - has effect only when a new service is being created. - maxLength: 32 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + maxItems: 10 + type: array + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: MySQL specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + admin_password: + description: + Custom password for admin user. Defaults to random + string. This must be set only when a new service is being created. + maxLength: 256 + minLength: 8 + pattern: ^[a-zA-Z0-9-_]+$ type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + admin_username: + description: + Custom username for admin user. This must be set + only when a new service is being created. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + backup_hour: + description: + The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + backup_minute: + description: + The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + binlog_retention_period: + description: + The minimum amount of time in seconds to keep binlog + entries before deletion. This may be extended for services that + require binlog entries for longer than the default for example + if using the MySQL Debezium Kafka connector. + maximum: 86400 + minimum: 600 + type: integer + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server + properties: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: + Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: + Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: + The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) + enum: + - dump + - replication + type: string + password: + description: + Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: + Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: + The server where to migrate data from is secured + with SSL + type: boolean + username: + description: + User name for authentication with the server + where to migrate data from + maxLength: 256 + type: string + required: + - host + - port + type: object + mysql: + description: mysql.conf configuration values + properties: + connect_timeout: + description: + The number of seconds that the mysqld server + waits for a connect packet before responding with Bad handshake + maximum: 3600 + minimum: 2 + type: integer + default_time_zone: + description: + Default server time zone as an offset from UTC + (from -12:00 to +12:00), a time zone name, or 'SYSTEM' to + use the MySQL server default. + maxLength: 100 + minLength: 2 + type: string + group_concat_max_len: + description: + The maximum permitted result length in bytes + for the GROUP_CONCAT() function. + minimum: 4 + type: integer + information_schema_stats_expiry: + description: + The time, in seconds, before cached statistics + expire + maximum: 31536000 + minimum: 900 + type: integer + innodb_change_buffer_max_size: + description: + Maximum size for the InnoDB change buffer, as + a percentage of the total size of the buffer pool. Default + is 25 + maximum: 50 + minimum: 0 + type: integer + innodb_flush_neighbors: + description: + "Specifies whether flushing a page from the InnoDB + buffer pool also flushes other dirty pages in the same extent + (default is 1): 0 - dirty pages in the same extent are not + flushed, 1 - flush contiguous dirty pages in the same extent, 2 + - flush dirty pages in the same extent" + maximum: 2 + minimum: 0 + type: integer + innodb_ft_min_token_size: + description: + Minimum length of words that are stored in an + InnoDB FULLTEXT index. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 16 + minimum: 0 + type: integer + innodb_ft_server_stopword_table: + description: + This option is used to specify your own InnoDB + FULLTEXT index stopword list for all InnoDB tables. + maxLength: 1024 + pattern: ^.+/.+$ + type: string + innodb_lock_wait_timeout: + description: + The length of time in seconds an InnoDB transaction + waits for a row lock before giving up. Default is 120. + maximum: 3600 + minimum: 1 + type: integer + innodb_log_buffer_size: + description: + The size in bytes of the buffer that InnoDB uses + to write to the log files on disk. + maximum: 4294967295 + minimum: 1048576 + type: integer + innodb_online_alter_log_max_size: + description: + The upper limit in bytes on the size of the temporary + log files used during online DDL operations for InnoDB tables. + maximum: 1099511627776 + minimum: 65536 + type: integer + innodb_print_all_deadlocks: + description: + When enabled, information about all deadlocks + in InnoDB user transactions is recorded in the error log. + Disabled by default. + type: boolean + innodb_read_io_threads: + description: + The number of I/O threads for read operations + in InnoDB. Default is 4. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 64 + minimum: 1 + type: integer + innodb_rollback_on_timeout: + description: + When enabled a transaction timeout causes InnoDB + to abort and roll back the entire transaction. Changing + this parameter will lead to a restart of the MySQL service. + type: boolean + innodb_thread_concurrency: + description: + Defines the maximum number of threads permitted + inside of InnoDB. Default is 0 (infinite concurrency - no + limit) + maximum: 1000 + minimum: 0 + type: integer + innodb_write_io_threads: + description: + The number of I/O threads for write operations + in InnoDB. Default is 4. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 64 + minimum: 1 + type: integer + interactive_timeout: + description: + The number of seconds the server waits for activity + on an interactive connection before closing it. + maximum: 604800 + minimum: 30 + type: integer + internal_tmp_mem_storage_engine: + description: + The storage engine for in-memory internal temporary + tables. + enum: + - TempTable + - MEMORY + type: string + long_query_time: + description: + The slow_query_logs work as SQL statements that + take more than long_query_time seconds to execute. Default + is 10s + maximum: 3600 + minimum: 0 + type: number + max_allowed_packet: + description: + Size of the largest message in bytes that can + be received by the server. Default is 67108864 (64M) + maximum: 1073741824 + minimum: 102400 + type: integer + max_heap_table_size: + description: + Limits the size of internal in-memory tables. + Also set tmp_table_size. Default is 16777216 (16M) + maximum: 1073741824 + minimum: 1048576 + type: integer + net_buffer_length: + description: + Start sizes of connection buffer and result buffer. + Default is 16384 (16K). Changing this parameter will lead + to a restart of the MySQL service. + maximum: 1048576 + minimum: 1024 + type: integer + net_read_timeout: + description: + The number of seconds to wait for more data from + a connection before aborting the read. + maximum: 3600 + minimum: 1 + type: integer + net_write_timeout: + description: + The number of seconds to wait for a block to + be written to a connection before aborting the write. + maximum: 3600 + minimum: 1 + type: integer + slow_query_log: + description: + Slow query log enables capturing of slow queries. + Setting slow_query_log to false also truncates the mysql.slow_log + table. Default is off + type: boolean + sort_buffer_size: + description: + Sort buffer size in bytes for ORDER BY optimization. + Default is 262144 (256K) + maximum: 1073741824 + minimum: 32768 + type: integer + sql_mode: + description: + Global SQL mode. Set to empty to use MySQL server + defaults. When creating a new service and not setting this + field Aiven default SQL mode (strict, SQL standard compliant) + will be assigned. + maxLength: 1024 + pattern: ^[A-Z_]*(,[A-Z_]+)*$ + type: string + sql_require_primary_key: + description: + Require primary key to be defined for new tables + or old tables modified with ALTER TABLE and fail if missing. + It is recommended to always have primary keys because various + functionality may break if any large table is missing them. + type: boolean + tmp_table_size: + description: + Limits the size of internal in-memory tables. + Also set max_heap_table_size. Default is 16777216 (16M) + maximum: 1073741824 + minimum: 1048576 + type: integer + wait_timeout: + description: + The number of seconds the server waits for activity + on a noninteractive connection before closing it. + maximum: 2147483 + minimum: 1 + type: integer + type: object + mysql_version: + description: MySQL major version enum: - - "True" - - "False" - - Unknown + - "8" type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + private_access: + description: + Allow access to selected service ports from private + networks + properties: + mysql: + description: + Allow clients to connect to mysql with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + mysqlx: + description: + Allow clients to connect to mysqlx with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + mysql: + description: Enable mysql + type: boolean + mysqlx: + description: Enable mysqlx + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + mysql: + description: + Allow clients to connect to mysql from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + mysqlx: + description: + Allow clients to connect to mysqlx from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_target_time: + description: + Recovery target time when forking a service. This + has effect only when a new service is being created. + maxLength: 32 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + x-kubernetes-validations: + - message: + connInfoSecretTargetDisabled can only be set during resource + creation. + rule: has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled) + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml index 95f6388..7e58123 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml @@ -15,942 +15,1077 @@ spec: singular: opensearch scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: OpenSearch is the Schema for the opensearches API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: OpenSearchSpec defines the desired state of OpenSearch - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`' - properties: - annotations: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: OpenSearch is the Schema for the opensearches API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: OpenSearchSpec defines the desired state of OpenSearch + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`" properties: - integrationType: - enum: - - read_replica + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - integrationType - - sourceServiceName + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + connInfoSecretTargetDisabled: + description: + When true, the secret containing connection information + will not be created, defaults to false. This field cannot be changed + after resource creation. + type: boolean + x-kubernetes-validations: + - message: connInfoSecretTargetDisabled is immutable. + rule: self == oldSelf + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: OpenSearch specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 type: string - maxItems: 1 - type: array - custom_domain: - description: Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + properties: + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName + type: object + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - disable_replication_factor_adjustment: - description: 'DEPRECATED: Disable automatic replication factor - adjustment for multi-node services. By default, Aiven ensures - all indexes are replicated at least to two nodes. Note: Due - to potential data loss in case of losing a service node, this - setting can no longer be activated.' - type: boolean - index_patterns: - description: Index patterns - items: - description: 'Allows you to create glob style patterns and set - a max number of indexes matching this pattern you want to - keep. Creating indexes exceeding this value will cause the - oldest one to get deleted. You could for example create a - pattern looking like ''logs.?'' and then create index logs.1, - logs.2 etc, it will delete logs.1 once you create logs.6. - Do note ''logs.?'' does not apply to logs.10. Note: Setting - max_index_count to 0 will do nothing and the pattern gets - ignored.' + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + technicalEmails: + description: + Defines the email addresses that will receive alerts + about upcoming maintenance updates or warnings about service instability. + items: + properties: + email: + description: Email address. + format: ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ + type: string + required: + - email + type: object + maxItems: 10 + type: array + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: OpenSearch specific user configuration options + properties: + additional_backup_regions: + description: Deprecated. Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + custom_domain: + description: + Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + disable_replication_factor_adjustment: + description: + "DEPRECATED: Disable automatic replication factor + adjustment for multi-node services. By default, Aiven ensures + all indexes are replicated at least to two nodes. Note: Due + to potential data loss in case of losing a service node, this + setting can no longer be activated." + type: boolean + index_patterns: + description: Index patterns + items: + description: + "Allows you to create glob style patterns and set + a max number of indexes matching this pattern you want to + keep. Creating indexes exceeding this value will cause the + oldest one to get deleted. You could for example create a + pattern looking like 'logs.?' and then create index logs.1, + logs.2 etc, it will delete logs.1 once you create logs.6. + Do note 'logs.?' does not apply to logs.10. Note: Setting + max_index_count to 0 will do nothing and the pattern gets + ignored." + properties: + max_index_count: + description: Maximum number of indexes to keep + minimum: 0 + type: integer + pattern: + description: fnmatch pattern + maxLength: 1024 + pattern: ^[A-Za-z0-9-_.*?]+$ + type: string + sorting_algorithm: + description: Deletion sorting algorithm + enum: + - alphabetical + - creation_date + type: string + required: + - max_index_count + - pattern + type: object + maxItems: 512 + type: array + index_template: + description: Template settings for all new indexes properties: - max_index_count: - description: Maximum number of indexes to keep + mapping_nested_objects_limit: + description: + The maximum number of nested JSON objects that + a single document can contain across all nested types. This + limit helps to prevent out of memory errors when a document + contains too many nested objects. Default is 10000. + maximum: 100000 + minimum: 0 + type: integer + number_of_replicas: + description: The number of replicas each primary shard has. + maximum: 29 minimum: 0 type: integer - pattern: - description: fnmatch pattern + number_of_shards: + description: + The number of primary shards that an index should + have. + maximum: 1024 + minimum: 1 + type: integer + type: object + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + keep_index_refresh_interval: + description: + Aiven automation resets index.refresh_interval to + default value for every index to be sure that indices are always + visible to search. If it doesn't fit your case, you can disable + this by setting up this flag to true. + type: boolean + max_index_count: + description: "DEPRECATED: use index_patterns instead" + minimum: 0 + type: integer + openid: + description: OpenSearch OpenID Connect Configuration + properties: + client_id: + description: + The ID of the OpenID Connect client configured + in your IdP. Required. maxLength: 1024 - pattern: ^[A-Za-z0-9-_.*?]