refactor: unifies models to share fields validation rules

CHANGELOG.md

@@ -4,6 +4,50 @@
 
 - Add kind: `ClickhouseRole`
 - Unified User-Agent format with the Terraform Provider
+- Remove `ClickhouseUser` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret
+  containing connection information will not be created, defaults to false
+- Remove `ConnectionPool` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret
+  containing connection information will not be created, defaults to false
+- Remove `Project` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Remove `ServiceUser` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Remove `Clickhouse` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Remove `Grafana` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Remove `Kafka` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Remove `MySQL` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Remove `OpenSearch` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Remove `PostgreSQL` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Remove `Redis` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Add `Clickhouse` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Add `Grafana` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Add `Kafka` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Add `MySQL` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Add `OpenSearch` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Add `PostgreSQL` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Add `Redis` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Add `ClickhouseUser` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Add `ConnectionPool` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Add `Project` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
+- Add `ServiceUser` field `connInfoSecretTargetDisabled`, type `boolean`: When true, the secret containing
+  connection information will not be created, defaults to false
 
 ## v0.18.1 - 2024-04-02
 

api/v1alpha1/cassandra_types.go

@@ -11,30 +11,15 @@ import (
 // NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
 
 // CassandraSpec defines the desired state of Cassandra
-// +kubebuilder:validation:XValidation:rule="has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled)",message="connInfoSecretTargetDisabled can only be set during resource creation."
 type CassandraSpec struct {
 	ServiceCommonSpec `json:",inline"`
 
-	// +kubebuilder:validation:Format="^[1-9][0-9]*(GiB|G)*"
-	// The disk space of the service, possible values depend on the service type, the cloud provider and the project. Reducing will result in the service re-balancing.
-	DiskSpace string `json:"disk_space,omitempty"`
-
-	// Authentication reference to Aiven token in a secret
-	AuthSecretRef *AuthSecretReference `json:"authSecretRef,omitempty"`
-
-	// Information regarding secret creation.
-	// Exposed keys: `CASSANDRA_HOST`, `CASSANDRA_PORT`, `CASSANDRA_USER`, `CASSANDRA_PASSWORD`, `CASSANDRA_URI`, `CASSANDRA_HOSTS`, `CASSANDRA_CA_CERT`
-	ConnInfoSecretTarget ConnInfoSecretTarget `json:"connInfoSecretTarget,omitempty"`
-
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="connInfoSecretTargetDisabled is immutable."
-	// When true, the secret containing connection information will not be created, defaults to false. This field cannot be changed after resource creation.
-	ConnInfoSecretTargetDisabled *bool `json:"connInfoSecretTargetDisabled,omitempty"`
-
 	// Cassandra specific user configuration options
 	UserConfig *cassandrauserconfig.CassandraUserConfig `json:"userConfig,omitempty"`
 }
 
-// Cassandra is the Schema for the cassandras API
+// Cassandra is the Schema for the cassandras API.
+// Info "Exposes secret keys": `CASSANDRA_HOST`, `CASSANDRA_PORT`, `CASSANDRA_USER`, `CASSANDRA_PASSWORD`, `CASSANDRA_URI`, `CASSANDRA_HOSTS`, `CASSANDRA_CA_CERT`
 // +kubebuilder:object:root=true
 // +kubebuilder:subresource:status
 // +kubebuilder:printcolumn:name="Project",type="string",JSONPath=".spec.project"

api/v1alpha1/clickhouse_types.go

@@ -9,33 +9,18 @@ import (
 )
 
 // ClickhouseSpec defines the desired state of Clickhouse
-// +kubebuilder:validation:XValidation:rule="has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled)",message="connInfoSecretTargetDisabled can only be set during resource creation."
 type ClickhouseSpec struct {
 	ServiceCommonSpec `json:",inline"`
 
-	// +kubebuilder:validation:Format="^[1-9][0-9]*(GiB|G)*"
-	// The disk space of the service, possible values depend on the service type, the cloud provider and the project. Reducing will result in the service re-balancing.
-	DiskSpace string `json:"disk_space,omitempty"`
-
-	// Authentication reference to Aiven token in a secret
-	AuthSecretRef *AuthSecretReference `json:"authSecretRef,omitempty"`
-
-	// Information regarding secret creation.
-	// Exposed keys: `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`, `CLICKHOUSE_CA_CERT`
-	ConnInfoSecretTarget ConnInfoSecretTarget `json:"connInfoSecretTarget,omitempty"`
-
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="connInfoSecretTargetDisabled is immutable."
-	// When true, the secret containing connection information will not be created, defaults to false. This field cannot be changed after resource creation.
-	ConnInfoSecretTargetDisabled *bool `json:"connInfoSecretTargetDisabled,omitempty"`
-
 	// OpenSearch specific user configuration options
 	UserConfig *clickhouseuserconfig.ClickhouseUserConfig `json:"userConfig,omitempty"`
 }
 
