From e8e72aee16de35502cde135ae25736b047992a79 Mon Sep 17 00:00:00 2001 From: Timo Riski Date: Thu, 21 Dec 2023 15:26:26 +0200 Subject: [PATCH 1/8] ci(lint): use trunk to orchestrate linting --- .github/workflows/lint.yml | 14 +++---- .trunk/.gitignore | 8 ++++ .golangci.yml => .trunk/configs/.golangci.yml | 0 .trunk/configs/.markdownlint.yaml | 24 +++++++++++ .trunk/configs/.yamllint.yaml | 10 +++++ .trunk/trunk.yaml | 42 +++++++++++++++++++ 6 files changed, 89 insertions(+), 9 deletions(-) create mode 100644 .trunk/.gitignore rename .golangci.yml => .trunk/configs/.golangci.yml (100%) create mode 100644 .trunk/configs/.markdownlint.yaml create mode 100644 .trunk/configs/.yamllint.yaml create mode 100644 .trunk/trunk.yaml diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index e447058f..af183b12 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -16,18 +16,14 @@ jobs: with: fetch-depth: 0 - uses: wagoid/commitlint-github-action@v5 - golang_ci_linter: - name: golang_ci_linter + trunk: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions/setup-go@v5 - with: - go-version-file: go.mod - - name: golangci-lint - uses: golangci/golangci-lint-action@v3 + - uses: actions/checkout@v3 + - uses: actions/setup-go@v4 with: - version: latest + go-version: stable + - uses: trunk-io/trunk-action@v1 codeql_analysis: runs-on: ubuntu-latest permissions: diff --git a/.trunk/.gitignore b/.trunk/.gitignore new file mode 100644 index 00000000..1e246529 --- /dev/null +++ b/.trunk/.gitignore @@ -0,0 +1,8 @@ +*out +*logs +*actions +*notifications +*tools +plugins +user_trunk.yaml +user.yaml diff --git a/.golangci.yml b/.trunk/configs/.golangci.yml similarity index 100% rename from .golangci.yml rename to .trunk/configs/.golangci.yml diff --git a/.trunk/configs/.markdownlint.yaml b/.trunk/configs/.markdownlint.yaml new file mode 100644 index 00000000..30692b1f --- /dev/null +++ b/.trunk/configs/.markdownlint.yaml @@ -0,0 +1,24 @@ +# MD046/code-block-style +# mkdocs code blocks inside admonitions trip this rule +MD046: false + +# MD033/no-inline-html +# allow inline html +MD033: false + +# MD036/no-emphasis-as-heading +# allow using **emphasis** as heading +MD036: false + +# MD013/line-length +# don't care about line length +MD013: false + +# MD051/link-fragments +# mkdocs admonitions and links aren't supported https://github.com/DavidAnson/markdownlint/issues/207 +MD051: false + +# MD025/single-title/single-h1 +# mkdocs renders link titles from YAML frontmatter and renders the content +# title from the first title specified with "#" +MD025: false diff --git a/.trunk/configs/.yamllint.yaml b/.trunk/configs/.yamllint.yaml new file mode 100644 index 00000000..4d444662 --- /dev/null +++ b/.trunk/configs/.yamllint.yaml @@ -0,0 +1,10 @@ +rules: + quoted-strings: + required: only-when-needed + extra-allowed: ["{|}"] + empty-values: + forbid-in-block-mappings: true + forbid-in-flow-mappings: true + key-duplicates: {} + octal-values: + forbid-implicit-octal: true diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml new file mode 100644 index 00000000..2ad48711 --- /dev/null +++ b/.trunk/trunk.yaml @@ -0,0 +1,42 @@ +version: 0.1 +cli: + version: 1.18.1 +plugins: + sources: + - id: trunk + uri: https://github.com/trunk-io/plugins + ref: v1.4.1 +lint: + enabled: + - codespell@2.2.6 + - actionlint@1.6.26 + - git-diff-check + - gitleaks@8.18.1 + - gofmt@1.20.4 + - golangci-lint@1.55.2 + - markdownlint@0.38.0 + - prettier@3.1.1 + - yamllint@1.33.0 + ignore: + - linters: + - yamllint + - prettier + paths: + - charts/aiven-operator/templates/*.yaml + - linters: + - markdownlint + paths: + - .trunk/** +runtimes: + enabled: + - go@1.21.4 + - node@20.10.0 + - python@3.10.8 +actions: + disabled: + - trunk-announce + enabled: + - commitlint + - trunk-upgrade-available + - trunk-check-pre-push + - trunk-fmt-pre-commit From 4a88fccee36826278e8dffdc8fdc7485bb924c3e Mon Sep 17 00:00:00 2001 From: Timo Riski Date: Thu, 21 Dec 2023 15:30:31 +0200 Subject: [PATCH 2/8] chore(lint): fix `prettier` --- .github/workflows/release.yml | 2 +- CHANGELOG.md | 39 +- CODE_OF_CONDUCT.md | 22 +- README.md | 24 +- .../templates/aiven.io_cassandras.yaml | 746 +-- .../templates/aiven.io_clickhouses.yaml | 714 ++- .../templates/aiven.io_clickhouseusers.yaml | 348 +- .../templates/aiven.io_connectionpools.yaml | 391 +- .../templates/aiven.io_databases.yaml | 300 +- .../templates/aiven.io_grafanas.yaml | 1600 ++--- .../templates/aiven.io_kafkaacls.yaml | 325 +- .../templates/aiven.io_kafkaconnectors.yaml | 409 +- .../templates/aiven.io_kafkaconnects.yaml | 848 +-- .../templates/aiven.io_kafkas.yaml | 1981 +++--- .../templates/aiven.io_kafkaschemas.yaml | 334 +- .../templates/aiven.io_kafkatopics.yaml | 535 +- .../templates/aiven.io_mysqls.yaml | 1331 ++-- .../templates/aiven.io_opensearches.yaml | 1918 +++--- .../templates/aiven.io_postgresqls.yaml | 1943 +++--- .../templates/aiven.io_projects.yaml | 445 +- .../templates/aiven.io_projectvpcs.yaml | 321 +- .../templates/aiven.io_redis.yaml | 911 +-- .../aiven.io_serviceintegrations.yaml | 1476 ++--- .../templates/aiven.io_serviceusers.yaml | 348 +- charts/aiven-operator/values.yaml | 6 +- commitlint.config.js | 4 +- config/certmanager/certificate.yaml | 6 +- config/certmanager/kustomization.yaml | 4 +- config/certmanager/kustomizeconfig.yaml | 24 +- config/crd/bases/aiven.io_cassandras.yaml | 746 +-- config/crd/bases/aiven.io_clickhouses.yaml | 714 ++- .../crd/bases/aiven.io_clickhouseusers.yaml | 348 +- .../crd/bases/aiven.io_connectionpools.yaml | 391 +- config/crd/bases/aiven.io_crd-all.gen.yaml | 5535 +++++++++-------- config/crd/bases/aiven.io_databases.yaml | 300 +- config/crd/bases/aiven.io_grafanas.yaml | 1600 ++--- config/crd/bases/aiven.io_kafkaacls.yaml | 325 +- .../crd/bases/aiven.io_kafkaconnectors.yaml | 409 +- config/crd/bases/aiven.io_kafkaconnects.yaml | 848 +-- config/crd/bases/aiven.io_kafkas.yaml | 1981 +++--- config/crd/bases/aiven.io_kafkaschemas.yaml | 334 +- config/crd/bases/aiven.io_kafkatopics.yaml | 535 +- config/crd/bases/aiven.io_mysqls.yaml | 1331 ++-- config/crd/bases/aiven.io_opensearches.yaml | 1918 +++--- config/crd/bases/aiven.io_postgresqls.yaml | 1943 +++--- config/crd/bases/aiven.io_projects.yaml | 445 +- config/crd/bases/aiven.io_projectvpcs.yaml | 321 +- config/crd/bases/aiven.io_redis.yaml | 911 +-- .../bases/aiven.io_serviceintegrations.yaml | 1476 ++--- config/crd/bases/aiven.io_serviceusers.yaml | 348 +- config/crd/kustomization.yaml | 128 +- config/crd/kustomizeconfig.yaml | 24 +- config/crd/patches/webhook_in_cassandras.yaml | 2 +- .../crd/patches/webhook_in_clickhouses.yaml | 2 +- .../patches/webhook_in_clickhouseusers.yaml | 2 +- .../patches/webhook_in_connectionpools.yaml | 2 +- config/crd/patches/webhook_in_databases.yaml | 2 +- config/crd/patches/webhook_in_grafanas.yaml | 2 +- config/crd/patches/webhook_in_kafkaacls.yaml | 2 +- .../patches/webhook_in_kafkaconnectors.yaml | 2 +- .../crd/patches/webhook_in_kafkaconnects.yaml | 2 +- config/crd/patches/webhook_in_kafkas.yaml | 2 +- .../crd/patches/webhook_in_kafkaschemas.yaml | 2 +- .../crd/patches/webhook_in_kafkatopics.yaml | 2 +- config/crd/patches/webhook_in_mysqls.yaml | 2 +- .../crd/patches/webhook_in_opensearches.yaml | 2 +- .../crd/patches/webhook_in_postgresqls.yaml | 2 +- config/crd/patches/webhook_in_projects.yaml | 2 +- config/crd/patches/webhook_in_redis.yaml | 2 +- .../webhook_in_serviceintegrations.yaml | 2 +- .../crd/patches/webhook_in_serviceusers.yaml | 2 +- config/default/kustomization.yaml | 98 +- config/default/manager_auth_proxy_patch.yaml | 56 +- config/default/manager_config_patch.yaml | 20 +- config/default/manager_webhook_patch.yaml | 26 +- config/manager/kustomization.yaml | 14 +- config/manager/manager.yaml | 64 +- config/manifests/kustomization.yaml | 7 +- .../aiven-operator.clusterserviceversion.yaml | 169 +- .../operatorhub/manifests/kustomization.yaml | 8 +- .../operatorhub/scorecard/bases/config.yaml | 4 +- .../scorecard/patches/basic.config.yaml | 2 +- .../scorecard/patches/olm.config.yaml | 2 +- config/prometheus/kustomization.yaml | 2 +- config/prometheus/monitor.yaml | 1 - .../rbac/auth_proxy_client_clusterrole.yaml | 8 +- config/rbac/auth_proxy_role.yaml | 24 +- config/rbac/auth_proxy_role_binding.yaml | 6 +- config/rbac/auth_proxy_service.yaml | 8 +- config/rbac/cassandra_editor_role.yaml | 36 +- config/rbac/cassandra_viewer_role.yaml | 28 +- config/rbac/clickhouse_editor_role.yaml | 36 +- config/rbac/clickhouse_viewer_role.yaml | 28 +- config/rbac/clickhouseuser_editor_role.yaml | 36 +- config/rbac/clickhouseuser_viewer_role.yaml | 28 +- config/rbac/connectionpool_editor_role.yaml | 36 +- config/rbac/connectionpool_viewer_role.yaml | 28 +- config/rbac/database_editor_role.yaml | 36 +- config/rbac/database_viewer_role.yaml | 28 +- config/rbac/grafana_editor_role.yaml | 36 +- config/rbac/grafana_viewer_role.yaml | 28 +- config/rbac/kafka_editor_role.yaml | 36 +- config/rbac/kafka_viewer_role.yaml | 28 +- config/rbac/kafkaacl_editor_role.yaml | 36 +- config/rbac/kafkaacl_viewer_role.yaml | 28 +- config/rbac/kafkaconnect_editor_role.yaml | 36 +- config/rbac/kafkaconnect_viewer_role.yaml | 28 +- config/rbac/kafkaconnector_editor_role.yaml | 36 +- config/rbac/kafkaconnector_viewer_role.yaml | 28 +- config/rbac/kafkaschema_editor_role.yaml | 36 +- config/rbac/kafkaschema_viewer_role.yaml | 28 +- config/rbac/kafkatopic_editor_role.yaml | 36 +- config/rbac/kafkatopic_viewer_role.yaml | 28 +- config/rbac/kustomization.yaml | 34 +- config/rbac/leader_election_role.yaml | 62 +- config/rbac/leader_election_role_binding.yaml | 6 +- config/rbac/mysql_editor_role.yaml | 36 +- config/rbac/mysql_viewer_role.yaml | 28 +- config/rbac/opensearch_editor_role.yaml | 36 +- config/rbac/opensearch_viewer_role.yaml | 28 +- config/rbac/postgresql_editor_role.yaml | 36 +- config/rbac/postgresql_viewer_role.yaml | 28 +- config/rbac/project_editor_role.yaml | 36 +- config/rbac/project_viewer_role.yaml | 28 +- config/rbac/projectvpc_editor_role.yaml | 36 +- config/rbac/projectvpc_viewer_role.yaml | 28 +- config/rbac/redis_editor_role.yaml | 36 +- config/rbac/redis_viewer_role.yaml | 28 +- config/rbac/role.yaml | 1192 ++-- config/rbac/role_binding.yaml | 6 +- .../rbac/serviceintegration_editor_role.yaml | 36 +- .../rbac/serviceintegration_viewer_role.yaml | 28 +- config/rbac/serviceuser_editor_role.yaml | 36 +- config/rbac/serviceuser_viewer_role.yaml | 28 +- config/samples/kustomization.yaml | 40 +- config/scorecard/bases/config.yaml | 4 +- config/scorecard/kustomization.yaml | 26 +- config/scorecard/patches/basic.config.yaml | 4 +- config/scorecard/patches/olm.config.yaml | 20 +- config/webhook/kustomization.yaml | 6 +- config/webhook/kustomizeconfig.yaml | 32 +- config/webhook/manifests.yaml | 1548 ++--- config/webhook/service.yaml | 1 - docs/docs/api-reference/cassandra.md | 13 +- docs/docs/api-reference/clickhouse.md | 13 +- docs/docs/api-reference/clickhouseuser.md | 5 +- docs/docs/api-reference/connectionpool.md | 5 +- docs/docs/api-reference/database.md | 5 +- docs/docs/api-reference/grafana.md | 17 +- docs/docs/api-reference/kafka.md | 15 +- docs/docs/api-reference/kafkaacl.md | 5 +- docs/docs/api-reference/kafkaconnect.md | 15 +- docs/docs/api-reference/kafkaconnector.md | 5 +- docs/docs/api-reference/kafkaschema.md | 5 +- docs/docs/api-reference/kafkatopic.md | 9 +- docs/docs/api-reference/mysql.md | 19 +- docs/docs/api-reference/opensearch.md | 21 +- docs/docs/api-reference/postgresql.md | 17 +- docs/docs/api-reference/project.md | 5 +- docs/docs/api-reference/projectvpc.md | 5 +- docs/docs/api-reference/redis.md | 15 +- docs/docs/api-reference/serviceintegration.md | 7 +- docs/docs/api-reference/serviceuser.md | 5 +- docs/docs/changelog.md | 40 +- docs/docs/contributing/developer-guide.md | 16 +- docs/docs/contributing/index.md | 20 +- docs/docs/contributing/resource-generation.md | 28 +- docs/docs/index.md | 2 +- docs/docs/installation/helm.md | 24 +- docs/docs/installation/prerequisites.md | 13 +- docs/docs/installation/uninstalling.md | 4 +- docs/docs/resources/cassandra.md | 13 +- docs/docs/resources/kafka/connect.md | 36 +- docs/docs/resources/kafka/index.md | 92 +- docs/docs/resources/kafka/schema.md | 9 +- docs/docs/resources/mysql.md | 13 +- docs/docs/resources/opensearch.md | 11 +- docs/docs/resources/postgresql.md | 37 +- docs/docs/resources/project-vpc.md | 4 +- docs/docs/resources/project.md | 8 +- docs/docs/resources/redis.md | 13 +- docs/docs/resources/service-integrations.md | 16 +- .../userconfigs/generator_test_source.yml | 8 +- .../cassandra-simple-cluster/00-secret.yaml | 2 +- .../cassandra-simple-cluster/02-check.yaml | 10 +- .../clickhouse-simple-cluster/00-secret.yaml | 2 +- .../clickhouse-simple-cluster/02-check.yaml | 10 +- .../grafana-simple-cluster/00-secret.yaml | 2 +- .../grafana-simple-cluster/02-check.yaml | 10 +- .../connect-kafka-to-postgres/00-secret.yaml | 2 +- .../02-check-services-running.yaml | 38 +- .../04-write-and-receive.yaml | 77 +- .../simple-kafka-topic/00-secret.yaml | 2 +- .../02-check-services-running.yaml | 28 +- .../simple-kafka-topic/03-delete.yaml | 2 +- .../kafka/kafka-simple-cluster/00-secret.yaml | 2 +- .../kafka/kafka-simple-cluster/02-check.yaml | 10 +- test/e2e/kuttl-test.preinstalled.yaml | 22 +- test/e2e/kuttl-test.yaml | 26 +- .../mysql/mysql-simple-cluster/00-secret.yaml | 2 +- .../mysql/mysql-simple-cluster/02-check.yaml | 10 +- .../opensearch-simple-cluster/00-secret.yaml | 2 +- .../opensearch-simple-cluster/02-check.yaml | 10 +- .../opensearch-simple-cluster/03-delete.yaml | 2 +- .../projectvpc/projectvpc-ref/00-secret.yaml | 2 +- .../projectvpc-ref/01-resources.yaml | 3 - .../projectvpc/projectvpc-ref/02-check.yaml | 60 +- .../redis/redis-simple-cluster/00-secret.yaml | 2 +- .../redis/redis-simple-cluster/02-check.yaml | 10 +- .../redis/redis-simple-cluster/03-delete.yaml | 2 +- .../clickhouse-postgresql/00-secret.yaml | 2 +- .../02-check-services-running.yaml | 24 +- .../04-check-integration.yaml | 12 +- .../kafka-logs/00-secret.yaml | 2 +- .../kafka-logs/02-check-services-running.yaml | 26 +- .../kafka-logs/04-check-topic.yaml | 34 +- .../kafka-logs/05-delete.yaml | 2 +- 217 files changed, 23972 insertions(+), 22177 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 069e4e90..3823c1c3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -64,4 +64,4 @@ jobs: - uses: BetaHuhn/repo-file-sync-action@v1 with: GH_PAT: ${{ secrets.AIVEN_CI_PAT__VALID_WHILE_ALEKS_IS_EMPLOYED }} - COMMIT_PREFIX: 'chore:' + COMMIT_PREFIX: "chore:" diff --git a/CHANGELOG.md b/CHANGELOG.md index dbafefd7..1da210b2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,10 +7,10 @@ ## v0.16.1 - 2023-12-15 -- Check VPC for running services before deletion. Prevents VPC from hanging in the DELETING state +- Check VPC for running services before deletion. Prevents VPC from hanging in the DELETING state - Expose `KAFKA_SCHEMA_REGISTRY_URI` and `KAFKA_REST_URI` to `Kafka` secret - Expose `CONNECTIONPOOL_NAME` in `ConnectionPool` secret -- Fix `CONNECTIONPOOL_PORT` exposes service port instead of pool port +- Fix `CONNECTIONPOOL_PORT` exposes service port instead of pool port - Fix `SERVICEUSER_PORT` when `sasl` is the only authentication method - Change `PostgreSQL` field `userConfig.pg_qualstats.enabled`: deprecated - Change `PostgreSQL` field `userConfig.pg_qualstats.min_err_estimate_num`: deprecated @@ -21,7 +21,7 @@ ## v0.16.0 - 2023-12-07 - Set conditions on errors: `Preconditions`, `CreateOrUpdate`, `Delete`. Thanks to @atarax -- Fix object updates lost when reconciler exits before the object is committed +- Fix object updates lost when reconciler exits before the object is committed - Add `Kafka` field `userConfig.kafka.transaction_partition_verification_enable`, type `boolean`: Enable verification that checks that the partition has been added to the transaction before writing transactional records to the partition @@ -53,7 +53,7 @@ - Upgrade to Go 1.21 - Add option to orphan resources. Thanks to @atarax -- Fix `ServiceIntegration`: do not send empty user config to the API +- Fix `ServiceIntegration`: do not send empty user config to the API - Add a format for `string` type fields to the documentation - Generate CRDs changelog - Add `Clickhouse` field `userConfig.private_access.clickhouse_mysql`, type `boolean`: Allow clients @@ -76,7 +76,7 @@ - Add `Kafka` field `userConfig.kafka.sasl_oauthbearer_sub_claim_name`, type `string`: Name of the scope from which to extract the subject claim from the JWT. Defaults to sub - Change `Kafka` field `userConfig.kafka_version`: enum ~~`[3.1, 3.3, 3.4, 3.5]`~~ → `[3.1, 3.3, 3.4, - 3.5, 3.6]` +3.5, 3.6]` - Change `Kafka` field `userConfig.tiered_storage.local_cache.size`: deprecated - Add `OpenSearch` field `userConfig.opensearch.indices_memory_max_index_buffer_size`, type `integer`: Absolute value. Default is unbound. Doesn't work without indices.memory.index_buffer_size @@ -110,7 +110,7 @@ - Add `Kafka` spec property `scheduled_rebalance_max_delay_ms` - Mark deprecated `Kafka` spec property `remote_log_storage_system_enable` - Add `KafkaConnect` spec property `scheduled_rebalance_max_delay_ms` -- Add `OpenSearch` spec property `openid` +- Add `OpenSearch` spec property `openid` - Use updated go client with enhanced retries ## v0.12.3 - 2023-07-13 @@ -139,7 +139,6 @@ - Add `OpenSearch.spec.userConfig.idp_pemtrustedcas_content` option. Specifies the PEM-encoded root certificate authority (CA) content for the SAML identity provider (IdP) server verification. - ## v0.11.0 - 2023-04-25 - Add `ServiceIntegration` kind `SourceProjectName` and `DestinationProjectName` fields @@ -165,9 +164,9 @@ - Add Kafka `log_cleaner_min_cleanable_ratio` minimum and maximum validation rules - Remove Kafka version `3.2`, reached EOL - Remove PostgreSQL version `10`, reached EOL -- Explicitly delete `ProjectVPC` by `ID` to avoid conflicts +- Explicitly delete `ProjectVPC` by `ID` to avoid conflicts - Speed up `ProjectVPC` deletion by exiting on `DELETING` status -- Fix missing RBAC permissions to update finalizers for various controllers +- Fix missing RBAC permissions to update finalizers for various controllers - Refactor `ClickhouseUser` controller - Mark `ClickhouseUser.spec.project` and `ClickhouseUser.spec.serviceName` as immutable - Remove deprecated service integration type `signalfx` @@ -206,7 +205,7 @@ as native [CRD validation rules](https://kubernetes.io/blog/2022/09/23/crd-valid - Add Cassandra Kind - Add Grafana Kind -- Recreate Kafka ACL if modified. +- Recreate Kafka ACL if modified. Note: Modification of ACL created prior to v0.5.1 won't delete existing