+$ + minLength: 1 type: string - sorting_algorithm: - description: Deletion sorting algorithm - enum: - - alphabetical - - creation_date + client_secret: + description: + The client secret of the OpenID Connect client + configured in your IdP. Required. + maxLength: 1024 + minLength: 1 + type: string + connect_url: + description: + The URL of your IdP where the Security plugin + can find the OpenID Connect metadata/configuration settings. + maxLength: 2048 + type: string + enabled: + description: + Enables or disables OpenID Connect authentication + for OpenSearch. When enabled, users can authenticate using + OpenID Connect with an Identity Provider. + type: boolean + header: + description: + HTTP header name of the JWT token. Optional. + Default is Authorization. + maxLength: 1024 + minLength: 1 + type: string + jwt_header: + description: + "The HTTP header that stores the token. Typically + the Authorization header with the Bearer schema: Authorization: + Bearer . Optional. Default is Authorization." + maxLength: 1024 + minLength: 1 + type: string + jwt_url_parameter: + description: + If the token is not transmitted in the HTTP header, + but as an URL parameter, define the name of the parameter + here. Optional. + maxLength: 1024 + minLength: 1 + type: string + refresh_rate_limit_count: + description: + The maximum number of unknown key IDs in the + time frame. Default is 10. Optional. + minimum: 10 + type: integer + refresh_rate_limit_time_window_ms: + description: + The time frame to use when checking the maximum + number of unknown key IDs, in milliseconds. Optional.Default + is 10000 (10 seconds). + minimum: 10000 + type: integer + roles_key: + description: + The key in the JSON payload that stores the user’s + roles. The value of this key must be a comma-separated list + of roles. Required only if you want to use roles in the + JWT + maxLength: 1024 + minLength: 1 + type: string + scope: + description: + The scope of the identity token issued by the + IdP. Optional. Default is openid profile email address phone. + maxLength: 1024 + minLength: 1 + type: string + subject_key: + description: + The key in the JSON payload that stores the user’s + name. If not defined, the subject registered claim is used. + Most IdP providers use the preferred_username claim. Optional. + maxLength: 1024 + minLength: 1 type: string required: - - max_index_count - - pattern + - client_id + - client_secret + - connect_url + - enabled type: object - maxItems: 512 - type: array - index_template: - description: Template settings for all new indexes - properties: - mapping_nested_objects_limit: - description: The maximum number of nested JSON objects that - a single document can contain across all nested types. This - limit helps to prevent out of memory errors when a document - contains too many nested objects. Default is 10000. - maximum: 100000 - minimum: 0 - type: integer - number_of_replicas: - description: The number of replicas each primary shard has. - maximum: 29 - minimum: 0 - type: integer - number_of_shards: - description: The number of primary shards that an index should - have. - maximum: 1024 - minimum: 1 - type: integer - type: object - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field + opensearch: + description: OpenSearch settings properties: - description: - description: Description for IP filter list entry + action_auto_create_index_enabled: + description: + Explicitly allow or block automatic creation + of indices. Defaults to true + type: boolean + action_destructive_requires_name: + description: Require explicit index names when deleting + type: boolean + auth_failure_listeners: + description: Opensearch Security Plugin Settings + properties: + internal_authentication_backend_limiting: + properties: + allowed_tries: + description: + The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 0 + type: integer + authentication_backend: + description: internal_authentication_backend_limiting.authentication_backend + enum: + - internal + maxLength: 1024 + type: string + block_expiry_seconds: + description: + The duration of time that login remains + blocked after a failed login + maximum: 2147483647 + minimum: 0 + type: integer + max_blocked_clients: + description: internal_authentication_backend_limiting.max_blocked_clients + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: + The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: + The window of time in which the value + for `allowed_tries` is enforced + maximum: 2147483647 + minimum: 0 + type: integer + type: + description: internal_authentication_backend_limiting.type + enum: + - username + maxLength: 1024 + type: string + type: object + ip_rate_limiting: + description: IP address rate limiting settings + properties: + allowed_tries: + description: + The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 1 + type: integer + block_expiry_seconds: + description: + The duration of time that login remains + blocked after a failed login + maximum: 36000 + minimum: 1 + type: integer + max_blocked_clients: + description: The maximum number of blocked IP addresses + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: + The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: + The window of time in which the value + for `allowed_tries` is enforced + maximum: 36000 + minimum: 1 + type: integer + type: + description: The type of rate limiting + enum: + - ip + maxLength: 1024 + type: string + type: object + type: object + cluster_max_shards_per_node: + description: + Controls the number of shards allowed in the + cluster per data node + maximum: 10000 + minimum: 100 + type: integer + cluster_routing_allocation_node_concurrent_recoveries: + description: + How many concurrent incoming/outgoing shard recoveries + (normally replicas) are allowed to happen on a node. Defaults + to 2. + maximum: 16 + minimum: 2 + type: integer + email_sender_name: + description: + Sender name placeholder to be used in Opensearch + Dashboards and Opensearch keystore + maxLength: 40 + pattern: ^[a-zA-Z0-9-_]+$ + type: string + email_sender_password: + description: + Sender password for Opensearch alerts to authenticate + with SMTP server maxLength: 1024 + pattern: ^[^\x00-\x1F]+$ type: string - network: - description: CIDR address block - maxLength: 43 + email_sender_username: + description: Sender username for Opensearch alerts + maxLength: 320 + pattern: ^[^\x00-\x1F]+$ + type: string + enable_security_audit: + description: Enable/Disable security audit + type: boolean + http_max_content_length: + description: + Maximum content length for HTTP requests to the + OpenSearch HTTP API, in bytes. + maximum: 2147483647 + minimum: 1 + type: integer + http_max_header_size: + description: The max size of allowed headers, in bytes + maximum: 262144 + minimum: 1024 + type: integer + http_max_initial_line_length: + description: The max length of an HTTP URL, in bytes + maximum: 65536 + minimum: 1024 + type: integer + indices_fielddata_cache_size: + description: + Relative amount. Maximum amount of heap memory + used for field data cache. This is an expert setting; decreasing + the value too much will increase overhead of loading field + data; too much memory used for field data cache will decrease + amount of heap available for other operations. + maximum: 100 + minimum: 3 + type: integer + indices_memory_index_buffer_size: + description: + Percentage value. Default is 10%. Total amount + of heap used for indexing buffer, before writing segments + to disk. This is an expert setting. Too low value will slow + down indexing; too high value will increase indexing performance + but causes performance issues for query performance. + maximum: 40 + minimum: 3 + type: integer + indices_memory_max_index_buffer_size: + description: + Absolute value. Default is unbound. Doesn't work + without indices.memory.index_buffer_size. Maximum amount + of heap used for query cache, an absolute indices.memory.index_buffer_size + maximum hard limit. + maximum: 2048 + minimum: 3 + type: integer + indices_memory_min_index_buffer_size: + description: + Absolute value. Default is 48mb. Doesn't work + without indices.memory.index_buffer_size. Minimum amount + of heap used for query cache, an absolute indices.memory.index_buffer_size + minimal hard limit. + maximum: 2048 + minimum: 3 + type: integer + indices_queries_cache_size: + description: + Percentage value. Default is 10%. Maximum amount + of heap used for query cache. This is an expert setting. + Too low value will decrease query performance and increase + performance for other operations; too high value will cause + issues with other OpenSearch functionality. + maximum: 40 + minimum: 3 + type: integer + indices_query_bool_max_clause_count: + description: + Maximum number of clauses Lucene BooleanQuery + can have. The default value (1024) is relatively high, and + increasing it may cause performance issues. Investigate + other approaches first before increasing this value. + maximum: 4096 + minimum: 64 + type: integer + indices_recovery_max_bytes_per_sec: + description: + Limits total inbound and outbound recovery traffic + for each node. Applies to both peer recoveries as well as + snapshot recoveries (i.e., restores from a snapshot). Defaults + to 40mb + maximum: 400 + minimum: 40 + type: integer + indices_recovery_max_concurrent_file_chunks: + description: + Number of file chunks sent in parallel for each + recovery. Defaults to 2. + maximum: 5 + minimum: 2 + type: integer + ism_enabled: + description: Specifies whether ISM is enabled or not + type: boolean + ism_history_enabled: + description: + Specifies whether audit history is enabled or + not. The logs from ISM are automatically indexed to a logs + document. + type: boolean + ism_history_max_age: + description: + The maximum age before rolling over the audit + history index in hours + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_max_docs: + description: + The maximum number of documents before rolling + over the audit history index. + minimum: 1 + type: integer + ism_history_rollover_check_period: + description: + The time between rollover checks for the audit + history index in hours. + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_rollover_retention_period: + description: How long audit history indices are kept in days. + maximum: 2147483647 + minimum: 1 + type: integer + override_main_response_version: + description: + Compatibility mode sets OpenSearch to report + its version as 7.10 so clients continue to work. Default + is false + type: boolean + reindex_remote_whitelist: + description: + Whitelisted addresses for reindexing. Changing + this value will cause all OpenSearch instances to restart. + items: + type: string + maxItems: 32 + type: array + script_max_compilations_rate: + description: + Script compilation circuit breaker limits the + number of inline script compilations within a period of + time. Default is use-context + maxLength: 1024 + type: string + search_max_buckets: + description: + Maximum number of aggregation buckets allowed + in a single response. OpenSearch default value is used when + this is not defined. + maximum: 1000000 + minimum: 1 + type: integer + thread_pool_analyze_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_analyze_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_force_merge_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_get_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_get_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_throttled_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_throttled_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_write_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_write_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + type: object + opensearch_dashboards: + description: OpenSearch Dashboards settings + properties: + enabled: + description: Enable or disable OpenSearch Dashboards + type: boolean + max_old_space_size: + description: + "Limits the maximum amount of memory (in MiB) + the OpenSearch Dashboards process can use. This sets the + max_old_space_size option of the nodejs running the OpenSearch + Dashboards. Note: the memory reserved by OpenSearch Dashboards + is not available for OpenSearch." + maximum: 2048 + minimum: 64 + type: integer + opensearch_request_timeout: + description: + Timeout in milliseconds for requests made by + OpenSearch Dashboards towards OpenSearch + maximum: 120000 + minimum: 5000 + type: integer + type: object + opensearch_version: + description: OpenSearch major version + enum: + - "1" + - "2" + type: string + private_access: + description: + Allow access to selected service ports from private + networks + properties: + opensearch: + description: + Allow clients to connect to opensearch with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + opensearch_dashboards: + description: + Allow clients to connect to opensearch_dashboards + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + opensearch: + description: Enable opensearch + type: boolean + opensearch_dashboards: + description: Enable opensearch_dashboards + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + opensearch: + description: + Allow clients to connect to opensearch from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + opensearch_dashboards: + description: + Allow clients to connect to opensearch_dashboards + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ + type: string + saml: + description: OpenSearch SAML configuration + properties: + enabled: + description: + Enables or disables SAML-based authentication + for OpenSearch. When enabled, users can authenticate using + SAML with an Identity Provider. + type: boolean + idp_entity_id: + description: + The unique identifier for the Identity Provider + (IdP) entity that is used for SAML authentication. This + value is typically provided by the IdP. + maxLength: 1024 + minLength: 1 + type: string + idp_metadata_url: + description: + The URL of the SAML metadata for the Identity + Provider (IdP). This is used to configure SAML-based authentication + with the IdP. + maxLength: 2048 + minLength: 1 + type: string + idp_pemtrustedcas_content: + description: + This parameter specifies the PEM-encoded root + certificate authority (CA) content for the SAML identity + provider (IdP) server verification. The root CA content + is used to verify the SSL/TLS certificate presented by the + server. + maxLength: 16384 + type: string + roles_key: + description: + Optional. Specifies the attribute in the SAML + response where role information is stored, if available. + Role attributes are not required for SAML authentication, + but can be included in SAML assertions by most Identity + Providers (IdPs) to determine user access levels or permissions. + maxLength: 256 + minLength: 1 + type: string + sp_entity_id: + description: + The unique identifier for the Service Provider + (SP) entity that is used for SAML authentication. This value + is typically provided by the SP. + maxLength: 1024 + minLength: 1 + type: string + subject_key: + description: + Optional. Specifies the attribute in the SAML + response where the subject identifier is stored. If not + configured, the NameID attribute is used by default. + maxLength: 256 + minLength: 1 type: string required: - - network + - enabled + - idp_entity_id + - idp_metadata_url + - sp_entity_id type: object - maxItems: 1024 - type: array - keep_index_refresh_interval: - description: Aiven automation resets index.refresh_interval to - default value for every index to be sure that indices are always - visible to search. If it doesn't fit your case, you can disable - this by setting up this flag to true. - type: boolean - max_index_count: - description: 'DEPRECATED: use index_patterns instead' - minimum: 0 - type: integer - openid: - description: OpenSearch OpenID Connect Configuration - properties: - client_id: - description: The ID of the OpenID Connect client configured - in your IdP. Required. - maxLength: 1024 - minLength: 1 - type: string - client_secret: - description: The client secret of the OpenID Connect client - configured in your IdP. Required. - maxLength: 1024 - minLength: 1 - type: string - connect_url: - description: The URL of your IdP where the Security plugin - can find the OpenID Connect metadata/configuration settings. - maxLength: 2048 - type: string - enabled: - description: Enables or disables OpenID Connect authentication - for OpenSearch. When enabled, users can authenticate using - OpenID Connect with an Identity Provider. - type: boolean - header: - description: HTTP header name of the JWT token. Optional. - Default is Authorization. - maxLength: 1024 - minLength: 1 - type: string - jwt_header: - description: 'The HTTP header that stores the token. Typically - the Authorization header with the Bearer schema: Authorization: - Bearer . Optional. Default is Authorization.' - maxLength: 1024 - minLength: 1 - type: string - jwt_url_parameter: - description: If the token is not transmitted in the HTTP header, - but as an URL parameter, define the name of the parameter - here. Optional. - maxLength: 1024 - minLength: 1 - type: string - refresh_rate_limit_count: - description: The maximum number of unknown key IDs in the - time frame. Default is 10. Optional. - minimum: 10 - type: integer - refresh_rate_limit_time_window_ms: - description: The time frame to use when checking the maximum - number of unknown key IDs, in milliseconds. Optional.Default - is 10000 (10 seconds). - minimum: 10000 - type: integer - roles_key: - description: The key in the JSON payload that stores the user’s - roles. The value of this key must be a comma-separated list - of roles. Required only if you want to use roles in the - JWT - maxLength: 1024 - minLength: 1 - type: string - scope: - description: The scope of the identity token issued by the - IdP. Optional. Default is openid profile email address phone. - maxLength: 1024 - minLength: 1 - type: string - subject_key: - description: The key in the JSON payload that stores the user’s - name. If not defined, the subject registered claim is used. - Most IdP providers use the preferred_username claim. Optional. - maxLength: 1024 - minLength: 1 - type: string - required: - - client_id - - client_secret - - connect_url - type: object - opensearch: - description: OpenSearch settings + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + x-kubernetes-validations: + - message: + connInfoSecretTargetDisabled can only be set during resource + creation. + rule: has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled) + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - action_auto_create_index_enabled: - description: Explicitly allow or block automatic creation - of indices. Defaults to true - type: boolean - action_destructive_requires_name: - description: Require explicit index names when deleting - type: boolean - auth_failure_listeners: - description: Opensearch Security Plugin Settings - properties: - internal_authentication_backend_limiting: - properties: - allowed_tries: - description: The number of login attempts allowed - before login is blocked - maximum: 2147483647 - minimum: 0 - type: integer - authentication_backend: - description: internal_authentication_backend_limiting.authentication_backend - enum: - - internal - maxLength: 1024 - type: string - block_expiry_seconds: - description: The duration of time that login remains - blocked after a failed login - maximum: 2147483647 - minimum: 0 - type: integer - max_blocked_clients: - description: internal_authentication_backend_limiting.max_blocked_clients - maximum: 2147483647 - minimum: 0 - type: integer - max_tracked_clients: - description: The maximum number of tracked IP addresses - that have failed login - maximum: 2147483647 - minimum: 0 - type: integer - time_window_seconds: - description: The window of time in which the value - for `allowed_tries` is enforced - maximum: 2147483647 - minimum: 0 - type: integer - type: - description: internal_authentication_backend_limiting.type - enum: - - username - maxLength: 1024 - type: string - type: object - ip_rate_limiting: - description: IP address rate limiting settings - properties: - allowed_tries: - description: The number of login attempts allowed - before login is blocked - maximum: 2147483647 - minimum: 1 - type: integer - block_expiry_seconds: - description: The duration of time that login remains - blocked after a failed login - maximum: 36000 - minimum: 1 - type: integer - max_blocked_clients: - description: The maximum number of blocked IP addresses - maximum: 2147483647 - minimum: 0 - type: integer - max_tracked_clients: - description: The maximum number of tracked IP addresses - that have failed login - maximum: 2147483647 - minimum: 0 - type: integer - time_window_seconds: - description: The window of time in which the value - for `allowed_tries` is enforced - maximum: 36000 - minimum: 1 - type: integer - type: - description: The type of rate limiting - enum: - - ip - maxLength: 1024 - type: string - type: object - type: object - cluster_max_shards_per_node: - description: Controls the number of shards allowed in the - cluster per data node - maximum: 10000 - minimum: 100 - type: integer - cluster_routing_allocation_node_concurrent_recoveries: - description: How many concurrent incoming/outgoing shard recoveries - (normally replicas) are allowed to happen on a node. Defaults - to 2. - maximum: 16 - minimum: 2 - type: integer - email_sender_name: - description: Sender name placeholder to be used in Opensearch - Dashboards and Opensearch keystore - maxLength: 40 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - email_sender_password: - description: Sender password for Opensearch alerts to authenticate - with SMTP server - maxLength: 1024 - pattern: ^[^\x00-\x1F]+$ - type: string - email_sender_username: - description: Sender username for Opensearch alerts - maxLength: 320 - pattern: ^[^\x00-\x1F]+$ + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - http_max_content_length: - description: Maximum content length for HTTP requests to the - OpenSearch HTTP API, in bytes. - maximum: 2147483647 - minimum: 1 - type: integer - http_max_header_size: - description: The max size of allowed headers, in bytes - maximum: 262144 - minimum: 1024 - type: integer - http_max_initial_line_length: - description: The max length of an HTTP URL, in bytes - maximum: 65536 - minimum: 1024 - type: integer - indices_fielddata_cache_size: - description: Relative amount. Maximum amount of heap memory - used for field data cache. This is an expert setting; decreasing - the value too much will increase overhead of loading field - data; too much memory used for field data cache will decrease - amount of heap available for other operations. - maximum: 100 - minimum: 3 - type: integer - indices_memory_index_buffer_size: - description: Percentage value. Default is 10%. Total amount - of heap used for indexing buffer, before writing segments - to disk. This is an expert setting. Too low value will slow - down indexing; too high value will increase indexing performance - but causes performance issues for query performance. - maximum: 40 - minimum: 3 - type: integer - indices_memory_max_index_buffer_size: - description: Absolute value. Default is unbound. Doesn't work - without indices.memory.index_buffer_size. Maximum amount - of heap used for query cache, an absolute indices.memory.index_buffer_size - maximum hard limit. - maximum: 2048 - minimum: 3 - type: integer - indices_memory_min_index_buffer_size: - description: Absolute value. Default is 48mb. Doesn't work - without indices.memory.index_buffer_size. Minimum amount - of heap used for query cache, an absolute indices.memory.index_buffer_size - minimal hard limit. - maximum: 2048 - minimum: 3 - type: integer - indices_queries_cache_size: - description: Percentage value. Default is 10%. Maximum amount - of heap used for query cache. This is an expert setting. - Too low value will decrease query performance and increase - performance for other operations; too high value will cause - issues with other OpenSearch functionality. - maximum: 40 - minimum: 3 - type: integer - indices_query_bool_max_clause_count: - description: Maximum number of clauses Lucene BooleanQuery - can have. The default value (1024) is relatively high, and - increasing it may cause performance issues. Investigate - other approaches first before increasing this value. - maximum: 4096 - minimum: 64 - type: integer - indices_recovery_max_bytes_per_sec: - description: Limits total inbound and outbound recovery traffic - for each node. Applies to both peer recoveries as well as - snapshot recoveries (i.e., restores from a snapshot). Defaults - to 40mb - maximum: 400 - minimum: 40 - type: integer - indices_recovery_max_concurrent_file_chunks: - description: Number of file chunks sent in parallel for each - recovery. Defaults to 2. - maximum: 5 - minimum: 2 - type: integer - ism_enabled: - description: Specifies whether ISM is enabled or not - type: boolean - ism_history_enabled: - description: Specifies whether audit history is enabled or - not. The logs from ISM are automatically indexed to a logs - document. - type: boolean - ism_history_max_age: - description: The maximum age before rolling over the audit - history index in hours - maximum: 2147483647 - minimum: 1 - type: integer - ism_history_max_docs: - description: The maximum number of documents before rolling - over the audit history index. - minimum: 1 - type: integer - ism_history_rollover_check_period: - description: The time between rollover checks for the audit - history index in hours. - maximum: 2147483647 - minimum: 1 - type: integer - ism_history_rollover_retention_period: - description: How long audit history indices are kept in days. - maximum: 2147483647 - minimum: 1 - type: integer - override_main_response_version: - description: Compatibility mode sets OpenSearch to report - its version as 7.10 so clients continue to work. Default - is false - type: boolean - reindex_remote_whitelist: - description: Whitelisted addresses for reindexing. Changing - this value will cause all OpenSearch instances to restart. - items: - type: string - maxItems: 32 - type: array - script_max_compilations_rate: - description: Script compilation circuit breaker limits the - number of inline script compilations within a period of - time. Default is use-context - maxLength: 1024 + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - search_max_buckets: - description: Maximum number of aggregation buckets allowed - in a single response. OpenSearch default value is used when - this is not defined. - maximum: 1000000 - minimum: 1 - type: integer - thread_pool_analyze_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_analyze_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_force_merge_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_get_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_get_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_search_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_search_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_search_throttled_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_search_throttled_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_write_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_write_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - type: object - opensearch_dashboards: - description: OpenSearch Dashboards settings - properties: - enabled: - description: Enable or disable OpenSearch Dashboards - type: boolean - max_old_space_size: - description: 'Limits the maximum amount of memory (in MiB) - the OpenSearch Dashboards process can use. This sets the - max_old_space_size option of the nodejs running the OpenSearch - Dashboards. Note: the memory reserved by OpenSearch Dashboards - is not available for OpenSearch.' - maximum: 2048 - minimum: 64 - type: integer - opensearch_request_timeout: - description: Timeout in milliseconds for requests made by - OpenSearch Dashboards towards OpenSearch - maximum: 120000 - minimum: 5000 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 type: integer - type: object - opensearch_version: - description: OpenSearch major version - enum: - - "1" - - "2" - type: string - private_access: - description: Allow access to selected service ports from private - networks - properties: - opensearch: - description: Allow clients to connect to opensearch with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - opensearch_dashboards: - description: Allow clients to connect to opensearch_dashboards - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - opensearch: - description: Enable opensearch - type: boolean - opensearch_dashboards: - description: Enable opensearch_dashboards - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - opensearch: - description: Allow clients to connect to opensearch from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - opensearch_dashboards: - description: Allow clients to connect to opensearch_dashboards - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ - type: string - saml: - description: OpenSearch SAML configuration - properties: - enabled: - description: Enables or disables SAML-based authentication - for OpenSearch. When enabled, users can authenticate using - SAML with an Identity Provider. - type: boolean - idp_entity_id: - description: The unique identifier for the Identity Provider - (IdP) entity that is used for SAML authentication. This - value is typically provided by the IdP. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - idp_metadata_url: - description: The URL of the SAML metadata for the Identity - Provider (IdP). This is used to configure SAML-based authentication - with the IdP. - maxLength: 2048 - minLength: 1 - type: string - idp_pemtrustedcas_content: - description: This parameter specifies the PEM-encoded root - certificate authority (CA) content for the SAML identity - provider (IdP) server verification. The root CA content - is used to verify the SSL/TLS certificate presented by the - server. - maxLength: 16384 - type: string - roles_key: - description: Optional. Specifies the attribute in the SAML - response where role information is stored, if available. - Role attributes are not required for SAML authentication, - but can be included in SAML assertions by most Identity - Providers (IdPs) to determine user access levels or permissions. - maxLength: 256 - minLength: 1 - type: string - sp_entity_id: - description: The unique identifier for the Service Provider - (SP) entity that is used for SAML authentication. This value - is typically provided by the SP. - maxLength: 1024 - minLength: 1 + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - subject_key: - description: Optional. Specifies the attribute in the SAML - response where the subject identifier is stored. If not - configured, the NameID attribute is used by default. - maxLength: 256 - minLength: 1 + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - enabled - - idp_entity_id - - idp_metadata_url - - sp_entity_id + - lastTransitionTime + - message + - reason + - status + - type type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml b/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml index d22d4d6..555c7e2 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml @@ -15,951 +15,1085 @@ spec: singular: postgresql scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: PostgreSQL is the Schema for the postgresql API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: PostgreSQLSpec defines the desired state of postgres instance - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `POSTGRESQL_HOST`, `POSTGRESQL_PORT`, `POSTGRESQL_DATABASE`, `POSTGRESQL_USER`, - `POSTGRESQL_PASSWORD`, `POSTGRESQL_SSLMODE`, `POSTGRESQL_DATABASE_URI`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: PostgreSQL is the Schema for the postgresql API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: PostgreSQLSpec defines the desired state of postgres instance + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: PostgreSQL specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `POSTGRESQL_HOST`, `POSTGRESQL_PORT`, `POSTGRESQL_DATABASE`, `POSTGRESQL_USER`, + `POSTGRESQL_PASSWORD`, `POSTGRESQL_SSLMODE`, `POSTGRESQL_DATABASE_URI`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - maxItems: 1 - type: array - admin_password: - description: Custom password for admin user. Defaults to random - string. This must be set only when a new service is being created. - maxLength: 256 - minLength: 8 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - x-kubernetes-validations: - - message: Value is immutable + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + connInfoSecretTargetDisabled: + description: + When true, the secret containing connection information + will not be created, defaults to false. This field cannot be changed + after resource creation. + type: boolean + x-kubernetes-validations: + - message: connInfoSecretTargetDisabled is immutable. rule: self == oldSelf - admin_username: - description: Custom username for admin user. This must be set - only when a new service is being created. - maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - x-kubernetes-validations: + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - backup_hour: - description: The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 - minimum: 0 - type: integer - enable_ipv6: - description: Register AAAA DNS records for the service, and allow - IPv6 packets to service ports - type: boolean - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) + integrationType: enum: - - dump - - replication - type: string - password: - description: Password for authentication with the server where - to migrate data from - maxLength: 256 + - read_replica type: string - port: - description: Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: The server where to migrate data from is secured - with SSL - type: boolean - username: - description: User name for authentication with the server - where to migrate data from - maxLength: 256 - type: string - required: - - host - - port - type: object - pg: - description: postgresql.conf configuration values - properties: - autovacuum_analyze_scale_factor: - description: Specifies a fraction of the table size to add - to autovacuum_analyze_threshold when deciding whether to - trigger an ANALYZE. The default is 0.2 (20% of table size) - maximum: 1 - minimum: 0 - type: number - autovacuum_analyze_threshold: - description: Specifies the minimum number of inserted, updated - or deleted tuples needed to trigger an ANALYZE in any one - table. The default is 50 tuples. - maximum: 2147483647 - minimum: 0 - type: integer - autovacuum_freeze_max_age: - description: Specifies the maximum age (in transactions) that - a table's pg_class.relfrozenxid field can attain before - a VACUUM operation is forced to prevent transaction ID wraparound - within the table. Note that the system will launch autovacuum - processes to prevent wraparound even when autovacuum is - otherwise disabled. This parameter will cause the server - to be restarted. - maximum: 1500000000 - minimum: 200000000 - type: integer - autovacuum_max_workers: - description: Specifies the maximum number of autovacuum processes - (other than the autovacuum launcher) that may be running - at any one time. The default is three. This parameter can - only be set at server start. - maximum: 20 - minimum: 1 - type: integer - autovacuum_naptime: - description: Specifies the minimum delay between autovacuum - runs on any given database. The delay is measured in seconds, - and the default is one minute - maximum: 86400 - minimum: 1 - type: integer - autovacuum_vacuum_cost_delay: - description: Specifies the cost delay value that will be used - in automatic VACUUM operations. If -1 is specified, the - regular vacuum_cost_delay value will be used. The default - value is 20 milliseconds - maximum: 100 - minimum: -1 - type: integer - autovacuum_vacuum_cost_limit: - description: Specifies the cost limit value that will be used - in automatic VACUUM operations. If -1 is specified (which - is the default), the regular vacuum_cost_limit value will - be used. - maximum: 10000 - minimum: -1 - type: integer - autovacuum_vacuum_scale_factor: - description: Specifies a fraction of the table size to add - to autovacuum_vacuum_threshold when deciding whether to - trigger a VACUUM. The default is 0.2 (20% of table size) - maximum: 1 - minimum: 0 - type: number - autovacuum_vacuum_threshold: - description: Specifies the minimum number of updated or deleted - tuples needed to trigger a VACUUM in any one table. The - default is 50 tuples - maximum: 2147483647 - minimum: 0 - type: integer - bgwriter_delay: - description: Specifies the delay between activity rounds for - the background writer in milliseconds. Default is 200. - maximum: 10000 - minimum: 10 - type: integer - bgwriter_flush_after: - description: Whenever more than bgwriter_flush_after bytes - have been written by the background writer, attempt to force - the OS to issue these writes to the underlying storage. - Specified in kilobytes, default is 512. Setting of 0 disables - forced writeback. - maximum: 2048 - minimum: 0 - type: integer - bgwriter_lru_maxpages: - description: In each round, no more than this many buffers - will be written by the background writer. Setting this to - zero disables background writing. Default is 100. - maximum: 1073741823 - minimum: 0 - type: integer - bgwriter_lru_multiplier: - description: The average recent need for new buffers is multiplied - by bgwriter_lru_multiplier to arrive at an estimate of the - number that will be needed during the next round, (up to - bgwriter_lru_maxpages). 