 //+kubebuilder:object:root=true
 //+kubebuilder:subresource:status
 
-// Clickhouse is the Schema for the clickhouses API
+// Clickhouse is the Schema for the clickhouses API.
+// Info "Exposes secret keys": `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`, `CLICKHOUSE_CA_CERT`
 type Clickhouse struct {
 	metav1.TypeMeta   `json:",inline"`
 	metav1.ObjectMeta `json:"metadata,omitempty"`

api/v1alpha1/clickhousedatabase_types.go

@@ -8,10 +8,7 @@ import (
 
 // ClickhouseDatabaseSpec defines the desired state of ClickhouseDatabase
 type ClickhouseDatabaseSpec struct {
-	ProjectServiceFields `json:",inline"`
-
-	// Authentication reference to Aiven token in a secret
-	AuthSecretRef *AuthSecretReference `json:"authSecretRef,omitempty"`
+	ServiceDependant `json:",inline"`
 }
 
 // ClickhouseDatabaseStatus defines the observed state of ClickhouseDatabase

api/v1alpha1/clickhouserole_types.go

@@ -8,16 +8,13 @@ import (
 
 // ClickhouseRoleSpec defines the desired state of ClickhouseRole
 type ClickhouseRoleSpec struct {
-	ProjectServiceFields `json:",inline"`
+	ServiceDependant `json:",inline"`
 
 	// +kubebuilder:validation:MaxLength=255
 	// +kubebuilder:validation:Format="^[a-zA-Z_][0-9a-zA-Z_]*$"
 	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable"
 	// The role that is to be created
 	Role string `json:"role"`
-
-	// Authentication reference to Aiven token in a secret
-	AuthSecretRef *AuthSecretReference `json:"authSecretRef,omitempty"`
 }
 
 // ClickhouseRoleStatus defines the observed state of ClickhouseRole

api/v1alpha1/clickhouseuser_types.go

@@ -7,20 +7,9 @@ import (
 )
 
 // ClickhouseUserSpec defines the desired state of ClickhouseUser
-// +kubebuilder:validation:XValidation:rule="has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled)",message="connInfoSecretTargetDisabled can only be set during resource creation."
 type ClickhouseUserSpec struct {
-	ProjectServiceFields `json:",inline"`
-
-	// Information regarding secret creation.
-	// Exposed keys: `CLICKHOUSEUSER_HOST`, `CLICKHOUSEUSER_PORT`, `CLICKHOUSEUSER_USER`, `CLICKHOUSEUSER_PASSWORD`
-	ConnInfoSecretTarget ConnInfoSecretTarget `json:"connInfoSecretTarget,omitempty"`
-
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="connInfoSecretTargetDisabled is immutable."
-	// When true, the secret containing connection information will not be created, defaults to false. This field cannot be changed after resource creation.
-	ConnInfoSecretTargetDisabled *bool `json:"connInfoSecretTargetDisabled,omitempty"`
-
-	// Authentication reference to Aiven token in a secret
-	AuthSecretRef *AuthSecretReference `json:"authSecretRef,omitempty"`
+	ServiceDependant `json:",inline"`
+	SecretFields     `json:",inline"`
 }
 
 // ClickhouseUserStatus defines the observed state of ClickhouseUser
@@ -36,7 +25,8 @@ type ClickhouseUserStatus struct {
 //+kubebuilder:object:root=true
 //+kubebuilder:subresource:status
 
-// ClickhouseUser is the Schema for the clickhouseusers API
+// ClickhouseUser is the Schema for the clickhouseusers API.
+// Info "Exposes secret keys": `CLICKHOUSEUSER_HOST`, `CLICKHOUSEUSER_PORT`, `CLICKHOUSEUSER_USER`, `CLICKHOUSEUSER_PASSWORD`
 // +kubebuilder:printcolumn:name="Service Name",type="string",JSONPath=".spec.serviceName"
 // +kubebuilder:printcolumn:name="Project",type="string",JSONPath=".spec.project"
 // +kubebuilder:printcolumn:name="Connection Information Secret",type="string",JSONPath=".spec.connInfoSecretTarget.name"

api/v1alpha1/common.go

@@ -69,13 +69,23 @@ type ServiceField struct {
 	ServiceName string `json:"serviceName"`
 }
 