1.0 represents a “just in time” - policy of writing exactly the number of buffers predicted - to be needed. Larger values provide some cushion against - spikes in demand, while smaller values intentionally leave - writes to be done by server processes. The default is 2.0. - maximum: 10 - minimum: 0 - type: number - deadlock_timeout: - description: This is the amount of time, in milliseconds, - to wait on a lock before checking to see if there is a deadlock - condition. - maximum: 1800000 - minimum: 500 - type: integer - default_toast_compression: - description: Specifies the default TOAST compression method - for values of compressible columns (the default is lz4). - enum: - - lz4 - - pglz - type: string - idle_in_transaction_session_timeout: - description: Time out sessions with open transactions after - this number of milliseconds - maximum: 604800000 - minimum: 0 - type: integer - jit: - description: Controls system-wide use of Just-in-Time Compilation - (JIT). - type: boolean - log_autovacuum_min_duration: - description: Causes each action executed by autovacuum to - be logged if it ran for at least the specified number of - milliseconds. Setting this to zero logs all autovacuum actions. - Minus-one (the default) disables logging autovacuum actions. - maximum: 2147483647 - minimum: -1 - type: integer - log_error_verbosity: - description: Controls the amount of detail written in the - server log for each message that is logged. - enum: - - TERSE - - DEFAULT - - VERBOSE - type: string - log_line_prefix: - description: Choose from one of the available log-formats. - These can support popular log analyzers like pgbadger, pganalyze - etc. - enum: - - '''pid=%p,user=%u,db=%d,app=%a,client=%h ''' - - '''%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h ''' - - '''%m [%p] %q[user=%u,db=%d,app=%a] ''' - type: string - log_min_duration_statement: - description: Log statements that take more than this number - of milliseconds to run, -1 disables - maximum: 86400000 - minimum: -1 - type: integer - log_temp_files: - description: Log statements for each temporary file created - larger than this number of kilobytes, -1 disables - maximum: 2147483647 - minimum: -1 - type: integer - max_files_per_process: - description: PostgreSQL maximum number of files that can be - open per process - maximum: 4096 - minimum: 1000 - type: integer - max_locks_per_transaction: - description: PostgreSQL maximum locks per transaction - maximum: 6400 - minimum: 64 - type: integer - max_logical_replication_workers: - description: PostgreSQL maximum logical replication workers - (taken from the pool of max_parallel_workers) - maximum: 64 - minimum: 4 - type: integer - max_parallel_workers: - description: Sets the maximum number of workers that the system - can support for parallel queries - maximum: 96 - minimum: 0 - type: integer - max_parallel_workers_per_gather: - description: Sets the maximum number of workers that can be - started by a single Gather or Gather Merge node - maximum: 96 - minimum: 0 - type: integer - max_pred_locks_per_transaction: - description: PostgreSQL maximum predicate locks per transaction - maximum: 5120 - minimum: 64 - type: integer - max_prepared_transactions: - description: PostgreSQL maximum prepared transactions - maximum: 10000 - minimum: 0 - type: integer - max_replication_slots: - description: PostgreSQL maximum replication slots - maximum: 64 - minimum: 8 - type: integer - max_slot_wal_keep_size: - description: PostgreSQL maximum WAL size (MB) reserved for - replication slots. Default is -1 (unlimited). wal_keep_size - minimum WAL size setting takes precedence over this. - maximum: 2147483647 - minimum: -1 - type: integer - max_stack_depth: - description: Maximum depth of the stack in bytes - maximum: 6291456 - minimum: 2097152 - type: integer - max_standby_archive_delay: - description: Max standby archive delay in milliseconds - maximum: 43200000 - minimum: 1 - type: integer - max_standby_streaming_delay: - description: Max standby streaming delay in milliseconds - maximum: 43200000 - minimum: 1 - type: integer - max_wal_senders: - description: PostgreSQL maximum WAL senders - maximum: 64 - minimum: 20 - type: integer - max_worker_processes: - description: Sets the maximum number of background processes - that the system can support - maximum: 96 - minimum: 8 - type: integer - pg_partman_bgw.interval: - description: Sets the time interval to run pg_partman's scheduled - tasks - maximum: 604800 - minimum: 3600 - type: integer - pg_partman_bgw.role: - description: Controls which role to use for pg_partman's scheduled - background tasks. + sourceServiceName: maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ + minLength: 1 type: string - pg_stat_monitor.pgsm_enable_query_plan: - description: Enables or disables query plan monitoring - type: boolean - pg_stat_monitor.pgsm_max_buckets: - description: Sets the maximum number of buckets - maximum: 10 - minimum: 1 - type: integer - pg_stat_statements.track: - description: Controls which statements are counted. Specify - top to track top-level statements (those issued directly - by clients), all to also track nested statements (such as - statements invoked within functions), or none to disable - statement statistics collection. The default value is top. - enum: - - all - - top - - none - type: string - temp_file_limit: - description: PostgreSQL temporary file limit in KiB, -1 for - unlimited - maximum: 2147483647 - minimum: -1 - type: integer - timezone: - description: PostgreSQL service timezone - maxLength: 64 - type: string - track_activity_query_size: - description: Specifies the number of bytes reserved to track - the currently executing command for each active session. - maximum: 10240 - minimum: 1024 - type: integer - track_commit_timestamp: - description: Record commit time of transactions. - enum: - - "off" - - "on" - type: string - track_functions: - description: Enables tracking of function call counts and - time used. - enum: - - all - - pl - - none - type: string - track_io_timing: - description: Enables timing of database I/O calls. This parameter - is off by default, because it will repeatedly query the - operating system for the current time, which may cause significant - overhead on some platforms. - enum: - - "off" - - "on" - type: string - wal_sender_timeout: - description: Terminate replication connections that are inactive - for longer than this amount of time, in milliseconds. Setting - this value to zero disables the timeout. - type: integer - wal_writer_delay: - description: WAL flush interval in milliseconds. Note that - setting this value to lower than the default 200ms may negatively - impact performance - maximum: 200 - minimum: 10 - type: integer - type: object - pg_qualstats: - description: Deprecated. System-wide settings for the pg_qualstats - extension - properties: - enabled: - description: Deprecated. Enable / Disable pg_qualstats - type: boolean - min_err_estimate_num: - description: Deprecated. Error estimation num threshold to - save quals - minimum: 0 - type: integer - min_err_estimate_ratio: - description: Deprecated. Error estimation ratio threshold - to save quals - minimum: 0 - type: integer - track_constants: - description: Deprecated. Enable / Disable pg_qualstats constants - tracking - type: boolean - track_pg_catalog: - description: Deprecated. Track quals on system catalogs too. - type: boolean + required: + - integrationType + - sourceServiceName type: object - pg_read_replica: - description: Should the service which is being forked be a read - replica (deprecated, use read_replica service integration instead). - type: boolean - pg_service_to_fork_from: - description: Name of the PG Service from which to fork (deprecated, - use service_to_fork_from). This has effect only when a new service - is being created. - maxLength: 64 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - pg_stat_monitor_enable: - description: Enable the pg_stat_monitor extension. Enabling this - extension will cause the cluster to be restarted.When this extension - is enabled, pg_stat_statements results for utility commands - are unreliable - type: boolean - pg_version: - description: PostgreSQL major version - enum: - - "11" - - "12" - - "13" - - "14" - - "15" + tags: + additionalProperties: type: string - pgbouncer: - description: PGBouncer connection pooling settings + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + technicalEmails: + description: + Defines the email addresses that will receive alerts + about upcoming maintenance updates or warnings about service instability. + items: properties: - autodb_idle_timeout: - description: If the automatically created database pools have - been unused this many seconds, they are freed. If 0 then - timeout is disabled. [seconds] - maximum: 86400 - minimum: 0 - type: integer - autodb_max_db_connections: - description: Do not allow more than this many server connections - per database (regardless of user). Setting it to 0 means - unlimited. - maximum: 2147483647 - minimum: 0 - type: integer - autodb_pool_mode: - description: PGBouncer pool mode - enum: - - session - - transaction - - statement + email: + description: Email address. + format: ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ type: string - autodb_pool_size: - description: If non-zero then create automatically a pool - of that size per user when a pool doesn't exist. - maximum: 10000 - minimum: 0 - type: integer - ignore_startup_parameters: - description: List of parameters to ignore when given in startup - packet - items: - type: string - maxItems: 32 - type: array - min_pool_size: - description: Add more server connections to pool if below - this number. Improves behavior when usual load comes suddenly - back after period of total inactivity. The value is effectively - capped at the pool size. - maximum: 10000 - minimum: 0 - type: integer - server_idle_timeout: - description: If a server connection has been idle more than - this many seconds it will be dropped. If 0 then timeout - is disabled. [seconds] - maximum: 86400 - minimum: 0 - type: integer - server_lifetime: - description: The pooler will close an unused server connection - that has been connected longer than this. [seconds] - maximum: 86400 - minimum: 60 - type: integer - server_reset_query_always: - description: Run server_reset_query (DISCARD ALL) in all pooling - modes - type: boolean - type: object - pglookout: - description: System-wide settings for pglookout. - properties: - max_failover_replication_time_lag: - description: Number of seconds of master unavailability before - triggering database failover to standby - minimum: 10 - type: integer - type: object - private_access: - description: Allow access to selected service ports from private - networks - properties: - pg: - description: Allow clients to connect to pg with a DNS name - that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - pgbouncer: - description: Allow clients to connect to pgbouncer with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - pg: - description: Enable pg - type: boolean - pgbouncer: - description: Enable pgbouncer - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - pg: - description: Allow clients to connect to pg from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - pgbouncer: - description: Allow clients to connect to pgbouncer from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_target_time: - description: Recovery target time when forking a service. This - has effect only when a new service is being created. - maxLength: 32 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - shared_buffers_percentage: - description: Percentage of total RAM that the database server - uses for shared memory buffers. Valid range is 20-60 (float), - which corresponds to 20% - 60%. This setting adjusts the shared_buffers - configuration value. - maximum: 60 - minimum: 20 - type: number - static_ips: - description: Use static public IP addresses - type: boolean - synchronous_replication: - description: Synchronous replication type. Note that the service - plan also needs to support synchronous replication. - enum: - - quorum - - "off" - type: string - timescaledb: - description: System-wide settings for the timescaledb extension - properties: - max_background_workers: - description: The number of background workers for timescaledb - operations. You should configure this setting to the sum - of your number of databases and the total number of concurrent - background workers you want running at any given point in - time. - maximum: 4096 - minimum: 1 - type: integer + required: + - email type: object - variant: - description: Variant of the PostgreSQL service, may affect the - features that are exposed by default - enum: - - aiven - - timescale - type: string - work_mem: - description: Sets the maximum amount of memory to be used by a - query operation (such as a sort or hash table) before writing - to temporary disk files, in MB. Default is 1MB + 0.075% of total - RAM (up to 32MB). - maximum: 1024 - minimum: 1 - type: integer - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + maxItems: 10 + type: array + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: PostgreSQL specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + admin_password: + description: + Custom password for admin user. Defaults to random + string. This must be set only when a new service is being created. + maxLength: 256 + minLength: 8 + pattern: ^[a-zA-Z0-9-_]+$ type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + admin_username: + description: + Custom username for admin user. This must be set + only when a new service is being created. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + backup_hour: + description: + The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + backup_minute: + description: + The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + enable_ipv6: + description: + Register AAAA DNS records for the service, and allow + IPv6 packets to service ports + type: boolean + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server + properties: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: + Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: + Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: + The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) + enum: + - dump + - replication + type: string + password: + description: + Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: + Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: + The server where to migrate data from is secured + with SSL + type: boolean + username: + description: + User name for authentication with the server + where to migrate data from + maxLength: 256 + type: string + required: + - host + - port + type: object + pg: + description: postgresql.conf configuration values + properties: + autovacuum_analyze_scale_factor: + description: + Specifies a fraction of the table size to add + to autovacuum_analyze_threshold when deciding whether to + trigger an ANALYZE. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_analyze_threshold: + description: + Specifies the minimum number of inserted, updated + or deleted tuples needed to trigger an ANALYZE in any one + table. The default is 50 tuples. + maximum: 2147483647 + minimum: 0 + type: integer + autovacuum_freeze_max_age: + description: + Specifies the maximum age (in transactions) that + a table's pg_class.relfrozenxid field can attain before + a VACUUM operation is forced to prevent transaction ID wraparound + within the table. Note that the system will launch autovacuum + processes to prevent wraparound even when autovacuum is + otherwise disabled. This parameter will cause the server + to be restarted. + maximum: 1500000000 + minimum: 200000000 + type: integer + autovacuum_max_workers: + description: + Specifies the maximum number of autovacuum processes + (other than the autovacuum launcher) that may be running + at any one time. The default is three. This parameter can + only be set at server start. + maximum: 20 + minimum: 1 + type: integer + autovacuum_naptime: + description: + Specifies the minimum delay between autovacuum + runs on any given database. The delay is measured in seconds, + and the default is one minute + maximum: 86400 + minimum: 1 + type: integer + autovacuum_vacuum_cost_delay: + description: + Specifies the cost delay value that will be used + in automatic VACUUM operations. If -1 is specified, the + regular vacuum_cost_delay value will be used. The default + value is 20 milliseconds + maximum: 100 + minimum: -1 + type: integer + autovacuum_vacuum_cost_limit: + description: + Specifies the cost limit value that will be used + in automatic VACUUM operations. If -1 is specified (which + is the default), the regular vacuum_cost_limit value will + be used. + maximum: 10000 + minimum: -1 + type: integer + autovacuum_vacuum_scale_factor: + description: + Specifies a fraction of the table size to add + to autovacuum_vacuum_threshold when deciding whether to + trigger a VACUUM. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_vacuum_threshold: + description: + Specifies the minimum number of updated or deleted + tuples needed to trigger a VACUUM in any one table. The + default is 50 tuples + maximum: 2147483647 + minimum: 0 + type: integer + bgwriter_delay: + description: + Specifies the delay between activity rounds for + the background writer in milliseconds. Default is 200. + maximum: 10000 + minimum: 10 + type: integer + bgwriter_flush_after: + description: + Whenever more than bgwriter_flush_after bytes + have been written by the background writer, attempt to force + the OS to issue these writes to the underlying storage. + Specified in kilobytes, default is 512. Setting of 0 disables + forced writeback. + maximum: 2048 + minimum: 0 + type: integer + bgwriter_lru_maxpages: + description: + In each round, no more than this many buffers + will be written by the background writer. Setting this to + zero disables background writing. Default is 100. + maximum: 1073741823 + minimum: 0 + type: integer + bgwriter_lru_multiplier: + description: + The average recent need for new buffers is multiplied + by bgwriter_lru_multiplier to arrive at an estimate of the + number that will be needed during the next round, (up to + bgwriter_lru_maxpages). 1.0 represents a “just in time” + policy of writing exactly the number of buffers predicted + to be needed. Larger values provide some cushion against + spikes in demand, while smaller values intentionally leave + writes to be done by server processes. The default is 2.0. + maximum: 10 + minimum: 0 + type: number + deadlock_timeout: + description: + This is the amount of time, in milliseconds, + to wait on a lock before checking to see if there is a deadlock + condition. + maximum: 1800000 + minimum: 500 + type: integer + default_toast_compression: + description: + Specifies the default TOAST compression method + for values of compressible columns (the default is lz4). + enum: + - lz4 + - pglz + type: string + idle_in_transaction_session_timeout: + description: + Time out sessions with open transactions after + this number of milliseconds + maximum: 604800000 + minimum: 0 + type: integer + jit: + description: + Controls system-wide use of Just-in-Time Compilation + (JIT). + type: boolean + log_autovacuum_min_duration: + description: + Causes each action executed by autovacuum to + be logged if it ran for at least the specified number of + milliseconds. Setting this to zero logs all autovacuum actions. + Minus-one (the default) disables logging autovacuum actions. + maximum: 2147483647 + minimum: -1 + type: integer + log_error_verbosity: + description: + Controls the amount of detail written in the + server log for each message that is logged. + enum: + - TERSE + - DEFAULT + - VERBOSE + type: string + log_line_prefix: + description: + Choose from one of the available log-formats. + These can support popular log analyzers like pgbadger, pganalyze + etc. + enum: + - "'pid=%p,user=%u,db=%d,app=%a,client=%h '" + - "'%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h '" + - "'%m [%p] %q[user=%u,db=%d,app=%a] '" + type: string + log_min_duration_statement: + description: + Log statements that take more than this number + of milliseconds to run, -1 disables + maximum: 86400000 + minimum: -1 + type: integer + log_temp_files: + description: + Log statements for each temporary file created + larger than this number of kilobytes, -1 disables + maximum: 2147483647 + minimum: -1 + type: integer + max_files_per_process: + description: + PostgreSQL maximum number of files that can be + open per process + maximum: 4096 + minimum: 1000 + type: integer + max_locks_per_transaction: + description: PostgreSQL maximum locks per transaction + maximum: 6400 + minimum: 64 + type: integer + max_logical_replication_workers: + description: + PostgreSQL maximum logical replication workers + (taken from the pool of max_parallel_workers) + maximum: 64 + minimum: 4 + type: integer + max_parallel_workers: + description: + Sets the maximum number of workers that the system + can support for parallel queries + maximum: 96 + minimum: 0 + type: integer + max_parallel_workers_per_gather: + description: + Sets the maximum number of workers that can be + started by a single Gather or Gather Merge node + maximum: 96 + minimum: 0 + type: integer + max_pred_locks_per_transaction: + description: PostgreSQL maximum predicate locks per transaction + maximum: 5120 + minimum: 64 + type: integer + max_prepared_transactions: + description: PostgreSQL maximum prepared transactions + maximum: 10000 + minimum: 0 + type: integer + max_replication_slots: + description: PostgreSQL maximum replication slots + maximum: 64 + minimum: 8 + type: integer + max_slot_wal_keep_size: + description: + PostgreSQL maximum WAL size (MB) reserved for + replication slots. Default is -1 (unlimited). wal_keep_size + minimum WAL size setting takes precedence over this. + maximum: 2147483647 + minimum: -1 + type: integer + max_stack_depth: + description: Maximum depth of the stack in bytes + maximum: 6291456 + minimum: 2097152 + type: integer + max_standby_archive_delay: + description: Max standby archive delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_standby_streaming_delay: + description: Max standby streaming delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_wal_senders: + description: PostgreSQL maximum WAL senders + maximum: 64 + minimum: 20 + type: integer + max_worker_processes: + description: + Sets the maximum number of background processes + that the system can support + maximum: 96 + minimum: 8 + type: integer + pg_partman_bgw.interval: + description: + Sets the time interval to run pg_partman's scheduled + tasks + maximum: 604800 + minimum: 3600 + type: integer + pg_partman_bgw.role: + description: + Controls which role to use for pg_partman's scheduled + background tasks. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ + type: string + pg_stat_monitor.pgsm_enable_query_plan: + description: Enables or disables query plan monitoring + type: boolean + pg_stat_monitor.pgsm_max_buckets: + description: Sets the maximum number of buckets + maximum: 10 + minimum: 1 + type: integer + pg_stat_statements.track: + description: + Controls which statements are counted. Specify + top to track top-level statements (those issued directly + by clients), all to also track nested statements (such as + statements invoked within functions), or none to disable + statement statistics collection. The default value is top. + enum: + - all + - top + - none + type: string + temp_file_limit: + description: + PostgreSQL temporary file limit in KiB, -1 for + unlimited + maximum: 2147483647 + minimum: -1 + type: integer + timezone: + description: PostgreSQL service timezone + maxLength: 64 + type: string + track_activity_query_size: + description: + Specifies the number of bytes reserved to track + the currently executing command for each active session. + maximum: 10240 + minimum: 1024 + type: integer + track_commit_timestamp: + description: Record commit time of transactions. + enum: + - "off" + - "on" + type: string + track_functions: + description: + Enables tracking of function call counts and + time used. + enum: + - all + - pl + - none + type: string + track_io_timing: + description: + Enables timing of database I/O calls. This parameter + is off by default, because it will repeatedly query the + operating system for the current time, which may cause significant + overhead on some platforms. + enum: + - "off" + - "on" + type: string + wal_sender_timeout: + description: + Terminate replication connections that are inactive + for longer than this amount of time, in milliseconds. Setting + this value to zero disables the timeout. + type: integer + wal_writer_delay: + description: + WAL flush interval in milliseconds. Note that + setting this value to lower than the default 200ms may negatively + impact performance + maximum: 200 + minimum: 10 + type: integer + type: object + pg_qualstats: + description: + Deprecated. System-wide settings for the pg_qualstats + extension + properties: + enabled: + description: Deprecated. Enable / Disable pg_qualstats + type: boolean + min_err_estimate_num: + description: + Deprecated. Error estimation num threshold to + save quals + minimum: 0 + type: integer + min_err_estimate_ratio: + description: + Deprecated. Error estimation ratio threshold + to save quals + minimum: 0 + type: integer + track_constants: + description: + Deprecated. Enable / Disable pg_qualstats constants + tracking + type: boolean + track_pg_catalog: + description: Deprecated. Track quals on system catalogs too. + type: boolean + type: object + pg_read_replica: + description: + Should the service which is being forked be a read + replica (deprecated, use read_replica service integration instead). + type: boolean + pg_service_to_fork_from: + description: + Name of the PG Service from which to fork (deprecated, + use service_to_fork_from). This has effect only when a new service + is being created. + maxLength: 64 type: string - status: - description: status of the condition, one of True, False, Unknown. + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + pg_stat_monitor_enable: + description: + Enable the pg_stat_monitor extension. Enabling this + extension will cause the cluster to be restarted.When this extension + is enabled, pg_stat_statements results for utility commands + are unreliable + type: boolean + pg_version: + description: PostgreSQL major version enum: - - "True" - - "False" - - Unknown + - "12" + - "13" + - "14" + - "15" + - "16" type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + pgbouncer: + description: PGBouncer connection pooling settings + properties: + autodb_idle_timeout: + description: + If the automatically created database pools have + been unused this many seconds, they are freed. If 0 then + timeout is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + autodb_max_db_connections: + description: + Do not allow more than this many server connections + per database (regardless of user). Setting it to 0 means + unlimited. + maximum: 2147483647 + minimum: 0 + type: integer + autodb_pool_mode: + description: PGBouncer pool mode + enum: + - session + - transaction + - statement + type: string + autodb_pool_size: + description: + If non-zero then create automatically a pool + of that size per user when a pool doesn't exist. + maximum: 10000 + minimum: 0 + type: integer + ignore_startup_parameters: + description: + List of parameters to ignore when given in startup + packet + items: + type: string + maxItems: 32 + type: array + min_pool_size: + description: + Add more server connections to pool if below + this number. Improves behavior when usual load comes suddenly + back after period of total inactivity. The value is effectively + capped at the pool size. + maximum: 10000 + minimum: 0 + type: integer + server_idle_timeout: + description: + If a server connection has been idle more than + this many seconds it will be dropped. If 0 then timeout + is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + server_lifetime: + description: + The pooler will close an unused server connection + that has been connected longer than this. [seconds] + maximum: 86400 + minimum: 60 + type: integer + server_reset_query_always: + description: + Run server_reset_query (DISCARD ALL) in all pooling + modes + type: boolean + type: object + pglookout: + description: System-wide settings for pglookout. + properties: + max_failover_replication_time_lag: + description: + Number of seconds of master unavailability before + triggering database failover to standby + minimum: 10 + type: integer + type: object + private_access: + description: + Allow access to selected service ports from private + networks + properties: + pg: + description: + Allow clients to connect to pg with a DNS name + that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + pgbouncer: + description: + Allow clients to connect to pgbouncer with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + pg: + description: Enable pg + type: boolean + pgbouncer: + description: Enable pgbouncer + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + pg: + description: + Allow clients to connect to pg from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + pgbouncer: + description: + Allow clients to connect to pgbouncer from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_target_time: + description: + Recovery target time when forking a service. This + has effect only when a new service is being created. + maxLength: 32 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + shared_buffers_percentage: + description: + Percentage of total RAM that the database server + uses for shared memory buffers. Valid range is 20-60 (float), + which corresponds to 20% - 60%. This setting adjusts the shared_buffers + configuration value. + maximum: 60 + minimum: 20 + type: number + static_ips: + description: Use static public IP addresses + type: boolean + synchronous_replication: + description: + Synchronous replication type. Note that the service + plan also needs to support synchronous replication. + enum: + - quorum + - "off" + type: string + timescaledb: + description: System-wide settings for the timescaledb extension + properties: + max_background_workers: + description: + The number of background workers for timescaledb + operations. You should configure this setting to the sum + of your number of databases and the total number of concurrent + background workers you want running at any given point in + time. + maximum: 4096 + minimum: 1 + type: integer + type: object + variant: + description: + Variant of the PostgreSQL service, may affect the + features that are exposed by default + enum: + - aiven + - timescale + type: string + work_mem: + description: + Sets the maximum amount of memory to be used by a + query operation (such as a sort or hash table) before writing + to temporary disk files, in MB. Default is 1MB + 0.075% of total + RAM (up to 32MB). + maximum: 1024 + minimum: 1 + type: integer type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + x-kubernetes-validations: + - message: + connInfoSecretTargetDisabled can only be set during resource + creation. + rule: has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled) + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_projects.yaml b/charts/aiven-operator-crds/templates/aiven.io_projects.yaml index 0bf1f9f..693a5b6 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_projects.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_projects.yaml @@ -15,229 +15,258 @@ spec: singular: project scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Project is the Schema for the projects API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ProjectSpec defines the desired state of Project - properties: - accountId: - description: Account ID - maxLength: 32 - type: string - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - billingAddress: - description: Billing name and address of the project - maxLength: 1000 - type: string - billingCurrency: - description: Billing currency - enum: - - AUD - - CAD - - CHF - - DKK - - EUR - - GBP - - NOK - - SEK - - USD - type: string - billingEmails: - description: Billing contact emails of the project - items: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Project is the Schema for the projects API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ProjectSpec defines the desired state of Project + properties: + accountId: + description: Account ID + maxLength: 32 type: string - maxItems: 10 - type: array - billingExtraText: - description: Extra text to be included in all project invoices, e.g. - purchase order or cost center number - maxLength: 1000 - type: string - billingGroupId: - description: BillingGroup ID - maxLength: 36 - minLength: 36 - type: string - cardId: - description: Credit card ID; The ID may be either last 4 digits of - the card or the actual ID - maxLength: 64 - type: string - cloud: - description: 'Target cloud, example: aws-eu-central-1' - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `PROJECT_CA_CERT`' - properties: - annotations: - additionalProperties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + required: + - key + - name + type: object + billingAddress: + description: Billing name and address of the project + maxLength: 1000 + type: string + billingCurrency: + description: Billing currency + enum: + - AUD + - CAD + - CHF + - DKK + - EUR + - GBP + - NOK + - SEK + - USD + type: string + billingEmails: + description: Billing contact emails of the project + items: type: string - required: - - name - type: object - copyFromProject: - description: Project name from which to copy settings to the new project - maxLength: 63 - type: string - countryCode: - description: Billing country code of the project - maxLength: 2 - minLength: 2 - type: string - tags: - additionalProperties: + maxItems: 10 + type: array + billingExtraText: + description: + Extra text to be included in all project invoices, e.g. + purchase order or cost center number + maxLength: 1000 type: string - description: Tags are key-value pairs that allow you to categorize - projects - type: object - technicalEmails: - description: Technical contact emails of the project - items: + billingGroupId: + description: BillingGroup ID + maxLength: 36 + minLength: 36 type: string - maxItems: 10 - type: array - type: object - status: - description: ProjectStatus defines the observed state of Project - properties: - availableCredits: - description: Available credirs - type: string - conditions: - description: Conditions represent the latest available observations - of an Project state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + cardId: + description: + Credit card ID; The ID may be either last 4 digits of + the card or the actual ID + maxLength: 64 + type: string + cloud: + description: "Target cloud, example: aws-eu-central-1" + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `PROJECT_CA_CERT`" properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name + type: object + connInfoSecretTargetDisabled: + description: + When true, the secret containing connection information + will not be created, defaults to false. This field cannot be changed + after resource creation. + type: boolean + x-kubernetes-validations: + - message: connInfoSecretTargetDisabled is immutable. + rule: self == oldSelf + copyFromProject: + description: Project name from which to copy settings to the new project + maxLength: 63 + type: string + countryCode: + description: Billing country code of the project + maxLength: 2 + minLength: 2 + type: string + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + projects type: object - type: array - country: - description: Country name - type: string - estimatedBalance: - description: Estimated balance - type: string - paymentMethod: - description: Payment method name - type: string - vatId: - description: EU VAT Identification Number - maxLength: 64 - type: string - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + technicalEmails: + description: Technical contact emails of the project + items: + type: string + maxItems: 10 + type: array + type: object + x-kubernetes-validations: + - message: + connInfoSecretTargetDisabled can only be set during resource + creation. + rule: has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled) + status: + description: ProjectStatus defines the observed state of Project + properties: + availableCredits: + description: Available credirs + type: string + conditions: + description: + Conditions represent the latest available observations + of an Project state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + country: + description: Country name + type: string + estimatedBalance: + description: Estimated balance + type: string + paymentMethod: + description: Payment method name + type: string + vatId: + description: EU VAT Identification Number + maxLength: 64 + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_projectvpcs.yaml b/charts/aiven-operator-crds/templates/aiven.io_projectvpcs.yaml index 720040e..f6b08d0 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_projectvpcs.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_projectvpcs.yaml @@ -15,165 +15,174 @@ spec: singular: projectvpc scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Cloud - type: string - - jsonPath: .spec.networkCidr - name: Network CIDR - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ProjectVPC is the Schema for the projectvpcs API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ProjectVPCSpec defines the desired state of ProjectVPC - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the VPC is in - maxLength: 256 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - networkCidr: - description: Network address range used by the VPC like 192.168.0.0/24 - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - project: - description: The project the VPC belongs to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - cloudName - - networkCidr - - project - type: object - status: - description: ProjectVPCStatus defines the observed state of ProjectVPC - properties: - conditions: - description: Conditions represent the latest available observations - of an ProjectVPC state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Cloud + type: string + - jsonPath: .spec.networkCidr + name: Network CIDR + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ProjectVPC is the Schema for the projectvpcs API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ProjectVPCSpec defines the desired state of ProjectVPC + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - id: - description: Project VPC id - type: string - state: - description: State of VPC - type: string - required: - - conditions - - id - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + cloudName: + description: Cloud the VPC is in + maxLength: 256 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + networkCidr: + description: Network address range used by the VPC like 192.168.0.0/24 + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + project: + description: The project the VPC belongs to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - cloudName + - networkCidr + - project + type: object + status: + description: ProjectVPCStatus defines the observed state of ProjectVPC + properties: + conditions: + description: + Conditions represent the latest available observations + of an ProjectVPC state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + id: + description: Project VPC id + type: string + state: + description: State of VPC + type: string + required: + - conditions + - id + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_redis.yaml b/charts/aiven-operator-crds/templates/aiven.io_redis.yaml index 2b665d1..fe95067 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_redis.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_redis.yaml @@ -15,464 +15,543 @@ spec: singular: redis scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Redis is the Schema for the redis API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RedisSpec defines the desired state of Redis - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `REDIS_HOST`, `REDIS_PORT`, `REDIS_USER`, `REDIS_PASSWORD`' - properties: - annotations: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Redis is the Schema for the redis API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: RedisSpec defines the desired state of Redis + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `REDIS_HOST`, `REDIS_PORT`, `REDIS_USER`, `REDIS_PASSWORD`" properties: - integrationType: - enum: - - read_replica + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - integrationType - - sourceServiceName + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + connInfoSecretTargetDisabled: + description: + When true, the secret containing connection information + will not be created, defaults to false. This field cannot be changed + after resource creation. + type: boolean + x-kubernetes-validations: + - message: connInfoSecretTargetDisabled is immutable. + rule: self == oldSelf + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Redis specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 type: string - maxItems: 1 - type: array - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) + integrationType: enum: - - dump - - replication + - read_replica type: string - password: - description: Password for authentication with the server where - to migrate data from - maxLength: 256 - type: string - port: - description: Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: The server where to migrate data from is secured - with SSL - type: boolean - username: - description: User name for authentication with the server - where to migrate data from - maxLength: 256 + sourceServiceName: + maxLength: 64 + minLength: 1 type: string required: - - host - - port - type: object - private_access: - description: Allow access to selected service ports from private - networks - properties: - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - redis: - description: Allow clients to connect to redis with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean + - integrationType + - sourceServiceName type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - prometheus: - description: Enable prometheus - type: boolean - redis: - description: Enable redis - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + technicalEmails: + description: + Defines the email addresses that will receive alerts + about upcoming maintenance updates or warnings about service instability. + items: properties: - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - redis: - description: Allow clients to connect to redis from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean + email: + description: Email address. + format: ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ + type: string + required: + - email type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ - type: string - redis_acl_channels_default: - description: Determines default pub/sub channels' ACL for new - users if ACL is not supplied. When this option is not defined, - all_channels is assumed to keep backward compatibility. This - option doesn't affect Redis configuration acl-pubsub-default. - enum: - - allchannels - - resetchannels - type: string - redis_io_threads: - description: Set Redis IO thread count. Changing this will cause - a restart of the Redis service. - maximum: 32 - minimum: 1 - type: integer - redis_lfu_decay_time: - description: LFU maxmemory-policy counter decay time in minutes - maximum: 120 - minimum: 1 - type: integer - redis_lfu_log_factor: - description: Counter logarithm factor for volatile-lfu and allkeys-lfu - maxmemory-policies - maximum: 100 - minimum: 0 - type: integer - redis_maxmemory_policy: - description: Redis maxmemory-policy - enum: - - noeviction - - allkeys-lru - - volatile-lru - - allkeys-random - - volatile-random - - volatile-ttl - - volatile-lfu - - allkeys-lfu - type: string - redis_notify_keyspace_events: - description: Set notify-keyspace-events option - maxLength: 32 - pattern: ^[KEg\$lshzxeA]*$ - type: string - redis_number_of_databases: - description: Set number of Redis databases. Changing this will - cause a restart of the Redis service. - maximum: 128 - minimum: 1 - type: integer - redis_persistence: - description: When persistence is 'rdb', Redis does RDB dumps each - 10 minutes if any key is changed. Also RDB dumps are done according - to backup schedule for backup purposes. When persistence is - 'off', no RDB dumps and backups are done, so data can be lost - at any moment if service is restarted for any reason, or if - service is powered off. Also service can't be forked. - enum: - - "off" - - rdb - type: string - redis_pubsub_client_output_buffer_limit: - description: Set output buffer limit for pub / sub clients in - MB. The value is the hard limit, the soft limit is 1/4 of the - hard limit. When setting the limit, be mindful of the available - memory in the selected service plan. - maximum: 512 - minimum: 32 - type: integer - redis_ssl: - description: Require SSL to access Redis - type: boolean - redis_timeout: - description: Redis idle connection timeout in seconds - maximum: 31536000 - minimum: 0 - type: integer - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + maxItems: 10 + type: array + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Redis specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + additional_backup_regions: + description: Deprecated. Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server + properties: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: + Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: + Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: + The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) + enum: + - dump + - replication + type: string + password: + description: + Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: + Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: + The server where to migrate data from is secured + with SSL + type: boolean + username: + description: + User name for authentication with the server + where to migrate data from + maxLength: 256 + type: string + required: + - host + - port + type: object + private_access: + description: + Allow access to selected service ports from private + networks + properties: + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + redis: + description: + Allow clients to connect to redis with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + prometheus: + description: Enable prometheus + type: boolean + redis: + description: Enable redis + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + redis: + description: + Allow clients to connect to redis from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + redis_acl_channels_default: + description: + Determines default pub/sub channels' ACL for new + users if ACL is not supplied. When this option is not defined, + all_channels is assumed to keep backward compatibility. This + option doesn't affect Redis configuration acl-pubsub-default. + enum: + - allchannels + - resetchannels + type: string + redis_io_threads: + description: + Set Redis IO thread count. Changing this will cause + a restart of the Redis service. + maximum: 32 + minimum: 1 + type: integer + redis_lfu_decay_time: + description: LFU maxmemory-policy counter decay time in minutes + maximum: 120 + minimum: 1 + type: integer + redis_lfu_log_factor: + description: + Counter logarithm factor for volatile-lfu and allkeys-lfu + maxmemory-policies + maximum: 100 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + redis_maxmemory_policy: + description: Redis maxmemory-policy + enum: + - noeviction + - allkeys-lru + - volatile-lru + - allkeys-random + - volatile-random + - volatile-ttl + - volatile-lfu + - allkeys-lfu + type: string + redis_notify_keyspace_events: + description: Set notify-keyspace-events option + maxLength: 32 + pattern: ^[KEg\$lshzxeA]*$ + type: string + redis_number_of_databases: + description: + Set number of Redis databases. Changing this will + cause a restart of the Redis service. + maximum: 128 + minimum: 1 + type: integer + redis_persistence: + description: + When persistence is 'rdb', Redis does RDB dumps each + 10 minutes if any key is changed. Also RDB dumps are done according + to backup schedule for backup purposes. When persistence is + 'off', no RDB dumps and backups are done, so data can be lost + at any moment if service is restarted for any reason, or if + service is powered off. Also service can't be forked. + enum: + - "off" + - rdb type: string - status: - description: status of the condition, one of True, False, Unknown. + redis_pubsub_client_output_buffer_limit: + description: + Set output buffer limit for pub / sub clients in + MB. The value is the hard limit, the soft limit is 1/4 of the + hard limit. When setting the limit, be mindful of the available + memory in the selected service plan. + maximum: 512 + minimum: 32 + type: integer + redis_ssl: + description: Require SSL to access Redis + type: boolean + redis_timeout: + description: Redis idle connection timeout in seconds + maximum: 31536000 + minimum: 0 + type: integer + redis_version: + description: Redis major version enum: - - "True" - - "False" - - Unknown + - "7.0" type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + x-kubernetes-validations: + - message: + connInfoSecretTargetDisabled can only be set during resource + creation. + rule: has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled) + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_serviceintegrations.yaml b/charts/aiven-operator-crds/templates/aiven.io_serviceintegrations.yaml index 7ba61ed..7ddcb94 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_serviceintegrations.