-type ProjectServiceFields struct {
-	ProjectField `json:",inline"`
-	ServiceField `json:",inline"`
+type AuthSecretRefField struct {
+	// Authentication reference to Aiven token in a secret
+	AuthSecretRef *AuthSecretReference `json:"authSecretRef,omitempty"`
 }
 
-type ServiceCommonSpec struct {
-	ProjectField `json:",inline"`
+type ProjectDependant struct {
+	ProjectField       `json:",inline"`
+	AuthSecretRefField `json:",inline"`
+}
+
+type ServiceDependant struct {
+	ProjectDependant `json:",inline"`
+	ServiceField     `json:",inline"`
+}
+
+type BaseServiceFields struct {
+	ProjectDependant `json:",inline"`
 
 	// +kubebuilder:validation:MaxLength=128
 	// Subscription plan.
@@ -116,8 +126,18 @@ type ServiceCommonSpec struct {
 	TechnicalEmails []ServiceTechEmail `json:"technicalEmails,omitempty"`
 }
 
+// +kubebuilder:validation:XValidation:rule="has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled)",message="connInfoSecretTargetDisabled can only be set during resource creation."
+type SecretFields struct {
+	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="connInfoSecretTargetDisabled is immutable."
+	// When true, the secret containing connection information will not be created, defaults to false. This field cannot be changed after resource creation.
+	ConnInfoSecretTargetDisabled *bool `json:"connInfoSecretTargetDisabled,omitempty"`
+
+	// Secret configuration.
+	ConnInfoSecretTarget ConnInfoSecretTarget `json:"connInfoSecretTarget,omitempty"`
+}
+
 // Validate runs complex validation on ServiceCommonSpec
-func (in *ServiceCommonSpec) Validate() error {
+func (in *BaseServiceFields) Validate() error {
 	// todo: remove when resolved https://github.com/kubernetes-sigs/controller-tools/issues/461
 	if in.ProjectVPCID != "" && in.ProjectVPCRef != nil {
 		return fmt.Errorf("please set ProjectVPCID or ProjectVPCRef, not both")
@@ -126,13 +146,22 @@ func (in *ServiceCommonSpec) Validate() error {
 }
 
 // GetRefs is inherited by kafka, pg, os, etc
-func (in *ServiceCommonSpec) GetRefs(namespace string) (refs []*ResourceReferenceObject) {
+func (in *BaseServiceFields) GetRefs(namespace string) (refs []*ResourceReferenceObject) {
 	if in.ProjectVPCRef != nil {
 		refs = append(refs, in.ProjectVPCRef.ProjectVPC(namespace))
 	}
 	return refs
 }
 
+type ServiceCommonSpec struct {
+	BaseServiceFields `json:",inline"`
+	SecretFields      `json:",inline"`
+
+	// +kubebuilder:validation:Format="^[1-9][0-9]*(GiB|G)*"
+	// The disk space of the service, possible values depend on the service type, the cloud provider and the project. Reducing will result in the service re-balancing.
+	DiskSpace string `json:"disk_space,omitempty"`
+}
+
 // ResourceReference is a generic reference to another resource.
 // Resource referring to another (dependency) won't start reconciliation until
 // dependency is not ready

api/v1alpha1/connectionpool_types.go

@@ -7,9 +7,9 @@ import (
 )
 
 // ConnectionPoolSpec defines the desired state of ConnectionPool
-// +kubebuilder:validation:XValidation:rule="has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled)",message="connInfoSecretTargetDisabled can only be set during resource creation."
 type ConnectionPoolSpec struct {
-	ProjectServiceFields `json:",inline"`
+	ServiceDependant `json:",inline"`
+	SecretFields     `json:",inline"`
 
 	// +kubebuilder:validation:MaxLength=40
 	// Name of the database the pool connects to
@@ -27,17 +27,6 @@ type ConnectionPoolSpec struct {
 	// +kubebuilder:validation:Enum=session;transaction;statement
 	// Mode the pool operates in (session, transaction, statement)
 	PoolMode string `json:"poolMode,omitempty"`
-
-	// Information regarding secret creation.
-	// Exposed keys: `CONNECTIONPOOL_NAME`, `CONNECTIONPOOL_HOST`, `CONNECTIONPOOL_PORT`, `CONNECTIONPOOL_DATABASE`, `CONNECTIONPOOL_USER`, `CONNECTIONPOOL_PASSWORD`, `CONNECTIONPOOL_SSLMODE`, `CONNECTIONPOOL_DATABASE_URI`, `CONNECTIONPOOL_CA_CERT`
-	ConnInfoSecretTarget ConnInfoSecretTarget `json:"connInfoSecretTarget,omitempty"`
-
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="connInfoSecretTargetDisabled is immutable."
-	// When true, the secret containing connection information will not be created, defaults to false. This field cannot be changed after resource creation.
-	ConnInfoSecretTargetDisabled *bool `json:"connInfoSecretTargetDisabled,omitempty"`
-
-	// Authentication reference to Aiven token in a secret
-	AuthSecretRef *AuthSecretReference `json:"authSecretRef,omitempty"`
 }
 