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_serviceintegrations.yaml @@ -15,748 +15,790 @@ spec: singular: serviceintegration scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.integrationType - name: Type - type: string - - jsonPath: .spec.sourceServiceName - name: Source Service Name - type: string - - jsonPath: .spec.destinationServiceName - name: Destination Service Name - type: string - - jsonPath: .spec.sourceEndpointId - name: Source Endpoint ID - type: string - - jsonPath: .spec.destinationEndpointId - name: Destination Endpoint ID - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ServiceIntegration is the Schema for the serviceintegrations - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceIntegrationSpec defines the desired state of ServiceIntegration - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - clickhouseKafka: - description: Clickhouse Kafka configuration values - properties: - tables: - description: Tables to create - items: - description: Table to create + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.integrationType + name: Type + type: string + - jsonPath: .spec.sourceServiceName + name: Source Service Name + type: string + - jsonPath: .spec.destinationServiceName + name: Destination Service Name + type: string + - jsonPath: .spec.sourceEndpointId + name: Source Endpoint ID + type: string + - jsonPath: .spec.destinationEndpointId + name: Destination Endpoint ID + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: + ServiceIntegration is the Schema for the serviceintegrations + API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ServiceIntegrationSpec defines the desired state of ServiceIntegration + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + clickhouseKafka: + description: Clickhouse Kafka configuration values + properties: + tables: + description: Tables to create + items: + description: Table to create + properties: + auto_offset_reset: + description: + Action to take when there is no initial offset + in offset store or the desired offset is out of range + enum: + - smallest + - earliest + - beginning + - largest + - latest + - end + type: string + columns: + description: Table columns + items: + description: Table column + properties: + name: + description: Column name + maxLength: 40 + minLength: 1 + type: string + type: + description: Column type + maxLength: 1000 + minLength: 1 + type: string + required: + - name + - type + type: object + maxItems: 100 + type: array + data_format: + description: Message data format + enum: + - Avro + - CSV + - JSONAsString + - JSONCompactEachRow + - JSONCompactStringsEachRow + - JSONEachRow + - JSONStringsEachRow + - MsgPack + - TSKV + - TSV + - TabSeparated + - RawBLOB + - AvroConfluent + type: string + date_time_input_format: + description: Method to read DateTime from text input formats + enum: + - basic + - best_effort + - best_effort_us + type: string + group_name: + description: Kafka consumers group + maxLength: 249 + minLength: 1 + type: string + handle_error_mode: + description: How to handle errors for Kafka engine + enum: + - default + - stream + type: string + max_block_size: + description: + Number of row collected by poll(s) for flushing + data from Kafka + maximum: 1000000000 + minimum: 0 + type: integer + max_rows_per_message: + description: + The maximum number of rows produced in one + kafka message for row-based formats + maximum: 1000000000 + minimum: 1 + type: integer + name: + description: Name of the table + maxLength: 40 + minLength: 1 + type: string + num_consumers: + description: The number of consumers per table per replica + maximum: 10 + minimum: 1 + type: integer + poll_max_batch_size: + description: + Maximum amount of messages to be polled in + a single Kafka poll + maximum: 1000000000 + minimum: 0 + type: integer + skip_broken_messages: + description: + Skip at least this number of broken messages + from Kafka topic per block + maximum: 1000000000 + minimum: 0 + type: integer + topics: + description: Kafka topics + items: + description: Kafka topic + properties: + name: + description: Name of the topic + maxLength: 249 + minLength: 1 + type: string + required: + - name + type: object + maxItems: 100 + type: array + required: + - columns + - data_format + - group_name + - name + - topics + type: object + maxItems: 100 + type: array + type: object + clickhousePostgresql: + description: Clickhouse PostgreSQL configuration values + properties: + databases: + description: Databases to expose + items: + description: Database to expose + properties: + database: + description: PostgreSQL database to expose + maxLength: 63 + minLength: 1 + type: string + schema: + description: PostgreSQL schema to expose + maxLength: 63 + minLength: 1 + type: string + type: object + maxItems: 10 + type: array + type: object + datadog: + description: Datadog specific user configuration options + properties: + datadog_dbm_enabled: + description: Enable Datadog Database Monitoring + type: boolean + datadog_tags: + description: Custom tags provided by user + items: + description: Datadog tag defined by user + properties: + comment: + description: Optional tag explanation + maxLength: 1024 + type: string + tag: + description: + "Tag format and usage are described here: https://docs.datadoghq.com/getting_started/tagging. + Tags with prefix 'aiven-' are reserved for Aiven." + maxLength: 200 + minLength: 1 + type: string + required: + - tag + type: object + maxItems: 32 + type: array + exclude_consumer_groups: + description: List of custom metrics + items: + type: string + maxItems: 1024 + type: array + exclude_topics: + description: List of topics to exclude + items: + type: string + maxItems: 1024 + type: array + include_consumer_groups: + description: List of custom metrics + items: + type: string + maxItems: 1024 + type: array + include_topics: + description: List of topics to include + items: + type: string + maxItems: 1024 + type: array + kafka_custom_metrics: + description: List of custom metrics + items: + type: string + maxItems: 1024 + type: array + max_jmx_metrics: + description: Maximum number of JMX metrics to send + maximum: 100000 + minimum: 10 + type: integer + opensearch: + description: Datadog Opensearch Options properties: - auto_offset_reset: - description: Action to take when there is no initial offset - in offset store or the desired offset is out of range - enum: - - smallest - - earliest - - beginning - - largest - - latest - - end - type: string - columns: - description: Table columns - items: - description: Table column - properties: - name: - description: Column name - maxLength: 40 - minLength: 1 - type: string - type: - description: Column type - maxLength: 1000 - minLength: 1 - type: string - required: - - name - - type - type: object - maxItems: 100 - type: array - data_format: - description: Message data format - enum: - - Avro - - CSV - - JSONAsString - - JSONCompactEachRow - - JSONCompactStringsEachRow - - JSONEachRow - - JSONStringsEachRow - - MsgPack - - TSKV - - TSV - - TabSeparated - - RawBLOB - - AvroConfluent + index_stats_enabled: + description: Enable Datadog Opensearch Index Monitoring + type: boolean + pending_task_stats_enabled: + description: Enable Datadog Opensearch Pending Task Monitoring + type: boolean + pshard_stats_enabled: + description: Enable Datadog Opensearch Primary Shard Monitoring + type: boolean + type: object + redis: + description: Datadog Redis Options + properties: + command_stats_enabled: + description: Enable command_stats option in the agent's configuration + type: boolean + type: object + type: object + destinationEndpointId: + description: Destination endpoint for the integration (if any) + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + destinationProjectName: + description: Destination project for the integration (if any) + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + destinationServiceName: + description: Destination service for the integration (if any) + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + externalAWSCloudwatchMetrics: + description: + External AWS CloudWatch Metrics integration Logs configuration + values + properties: + dropped_metrics: + description: + Metrics to not send to AWS CloudWatch (takes precedence + over extra_metrics) + items: + description: Metric name and subfield + properties: + field: + description: Identifier of a value in the metric + maxLength: 1000 + type: string + metric: + description: Identifier of the metric + maxLength: 1000 + type: string + required: + - field + - metric + type: object + maxItems: 1024 + type: array + extra_metrics: + description: + Metrics to allow through to AWS CloudWatch (in addition + to default metrics) + items: + description: Metric name and subfield + properties: + field: + description: Identifier of a value in the metric + maxLength: 1000 + type: string + metric: + description: Identifier of the metric + maxLength: 1000 + type: string + required: + - field + - metric + type: object + maxItems: 1024 + type: array + type: object + integrationType: + description: + Type of the service integration accepted by Aiven API. + Some values may not be supported by the operator + enum: + - alertmanager + - autoscaler + - caching + - cassandra_cross_service_cluster + - clickhouse_kafka + - clickhouse_postgresql + - dashboard + - datadog + - datasource + - external_aws_cloudwatch_logs + - external_aws_cloudwatch_metrics + - external_elasticsearch_logs + - external_google_cloud_logging + - external_opensearch_logs + - flink + - flink_external_kafka + - internal_connectivity + - jolokia + - kafka_connect + - kafka_logs + - kafka_mirrormaker + - logs + - m3aggregator + - m3coordinator + - metrics + - opensearch_cross_cluster_replication + - opensearch_cross_cluster_search + - prometheus + - read_replica + - rsyslog + - schema_registry_proxy + - stresstester + - thanosquery + - thanosstore + - vmalert + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + kafkaConnect: + description: Kafka Connect service configuration values + properties: + kafka_connect: + description: Kafka Connect service configuration values + properties: + config_storage_topic: + description: + The name of the topic where connector and task + configuration data are stored.This must be the same for + all workers with the same group_id. + maxLength: 249 type: string - date_time_input_format: - description: Method to read DateTime from text input formats - enum: - - basic - - best_effort - - best_effort_us + group_id: + description: + A unique string that identifies the Connect cluster + group this worker belongs to. + maxLength: 249 type: string - group_name: - description: Kafka consumers group + offset_storage_topic: + description: + The name of the topic where connector and task + configuration offsets are stored.This must be the same for + all workers with the same group_id. maxLength: 249 - minLength: 1 type: string - handle_error_mode: - description: How to handle errors for Kafka engine - enum: - - default - - stream + status_storage_topic: + description: + The name of the topic where connector and task + configuration status updates are stored.This must be the + same for all workers with the same group_id. + maxLength: 249 type: string - max_block_size: - description: Number of row collected by poll(s) for flushing - data from Kafka - maximum: 1000000000 + type: object + type: object + kafkaLogs: + description: Kafka logs configuration values + properties: + kafka_topic: + description: Topic name + maxLength: 249 + minLength: 1 + type: string + selected_log_fields: + description: + The list of logging fields that will be sent to the + integration logging service. The MESSAGE and timestamp fields + are always sent. + items: + type: string + maxItems: 5 + type: array + required: + - kafka_topic + type: object + kafkaMirrormaker: + description: Kafka MirrorMaker configuration values + properties: + cluster_alias: + description: + "The alias under which the Kafka cluster is known + to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, + '.', '_', and '-'." + maxLength: 128 + pattern: ^[a-zA-Z0-9_.-]+$ + type: string + kafka_mirrormaker: + description: Kafka MirrorMaker configuration values + properties: + consumer_fetch_min_bytes: + description: + The minimum amount of data the server should + return for a fetch request + maximum: 5242880 + minimum: 1 + type: integer + producer_batch_size: + description: + The batch size in bytes producer will attempt + to collect before publishing to broker. + maximum: 5242880 minimum: 0 type: integer - max_rows_per_message: - description: The maximum number of rows produced in one - kafka message for row-based formats - maximum: 1000000000 - minimum: 1 + producer_buffer_memory: + description: + The amount of bytes producer can use for buffering + data before publishing to broker. + maximum: 134217728 + minimum: 5242880 type: integer - name: - description: Name of the table - maxLength: 40 - minLength: 1 + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none type: string - num_consumers: - description: The number of consumers per table per replica - maximum: 10 - minimum: 1 - type: integer - poll_max_batch_size: - description: Maximum amount of messages to be polled in - a single Kafka poll - maximum: 1000000000 + producer_linger_ms: + description: + The linger time (ms) for waiting new data to + arrive for publishing. + maximum: 5000 minimum: 0 type: integer - skip_broken_messages: - description: Skip at least this number of broken messages - from Kafka topic per block - maximum: 1000000000 + producer_max_request_size: + description: The maximum request size in bytes. + maximum: 268435456 minimum: 0 type: integer - topics: - description: Kafka topics - items: - description: Kafka topic - properties: - name: - description: Name of the topic - maxLength: 249 - minLength: 1 - type: string - required: - - name - type: object - maxItems: 100 - type: array - required: - - columns - - data_format - - group_name - - name - - topics type: object - maxItems: 100 - type: array - type: object - clickhousePostgresql: - description: Clickhouse PostgreSQL configuration values - properties: - databases: - description: Databases to expose - items: - description: Database to expose - properties: - database: - description: PostgreSQL database to expose - maxLength: 63 - minLength: 1 - type: string - schema: - description: PostgreSQL schema to expose - maxLength: 63 - minLength: 1 - type: string - type: object - maxItems: 10 - type: array - type: object - datadog: - description: Datadog specific user configuration options - properties: - datadog_dbm_enabled: - description: Enable Datadog Database Monitoring - type: boolean - datadog_tags: - description: Custom tags provided by user - items: - description: Datadog tag defined by user - properties: - comment: - description: Optional tag explanation - maxLength: 1024 - type: string - tag: - description: 'Tag format and usage are described here: https://docs.datadoghq.com/getting_started/tagging. - Tags with prefix ''aiven-'' are reserved for Aiven.' - maxLength: 200 - minLength: 1 - type: string - required: - - tag - type: object - maxItems: 32 - type: array - exclude_consumer_groups: - description: List of custom metrics - items: - type: string - maxItems: 1024 - type: array - exclude_topics: - description: List of topics to exclude - items: - type: string - maxItems: 1024 - type: array - include_consumer_groups: - description: List of custom metrics - items: + type: object + logs: + description: Logs configuration values + properties: + elasticsearch_index_days_max: + description: Elasticsearch index retention limit + maximum: 10000 + minimum: 1 + type: integer + elasticsearch_index_prefix: + description: Elasticsearch index prefix + maxLength: 1024 + minLength: 1 type: string - maxItems: 1024 - type: array - include_topics: - description: List of topics to include - items: + selected_log_fields: + description: + The list of logging fields that will be sent to the + integration logging service. The MESSAGE and timestamp fields + are always sent. + items: + type: string + maxItems: 5 + type: array + type: object + metrics: + description: Metrics configuration values + properties: + database: + description: + Name of the database where to store metric datapoints. + Only affects PostgreSQL destinations. Defaults to 'metrics'. + Note that this must be the same for all metrics integrations + that write data to the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-_A-Za-z0-9]{0,39}$ type: string - maxItems: 1024 - type: array - kafka_custom_metrics: - description: List of custom metrics - items: + retention_days: + description: + Number of days to keep old metrics. Only affects + PostgreSQL destinations. Set to 0 for no automatic cleanup. + Defaults to 30 days. + maximum: 10000 + minimum: 0 + type: integer + ro_username: + description: + Name of a user that can be used to read metrics. + This will be used for Grafana integration (if enabled) to prevent + Grafana users from making undesired changes. Only affects PostgreSQL + destinations. Defaults to 'metrics_reader'. Note that this must + be the same for all metrics integrations that write data to + the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ type: string - maxItems: 1024 - type: array - max_jmx_metrics: - description: Maximum number of JMX metrics to send - maximum: 100000 - minimum: 10 - type: integer - opensearch: - description: Datadog Opensearch Options - properties: - index_stats_enabled: - description: Enable Datadog Opensearch Index Monitoring - type: boolean - pending_task_stats_enabled: - description: Enable Datadog Opensearch Pending Task Monitoring - type: boolean - pshard_stats_enabled: - description: Enable Datadog Opensearch Primary Shard Monitoring - type: boolean - type: object - redis: - description: Datadog Redis Options - properties: - command_stats_enabled: - description: Enable command_stats option in the agent's configuration - type: boolean - type: object - type: object - destinationEndpointId: - description: Destination endpoint for the integration (if any) - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - destinationProjectName: - description: Destination project for the integration (if any) - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - destinationServiceName: - description: Destination service for the integration (if any) - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - externalAWSCloudwatchMetrics: - description: External AWS CloudWatch Metrics integration Logs configuration - values - properties: - dropped_metrics: - description: Metrics to not send to AWS CloudWatch (takes precedence - over extra_metrics) - items: - description: Metric name and subfield + source_mysql: + description: + Configuration options for metrics where source service + is MySQL properties: - field: - description: Identifier of a value in the metric - maxLength: 1000 - type: string - metric: - description: Identifier of the metric - maxLength: 1000 - type: string - required: - - field - - metric + telegraf: + description: + Configuration options for Telegraf MySQL input + plugin + properties: + gather_event_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.EVENT_WAITS + type: boolean + gather_file_events_stats: + description: gather metrics from PERFORMANCE_SCHEMA.FILE_SUMMARY_BY_EVENT_NAME + type: boolean + gather_index_io_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_INDEX_USAGE + type: boolean + gather_info_schema_auto_inc: + description: + Gather auto_increment columns and max values + from information schema + type: boolean + gather_innodb_metrics: + description: Gather metrics from INFORMATION_SCHEMA.INNODB_METRICS + type: boolean + gather_perf_events_statements: + description: Gather metrics from PERFORMANCE_SCHEMA.EVENTS_STATEMENTS_SUMMARY_BY_DIGEST + type: boolean + gather_process_list: + description: Gather thread state counts from INFORMATION_SCHEMA.PROCESSLIST + type: boolean + gather_slave_status: + description: + Gather metrics from SHOW SLAVE STATUS command + output + type: boolean + gather_table_io_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_TABLE + type: boolean + gather_table_lock_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_LOCK_WAITS + type: boolean + gather_table_schema: + description: Gather metrics from INFORMATION_SCHEMA.TABLES + type: boolean + perf_events_statements_digest_text_limit: + description: + Truncates digest text from perf_events_statements + into this many characters + maximum: 2048 + minimum: 1 + type: integer + perf_events_statements_limit: + description: Limits metrics from perf_events_statements + maximum: 4000 + minimum: 1 + type: integer + perf_events_statements_time_limit: + description: + Only include perf_events_statements whose + last seen is less than this many seconds + maximum: 2592000 + minimum: 1 + type: integer + type: object type: object - maxItems: 1024 - type: array - extra_metrics: - description: Metrics to allow through to AWS CloudWatch (in addition - to default metrics) - items: - description: Metric name and subfield - properties: - field: - description: Identifier of a value in the metric - maxLength: 1000 - type: string - metric: - description: Identifier of the metric - maxLength: 1000 - type: string - required: - - field - - metric - type: object - maxItems: 1024 - type: array - type: object - integrationType: - description: Type of the service integration accepted by Aiven API. - Some values may not be supported by the operator - enum: - - alertmanager - - autoscaler - - caching - - cassandra_cross_service_cluster - - clickhouse_kafka - - clickhouse_postgresql - - dashboard - - datadog - - datasource - - external_aws_cloudwatch_logs - - external_aws_cloudwatch_metrics - - external_elasticsearch_logs - - external_google_cloud_logging - - external_opensearch_logs - - flink - - flink_external_kafka - - internal_connectivity - - jolokia - - kafka_connect - - kafka_logs - - kafka_mirrormaker - - logs - - m3aggregator - - m3coordinator - - metrics - - opensearch_cross_cluster_replication - - opensearch_cross_cluster_search - - prometheus - - read_replica - - rsyslog - - schema_registry_proxy - - stresstester - - thanosquery - - thanosstore - - vmalert - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - kafkaConnect: - description: Kafka Connect service configuration values - properties: - kafka_connect: - description: Kafka Connect service configuration values + username: + description: + Name of the user used to write metrics. Only affects + PostgreSQL destinations. Defaults to 'metrics_writer'. Note + that this must be the same for all metrics integrations that + write data to the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ + type: string + type: object + project: + description: Project the integration belongs to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceEndpointID: + description: Source endpoint for the integration (if any) + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceProjectName: + description: Source project for the integration (if any) + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceServiceName: + description: Source service for the integration (if any) + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - integrationType + - project + type: object + status: + description: ServiceIntegrationStatus defines the observed state of ServiceIntegration + properties: + conditions: + description: + Conditions represent the latest available observations + of an ServiceIntegration state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - config_storage_topic: - description: The name of the topic where connector and task - configuration data are stored.This must be the same for - all workers with the same group_id. - maxLength: 249 - type: string - group_id: - description: A unique string that identifies the Connect cluster - group this worker belongs to. - maxLength: 249 - type: string - offset_storage_topic: - description: The name of the topic where connector and task - configuration offsets are stored.This must be the same for - all workers with the same group_id. - maxLength: 249 + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - status_storage_topic: - description: The name of the topic where connector and task - configuration status updates are stored.This must be the - same for all workers with the same group_id. - maxLength: 249 + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - type: object - type: object - kafkaLogs: - description: Kafka logs configuration values - properties: - kafka_topic: - description: Topic name - maxLength: 249 - minLength: 1 - type: string - selected_log_fields: - description: The list of logging fields that will be sent to the - integration logging service. The MESSAGE and timestamp fields - are always sent. - items: - type: string - maxItems: 5 - type: array - required: - - kafka_topic - type: object - kafkaMirrormaker: - description: Kafka MirrorMaker configuration values - properties: - cluster_alias: - description: 'The alias under which the Kafka cluster is known - to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, - ''.'', ''_'', and ''-''.' - maxLength: 128 - pattern: ^[a-zA-Z0-9_.-]+$ - type: string - kafka_mirrormaker: - description: Kafka MirrorMaker configuration values - properties: - consumer_fetch_min_bytes: - description: The minimum amount of data the server should - return for a fetch request - maximum: 5242880 - minimum: 1 - type: integer - producer_batch_size: - description: The batch size in bytes producer will attempt - to collect before publishing to broker. - maximum: 5242880 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - producer_buffer_memory: - description: The amount of bytes producer can use for buffering - data before publishing to broker. - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. enum: - - gzip - - snappy - - lz4 - - zstd - - none + - "True" + - "False" + - Unknown type: string - producer_linger_ms: - description: The linger time (ms) for waiting new data to - arrive for publishing. - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: The maximum request size in bytes. - maximum: 268435456 - minimum: 0 - type: integer - type: object - type: object - logs: - description: Logs configuration values - properties: - elasticsearch_index_days_max: - description: Elasticsearch index retention limit - maximum: 10000 - minimum: 1 - type: integer - elasticsearch_index_prefix: - description: Elasticsearch index prefix - maxLength: 1024 - minLength: 1 - type: string - selected_log_fields: - description: The list of logging fields that will be sent to the - integration logging service. The MESSAGE and timestamp fields - are always sent. - items: - type: string - maxItems: 5 - type: array - type: object - metrics: - description: Metrics configuration values - properties: - database: - description: Name of the database where to store metric datapoints. - Only affects PostgreSQL destinations. Defaults to 'metrics'. - Note that this must be the same for all metrics integrations - that write data to the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-_A-Za-z0-9]{0,39}$ - type: string - retention_days: - description: Number of days to keep old metrics. Only affects - PostgreSQL destinations. Set to 0 for no automatic cleanup. - Defaults to 30 days. - maximum: 10000 - minimum: 0 - type: integer - ro_username: - description: Name of a user that can be used to read metrics. - This will be used for Grafana integration (if enabled) to prevent - Grafana users from making undesired changes. Only affects PostgreSQL - destinations. Defaults to 'metrics_reader'. Note that this must - be the same for all metrics integrations that write data to - the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ - type: string - source_mysql: - description: Configuration options for metrics where source service - is MySQL - properties: - telegraf: - description: Configuration options for Telegraf MySQL input - plugin - properties: - gather_event_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.EVENT_WAITS - type: boolean - gather_file_events_stats: - description: gather metrics from PERFORMANCE_SCHEMA.FILE_SUMMARY_BY_EVENT_NAME - type: boolean - gather_index_io_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_INDEX_USAGE - type: boolean - gather_info_schema_auto_inc: - description: Gather auto_increment columns and max values - from information schema - type: boolean - gather_innodb_metrics: - description: Gather metrics from INFORMATION_SCHEMA.INNODB_METRICS - type: boolean - gather_perf_events_statements: - description: Gather metrics from PERFORMANCE_SCHEMA.EVENTS_STATEMENTS_SUMMARY_BY_DIGEST - type: boolean - gather_process_list: - description: Gather thread state counts from INFORMATION_SCHEMA.PROCESSLIST - type: boolean - gather_slave_status: - description: Gather metrics from SHOW SLAVE STATUS command - output - type: boolean - gather_table_io_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_TABLE - type: boolean - gather_table_lock_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_LOCK_WAITS - type: boolean - gather_table_schema: - description: Gather metrics from INFORMATION_SCHEMA.TABLES - type: boolean - perf_events_statements_digest_text_limit: - description: Truncates digest text from perf_events_statements - into this many characters - maximum: 2048 - minimum: 1 - type: integer - perf_events_statements_limit: - description: Limits metrics from perf_events_statements - maximum: 4000 - minimum: 1 - type: integer - perf_events_statements_time_limit: - description: Only include perf_events_statements whose - last seen is less than this many seconds - maximum: 2592000 - minimum: 1 - type: integer - type: object + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - username: - description: Name of the user used to write metrics. Only affects - PostgreSQL destinations. Defaults to 'metrics_writer'. Note - that this must be the same for all metrics integrations that - write data to the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ - type: string - type: object - project: - description: Project the integration belongs to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceEndpointID: - description: Source endpoint for the integration (if any) - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceProjectName: - description: Source project for the integration (if any) - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceServiceName: - description: Source service for the integration (if any) - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - integrationType - - project - type: object - status: - description: ServiceIntegrationStatus defines the observed state of ServiceIntegration - properties: - conditions: - description: Conditions represent the latest available observations - of an ServiceIntegration state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - id: - description: Service integration ID - type: string - required: - - conditions - - id - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + id: + description: Service integration ID + type: string + required: + - conditions + - id + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml b/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml index e188b02..378d98f 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml @@ -15,179 +15,205 @@ spec: singular: serviceuser scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connInfoSecretTarget.name - name: Connection Information Secret - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ServiceUser is the Schema for the serviceusers API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceUserSpec defines the desired state of ServiceUser - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - authentication: - description: Authentication details - enum: - - caching_sha2_password - - mysql_native_password - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `SERVICEUSER_HOST`, `SERVICEUSER_PORT`, `SERVICEUSER_USERNAME`, - `SERVICEUSER_PASSWORD`, `SERVICEUSER_CA_CERT`, `SERVICEUSER_ACCESS_CERT`, - `SERVICEUSER_ACCESS_KEY`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - project: - description: Project to link the user to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service to link the user to - maxLength: 63 - type: string - required: - - project - - serviceName - type: object - status: - description: ServiceUserStatus defines the observed state of ServiceUser - properties: - conditions: - description: Conditions represent the latest available observations - of an ServiceUser state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connInfoSecretTarget.name + name: Connection Information Secret + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ServiceUser is the Schema for the serviceusers API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ServiceUserSpec defines the desired state of ServiceUser + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + key: + minLength: 1 type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + name: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + required: + - key + - name + type: object + authentication: + description: Authentication details + enum: + - caching_sha2_password + - mysql_native_password + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `SERVICEUSER_HOST`, `SERVICEUSER_PORT`, `SERVICEUSER_USERNAME`, + `SERVICEUSER_PASSWORD`, `SERVICEUSER_CA_CERT`, `SERVICEUSER_ACCESS_CERT`, + `SERVICEUSER_ACCESS_KEY`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name type: object - type: array - type: - description: Type of the user account - type: string - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + connInfoSecretTargetDisabled: + description: + When true, the secret containing connection information + will not be created, defaults to false. This field cannot be changed + after resource creation. + type: boolean + x-kubernetes-validations: + - message: connInfoSecretTargetDisabled is immutable. + rule: self == oldSelf + project: + description: Project to link the user to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service to link the user to + maxLength: 63 + type: string + required: + - project + - serviceName + type: object + x-kubernetes-validations: + - message: + connInfoSecretTargetDisabled can only be set during resource + creation. + rule: has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled) + status: + description: ServiceUserStatus defines the observed state of ServiceUser + properties: + conditions: + description: + Conditions represent the latest available observations + of an ServiceUser state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: + description: Type of the user account + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator/Chart.yaml b/charts/aiven-operator/Chart.yaml index 0d991cb..5627c1e 100644 --- a/charts/aiven-operator/Chart.yaml +++ b/charts/aiven-operator/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: aiven-operator description: A Helm chart to deploy the aiven operator type: application -version: v0.16.1 -appVersion: v0.16.1 +version: v0.17.0 +appVersion: v0.17.0 maintainers: - name: ivan-savciuc url: https://www.aiven.io diff --git a/charts/aiven-operator/values.yaml b/charts/aiven-operator/values.yaml index b63d30c..34123c0 100644 --- a/charts/aiven-operator/values.yaml +++ b/charts/aiven-operator/values.yaml @@ -16,7 +16,7 @@ leaderElect: true # operator will be installed and should contain a valid Aiven API Token. defaultTokenSecret: name: "" - key: "token" + key: token # webhhook configuration webhooks: @@ -30,7 +30,7 @@ webhooks: image: repository: aivenoy/aiven-operator pullPolicy: IfNotPresent - # default is .Chart.AppVersion but can be overriden here + # default is .Chart.AppVersion but can be overridden here tag: "" imagePullSecrets: [] @@ -54,11 +54,13 @@ resources: podAnnotations: {} -podSecurityContext: {} +podSecurityContext: + {} # runAsNonRoot: true # runAsUser: 65532 -securityContext: {} +securityContext: + {} # capabilities: # drop: # - ALL