 // ConnectionPoolStatus defines the observed state of ConnectionPool
@@ -49,7 +38,8 @@ type ConnectionPoolStatus struct {
 // +kubebuilder:object:root=true
 // +kubebuilder:subresource:status
 
-// ConnectionPool is the Schema for the connectionpools API
+// ConnectionPool is the Schema for the connectionpools API.
+// Info "Exposes secret keys": `CONNECTIONPOOL_NAME`, `CONNECTIONPOOL_HOST`, `CONNECTIONPOOL_PORT`, `CONNECTIONPOOL_DATABASE`, `CONNECTIONPOOL_USER`, `CONNECTIONPOOL_PASSWORD`, `CONNECTIONPOOL_SSLMODE`, `CONNECTIONPOOL_DATABASE_URI`, `CONNECTIONPOOL_CA_CERT`
 // +kubebuilder:printcolumn:name="Service Name",type="string",JSONPath=".spec.serviceName"
 // +kubebuilder:printcolumn:name="Project",type="string",JSONPath=".spec.project"
 // +kubebuilder:printcolumn:name="Database",type="string",JSONPath=".spec.databaseName"

api/v1alpha1/database_types.go

@@ -8,7 +8,7 @@ import (
 
 // DatabaseSpec defines the desired state of Database
 type DatabaseSpec struct {
-	ProjectServiceFields `json:",inline"`
+	ServiceDependant `json:",inline"`
 
 	// +kubebuilder:validation:MaxLength=128
 	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable"
@@ -26,9 +26,6 @@ type DatabaseSpec struct {
 	// from being deleted by Kubernetes. It is recommended to enable this for any production
 	// databases containing critical data.
 	TerminationProtection *bool `json:"terminationProtection,omitempty"`
-
-	// Authentication reference to Aiven token in a secret
-	AuthSecretRef *AuthSecretReference `json:"authSecretRef,omitempty"`
 }
 
 // DatabaseStatus defines the observed state of Database

api/v1alpha1/grafana_types.go

@@ -11,30 +11,15 @@ import (
 // NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
 
 // GrafanaSpec defines the desired state of Grafana
-// +kubebuilder:validation:XValidation:rule="has(oldSelf.connInfoSecretTargetDisabled) == has(self.connInfoSecretTargetDisabled)",message="connInfoSecretTargetDisabled can only be set during resource creation."
 type GrafanaSpec struct {
 	ServiceCommonSpec `json:",inline"`
 
-	// +kubebuilder:validation:Format="^[1-9][0-9]*(GiB|G)*"
-	// The disk space of the service, possible values depend on the service type, the cloud provider and the project. Reducing will result in the service re-balancing.
-	DiskSpace string `json:"disk_space,omitempty"`
-
-	// Authentication reference to Aiven token in a secret
-	AuthSecretRef *AuthSecretReference `json:"authSecretRef,omitempty"`
-
-	// Information regarding secret creation.
-	// Exposed keys: `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, `GRAFANA_URI`, `GRAFANA_HOSTS`, `GRAFANA_CA_CERT`
-	ConnInfoSecretTarget ConnInfoSecretTarget `json:"connInfoSecretTarget,omitempty"`
-
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="connInfoSecretTargetDisabled is immutable."
-	// When true, the secret containing connection information will not be created, defaults to false. This field cannot be changed after resource creation.
-	ConnInfoSecretTargetDisabled *bool `json:"connInfoSecretTargetDisabled,omitempty"`
-
 	// Cassandra specific user configuration options
 	UserConfig *grafanauserconfig.GrafanaUserConfig `json:"userConfig,omitempty"`
 }
 
-// Grafana is the Schema for the grafanas API
+// Grafana is the Schema for the grafanas API.
+// Info "Exposes secret keys": `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, `GRAFANA_URI`, `GRAFANA_HOSTS`, `GRAFANA_CA_CERT`
 // +kubebuilder:object:root=true
 // +kubebuilder:subresource:status
 // +kubebuilder:printcolumn:name="Project",type="string",JSONPath=".spec.project"