instance at Aiven. It must be deleted manually. - Fix MySQL webhook @@ -216,7 +215,7 @@ as native [CRD validation rules](https://kubernetes.io/blog/2022/09/23/crd-valid - Remove `never` from choices of maintenance dow - Add `development` flag to configure logger's behavior - Add user config generator (see `make generate-user-configs`) -- Add `genericServiceHandler` to generalize service management +- Add `genericServiceHandler` to generalize service management - Add MySQL Kind ## v0.5.2 - 2022-12-09 @@ -246,23 +245,29 @@ as native [CRD validation rules](https://kubernetes.io/blog/2022/09/23/crd-valid ## v0.2.0 - 2021-11-17 features: -* add Redis CRD + +- add Redis CRD improvements: -* watch CRDs to reconcile token secrets + +- watch CRDs to reconcile token secrets fixes: -* fix RBACs of KafkaACL CRD + +- fix RBACs of KafkaACL CRD ## v0.1.1 - 2021-09-13 improvements: -* update helm installation docs + +- update helm installation docs fixes: -* fix typo in a kafka-connector kuttl test + +- fix typo in a kafka-connector kuttl test ## v0.1.0 - 2021-09-10 features: -* initial release + +- initial release diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index c08a5524..a1f72992 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -17,23 +17,23 @@ diverse, inclusive, and healthy community. Examples of behavior that contributes to a positive environment for our community include: -* Demonstrating empathy and kindness toward other people -* Being respectful of differing opinions, viewpoints, and experiences -* Giving and gracefully accepting constructive feedback -* Accepting responsibility and apologizing to those affected by our mistakes, +- Demonstrating empathy and kindness toward other people +- Being respectful of differing opinions, viewpoints, and experiences +- Giving and gracefully accepting constructive feedback +- Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience -* Focusing on what is best not just for us as individuals, but for the +- Focusing on what is best not just for us as individuals, but for the overall community Examples of unacceptable behavior include: -* The use of sexualized language or imagery, and sexual attention or +- The use of sexualized language or imagery, and sexual attention or advances of any kind -* Trolling, insulting or derogatory comments, and personal or political attacks -* Public or private harassment -* Publishing others' private information, such as a physical or email +- Trolling, insulting or derogatory comments, and personal or political attacks +- Public or private harassment +- Publishing others' private information, such as a physical or email address, without their explicit permission -* Other conduct which could reasonably be considered inappropriate in a +- Other conduct which could reasonably be considered inappropriate in a professional setting ## Enforcement Responsibilities @@ -106,7 +106,7 @@ Violating these terms may lead to a permanent ban. ### 4. Permanent Ban **Community Impact**: Demonstrating a pattern of violation of community -standards, including sustained inappropriate behavior, harassment of an +standards, including sustained inappropriate behavior, harassment of an individual, or aggression toward or disparagement of classes of individuals. **Consequence**: A permanent ban from any sort of public interaction within diff --git a/README.md b/README.md index 1e0107d1..4d043e4b 100644 --- a/README.md +++ b/README.md @@ -1,21 +1,23 @@ # Aiven Operator + Provision and manage [Aiven Services](https://aiven.io/) from your Kubernetes cluster. See the full documentation [here](https://aiven.github.io/aiven-operator/). ## Installation -To install the Operator, please follow the [installation instructions](https://aiven.github.io/aiven-operator/installation/helm.html). +To install the Operator, please follow the [installation instructions](https://aiven.github.io/aiven-operator/installation/helm.html). ## Deploying PostgreSQL at Aiven + Now let's create a `PostgreSQL` resource with the following YAML – please fill in your project name under in the `project` field: + ```yaml apiVersion: aiven.io/v1alpha1 kind: PostgreSQL metadata: name: aiven-pg spec: - # reads the authentication token authSecretRef: name: aiven-token @@ -31,26 +33,31 @@ spec: maintenanceWindowDow: friday maintenanceWindowTime: 23:00:00 userConfig: - pg_version: '15' + pg_version: "15" ``` Watch the resource being created and wait until its status is `RUNNING`: + ```bash $ watch kubectl get postgresql.aiven.io aiven-pg ``` After created, the Operator will create a Kubernetes Secret containing the PostgreSQL connection information: + ```bash $ kubectl describe secret pg-connection ``` Use the following [jq](https://github.com/stedolan/jq) command to decode the Secret: + ```bash $ kubectl get secret pg-connection -o json | jq '.data | map_values(@base64d)' ``` ## Connecting to PostgreSQL + Let's run a `psql` command to test the database connection using the generated Secret: + ```yaml apiVersion: v1 kind: Pod @@ -61,23 +68,26 @@ spec: containers: - image: postgres:11 name: postgres - command: ['psql', '$(DATABASE_URI)', '-c', 'SELECT version();'] + command: ["psql", "$(DATABASE_URI)", "-c", "SELECT version();"] envFrom: - - secretRef: - name: pg-connection + - secretRef: + name: pg-connection ``` The Pod should the PostgreSQL version. You can verify with the following command: + ```bash $ kubectl logs psql-test-connection - version + version --------------------------------------------------------------------------------------------- PostgreSQL 11.12 on x86_64-pc-linux-gnu, compiled by gcc, a 68c5366192 p 6b9244f01a, 64-bit (1 row) ``` ## Contributing + We welcome and encourage contributions to this project. Please take a look at our [Contribution guide line](https://aiven.github.io/aiven-operator/contributing/index.html). ## License + [Apache 2](LICENSE). diff --git a/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml b/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml index b92c2e97..c77cf9c8 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml @@ -15,381 +15,417 @@ spec: singular: cassandra scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Cassandra is the Schema for the cassandras API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CassandraSpec defines the desired state of Cassandra - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CASSANDRA_HOST`, `CASSANDRA_PORT`, `CASSANDRA_USER`, `CASSANDRA_PASSWORD`, - `CASSANDRA_URI`, `CASSANDRA_HOSTS`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Cassandra is the Schema for the cassandras API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: CassandraSpec defines the desired state of Cassandra + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Cassandra specific user configuration options - properties: - additional_backup_regions: - description: Deprecated. Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - backup_hour: - description: The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 - minimum: 0 - type: integer - cassandra: - description: cassandra configuration values - properties: - batch_size_fail_threshold_in_kb: - description: Fail any multiple-partition batch exceeding this - value. 50kb (10x warn threshold) by default. - maximum: 1000000 - minimum: 1 - type: integer - batch_size_warn_threshold_in_kb: - description: Log a warning message on any multiple-partition - batch size exceeding this value.5kb per batch by default.Caution - should be taken on increasing the size of this thresholdas - it can lead to node instability. - maximum: 1000000 - minimum: 1 - type: integer - datacenter: - description: Name of the datacenter to which nodes of this - service belong. Can be set only when creating the service. - maxLength: 128 + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CASSANDRA_HOST`, `CASSANDRA_PORT`, `CASSANDRA_USER`, `CASSANDRA_PASSWORD`, + `CASSANDRA_URI`, `CASSANDRA_HOSTS`" + properties: + annotations: + additionalProperties: type: string - type: object - cassandra_version: - description: Cassandra major version - enum: - - "4" - - "3" - type: string - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network + description: Annotations added to the secret type: object - maxItems: 1024 - type: array - migrate_sstableloader: - description: Sets the service into migration mode enabling the - sstableloader utility to be used to upload Cassandra data files. - Available only on service create. - type: boolean - private_access: - description: Allow access to selected service ports from private - networks - properties: - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - service_to_join_with: - description: When bootstrapping, instead of creating a new Cassandra - cluster try to join an existing one from another service. Can - only be set on service creation. - maxLength: 64 + tags: + additionalProperties: type: string - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Cassandra specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + additional_backup_regions: + description: Deprecated. Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + backup_hour: + description: + The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + backup_minute: + description: + The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + cassandra: + description: cassandra configuration values + properties: + batch_size_fail_threshold_in_kb: + description: + Fail any multiple-partition batch exceeding this + value. 50kb (10x warn threshold) by default. + maximum: 1000000 + minimum: 1 + type: integer + batch_size_warn_threshold_in_kb: + description: + Log a warning message on any multiple-partition + batch size exceeding this value.5kb per batch by default.Caution + should be taken on increasing the size of this thresholdas + it can lead to node instability. + maximum: 1000000 + minimum: 1 + type: integer + datacenter: + description: + Name of the datacenter to which nodes of this + service belong. Can be set only when creating the service. + maxLength: 128 + type: string + type: object + cassandra_version: + description: Cassandra major version enum: - - "True" - - "False" - - Unknown + - "4" + - "3" type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migrate_sstableloader: + description: + Sets the service into migration mode enabling the + sstableloader utility to be used to upload Cassandra data files. + Available only on service create. + type: boolean + private_access: + description: + Allow access to selected service ports from private + networks + properties: + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_to_join_with: + description: + When bootstrapping, instead of creating a new Cassandra + cluster try to join an existing one from another service. Can + only be set on service creation. + maxLength: 64 + type: string + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml b/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml index 6fbd5c4e..631948cd 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml @@ -15,360 +15,396 @@ spec: singular: clickhouse scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Clickhouse is the Schema for the clickhouses API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClickhouseSpec defines the desired state of Clickhouse - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Clickhouse is the Schema for the clickhouses API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ClickhouseSpec defines the desired state of Clickhouse + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: OpenSearch specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret type: object - maxItems: 1024 - type: array - private_access: - description: Allow access to selected service ports from private - networks - properties: - clickhouse: - description: Allow clients to connect to clickhouse with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - clickhouse_https: - description: Allow clients to connect to clickhouse_https - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - clickhouse_mysql: - description: Allow clients to connect to clickhouse_mysql - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - clickhouse: - description: Enable clickhouse - type: boolean - clickhouse_https: - description: Enable clickhouse_https - type: boolean - clickhouse_mysql: - description: Enable clickhouse_mysql - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - clickhouse: - description: Allow clients to connect to clickhouse from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - clickhouse_https: - description: Allow clients to connect to clickhouse_https - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - clickhouse_mysql: - description: Allow clients to connect to clickhouse_mysql - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: OpenSearch specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + private_access: + description: + Allow access to selected service ports from private + networks + properties: + clickhouse: + description: + Allow clients to connect to clickhouse with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + clickhouse_https: + description: + Allow clients to connect to clickhouse_https + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + clickhouse_mysql: + description: + Allow clients to connect to clickhouse_mysql + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + clickhouse: + description: Enable clickhouse + type: boolean + clickhouse_https: + description: Enable clickhouse_https + type: boolean + clickhouse_mysql: + description: Enable clickhouse_mysql + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + clickhouse: + description: + Allow clients to connect to clickhouse from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + clickhouse_https: + description: + Allow clients to connect to clickhouse_https + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + clickhouse_mysql: + description: + Allow clients to connect to clickhouse_mysql + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml b/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml index d28df3a9..87435b42 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_clickhouseusers.yaml @@ -15,179 +15,191 @@ spec: singular: clickhouseuser scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connInfoSecretTarget.name - name: Connection Information Secret - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ClickhouseUser is the Schema for the clickhouseusers API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClickhouseUserSpec defines the desired state of ClickhouseUser - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CLICKHOUSEUSER_HOST`, `CLICKHOUSEUSER_PORT`, `CLICKHOUSEUSER_USER`, - `CLICKHOUSEUSER_PASSWORD`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - project: - description: Project to link the user to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - serviceName: - description: Service to link the user to - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - project - - serviceName - type: object - status: - description: ClickhouseUserStatus defines the observed state of ClickhouseUser - properties: - conditions: - description: Conditions represent the latest available observations - of an ClickhouseUser state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connInfoSecretTarget.name + name: Connection Information Secret + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ClickhouseUser is the Schema for the clickhouseusers API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ClickhouseUserSpec defines the desired state of ClickhouseUser + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + key: + minLength: 1 type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + name: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + required: + - key + - name + type: object + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CLICKHOUSEUSER_HOST`, `CLICKHOUSEUSER_PORT`, `CLICKHOUSEUSER_USER`, + `CLICKHOUSEUSER_PASSWORD`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name type: object - type: array - uuid: - description: Clickhouse user UUID - type: string - required: - - conditions - - uuid - type: object - type: object - served: true - storage: true - subresources: - status: {} + project: + description: Project to link the user to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + serviceName: + description: Service to link the user to + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - project + - serviceName + type: object + status: + description: ClickhouseUserStatus defines the observed state of ClickhouseUser + properties: + conditions: + description: + Conditions represent the latest available observations + of an ClickhouseUser state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + uuid: + description: Clickhouse user UUID + type: string + required: + - conditions + - uuid + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml b/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml index f8b3d439..8c40c19c 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_connectionpools.yaml @@ -15,200 +15,213 @@ spec: singular: connectionpool scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.databaseName - name: Database - type: string - - jsonPath: .spec.username - name: Username - type: string - - jsonPath: .spec.poolSize - name: Pool Size - type: string - - jsonPath: .spec.poolMode - name: Pool Mode - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ConnectionPool is the Schema for the connectionpools API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConnectionPoolSpec defines the desired state of ConnectionPool - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CONNECTIONPOOL_NAME`, `CONNECTIONPOOL_HOST`, `CONNECTIONPOOL_PORT`, - `CONNECTIONPOOL_DATABASE`, `CONNECTIONPOOL_USER`, `CONNECTIONPOOL_PASSWORD`, - `CONNECTIONPOOL_SSLMODE`, `CONNECTIONPOOL_DATABASE_URI`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - databaseName: - description: Name of the database the pool connects to - maxLength: 40 - type: string - poolMode: - description: Mode the pool operates in (session, transaction, statement) - enum: - - session - - transaction - - statement - type: string - poolSize: - description: Number of connections the pool may create towards the - backend server - type: integer - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service name. - maxLength: 63 - type: string - username: - description: Name of the service user used to connect to the database - maxLength: 64 - type: string - required: - - databaseName - - project - - serviceName - - username - type: object - status: - description: ConnectionPoolStatus defines the observed state of ConnectionPool - properties: - conditions: - description: Conditions represent the latest available observations - of an ConnectionPool state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.databaseName + name: Database + type: string + - jsonPath: .spec.username + name: Username + type: string + - jsonPath: .spec.poolSize + name: Pool Size + type: string + - jsonPath: .spec.poolMode + name: Pool Mode + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ConnectionPool is the Schema for the connectionpools API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ConnectionPoolSpec defines the desired state of ConnectionPool + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + key: + minLength: 1 type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + name: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + required: + - key + - name + type: object + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CONNECTIONPOOL_NAME`, `CONNECTIONPOOL_HOST`, `CONNECTIONPOOL_PORT`, + `CONNECTIONPOOL_DATABASE`, `CONNECTIONPOOL_USER`, `CONNECTIONPOOL_PASSWORD`, + `CONNECTIONPOOL_SSLMODE`, `CONNECTIONPOOL_DATABASE_URI`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name type: object - type: array - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + databaseName: + description: Name of the database the pool connects to + maxLength: 40 + type: string + poolMode: + description: Mode the pool operates in (session, transaction, statement) + enum: + - session + - transaction + - statement + type: string + poolSize: + description: + Number of connections the pool may create towards the + backend server + type: integer + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service name. + maxLength: 63 + type: string + username: + description: Name of the service user used to connect to the database + maxLength: 64 + type: string + required: + - databaseName + - project + - serviceName + - username + type: object + status: + description: ConnectionPoolStatus defines the observed state of ConnectionPool + properties: + conditions: + description: + Conditions represent the latest available observations + of an ConnectionPool state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_databases.yaml b/charts/aiven-operator-crds/templates/aiven.io_databases.yaml index 8a25500c..eb5e09e0 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_databases.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_databases.yaml @@ -15,153 +15,165 @@ spec: singular: database scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Database is the Schema for the databases API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DatabaseSpec defines the desired state of Database - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - lcCollate: - description: 'Default string sort order (LC_COLLATE) of the database. - Default value: en_US.UTF-8' - maxLength: 128 - type: string - lcCtype: - description: 'Default character classification (LC_CTYPE) of the database. - Default value: en_US.UTF-8' - maxLength: 128 - type: string - project: - description: Project to link the database to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: PostgreSQL service to link the database to - maxLength: 63 - type: string - terminationProtection: - description: It is a Kubernetes side deletion protections, which prevents - the database from being deleted by Kubernetes. It is recommended - to enable this for any production databases containing critical - data. - type: boolean - required: - - project - - serviceName - type: object - status: - description: DatabaseStatus defines the observed state of Database - properties: - conditions: - description: Conditions represent the latest available observations - of an Database state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Database is the Schema for the databases API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: DatabaseSpec defines the desired state of Database + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + lcCollate: + description: + "Default string sort order (LC_COLLATE) of the database. + Default value: en_US.UTF-8" + maxLength: 128 + type: string + lcCtype: + description: + "Default character classification (LC_CTYPE) of the database. + Default value: en_US.UTF-8" + maxLength: 128 + type: string + project: + description: Project to link the database to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: PostgreSQL service to link the database to + maxLength: 63 + type: string + terminationProtection: + description: + It is a Kubernetes side deletion protections, which prevents + the database from being deleted by Kubernetes. It is recommended + to enable this for any production databases containing critical + data. + type: boolean + required: + - project + - serviceName + type: object + status: + description: DatabaseStatus defines the observed state of Database + properties: + conditions: + description: + Conditions represent the latest available observations + of an Database state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml b/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml index 7a9247f9..17a7362e 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml @@ -15,799 +15,869 @@ spec: singular: grafana scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Grafana is the Schema for the grafanas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: GrafanaSpec defines the desired state of Grafana - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, - `GRAFANA_URI`, `GRAFANA_HOSTS`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Grafana is the Schema for the grafanas API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: GrafanaSpec defines the desired state of Grafana + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Cassandra specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - alerting_enabled: - description: Enable or disable Grafana legacy alerting functionality. - This should not be enabled with unified_alerting_enabled. - type: boolean - alerting_error_or_timeout: - description: Default error or timeout setting for new alerting - rules - enum: - - alerting - - keep_state - type: string - alerting_max_annotations_to_keep: - description: Max number of alert annotations that Grafana stores. - 0 (default) keeps all alert annotations. - maximum: 1000000 - minimum: 0 - type: integer - alerting_nodata_or_nullvalues: - description: Default value for 'no data or null values' for new - alerting rules - enum: - - alerting - - no_data - - keep_state - - ok - type: string - allow_embedding: - description: Allow embedding Grafana dashboards with iframe/frame/object/embed - tags. Disabled by default to limit impact of clickjacking - type: boolean - auth_azuread: - description: Azure AD OAuth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Allowed domains - items: - type: string - maxItems: 50 - type: array - allowed_groups: - description: Require users to belong to one of given groups - items: - type: string - maxItems: 50 - type: array - auth_url: - description: Authorization URL - maxLength: 2048 - type: string - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - token_url: - description: Token URL - maxLength: 2048 - type: string - required: - - auth_url - - client_id - - client_secret - - token_url - type: object - auth_basic_enabled: - description: Enable or disable basic authentication form, used - by Grafana built-in login - type: boolean - auth_generic_oauth: - description: Generic OAuth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Allowed domains - items: - type: string - maxItems: 50 - type: array - allowed_organizations: - description: Require user to be member of one of the listed - organizations - items: - type: string - maxItems: 50 - type: array - api_url: - description: API URL - maxLength: 2048 - type: string - auth_url: - description: Authorization URL - maxLength: 2048 - type: string - auto_login: - description: Allow users to bypass the login screen and automatically - log in - type: boolean - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - name: - description: Name of the OAuth integration - maxLength: 128 - pattern: ^[a-zA-Z0-9_\- ]+$ - type: string - scopes: - description: OAuth scopes - items: - type: string - maxItems: 50 - type: array - token_url: - description: Token URL - maxLength: 2048 - type: string - required: - - api_url - - auth_url - - client_id - - client_secret - - token_url - type: object - auth_github: - description: Github Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_organizations: - description: Require users to belong to one of given organizations - items: - type: string - maxItems: 50 - type: array - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - team_ids: - description: Require users to belong to one of given team - IDs - items: - type: integer - maxItems: 50 - type: array - required: - - client_id - - client_secret - type: object - auth_gitlab: - description: GitLab Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_groups: - description: Require users to belong to one of given groups - items: - type: string - maxItems: 50 - type: array - api_url: - description: API URL. This only needs to be set when using - self hosted GitLab - maxLength: 2048 - type: string - auth_url: - description: Authorization URL. This only needs to be set - when using self hosted GitLab - maxLength: 2048 - type: string - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - token_url: - description: Token URL. This only needs to be set when using - self hosted GitLab - maxLength: 2048 - type: string - required: - - allowed_groups - - client_id - - client_secret - type: object - auth_google: - description: Google Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Domains allowed to sign-in to this Grafana - items: - type: string - maxItems: 64 - type: array - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - required: - - allowed_domains - - client_id - - client_secret - type: object - cookie_samesite: - description: 'Cookie SameSite attribute: ''strict'' prevents sending - cookie for cross-site requests, effectively disabling direct - linking from other sites to Grafana. ''lax'' is the default - value.' - enum: - - lax - - strict - - none - type: string - custom_domain: - description: Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 - type: string - dashboard_previews_enabled: - description: This feature is new in Grafana 9 and is quite resource - intensive. It may cause low-end plans to work more slowly while - the dashboard previews are rendering. - type: boolean - dashboards_min_refresh_interval: - description: Signed sequence of decimal numbers, followed by a - unit suffix (ms, s, m, h, d), e.g. 30s, 1h - maxLength: 16 - pattern: ^[0-9]+(ms|s|m|h|d)$ - type: string - dashboards_versions_to_keep: - description: Dashboard versions to keep per dashboard - maximum: 100 - minimum: 1 - type: integer - dataproxy_send_user_header: - description: Send 'X-Grafana-User' header to data source - type: boolean - dataproxy_timeout: - description: Timeout for data proxy requests in seconds - maximum: 90 - minimum: 15 - type: integer - date_formats: - description: Grafana date format specifications - properties: - default_timezone: - description: Default time zone for user preferences. Value - 'browser' uses browser local time zone. - maxLength: 64 - pattern: (?i)^([a-zA-Z_]+/){1,2}[a-zA-Z_-]+$|^(Etc/)?(UTC|GMT)([+-](\d){1,2})?$|^(Factory)$|^(browser)$ - type: string - full_date: - description: Moment.js style format string for cases where - full date is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_day: - description: Moment.js style format string used when a time - requiring day accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_hour: - description: Moment.js style format string used when a time - requiring hour accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_minute: - description: Moment.js style format string used when a time - requiring minute accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_month: - description: Moment.js style format string used when a time - requiring month accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_second: - description: Moment.js style format string used when a time - requiring second accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, + `GRAFANA_URI`, `GRAFANA_HOSTS`" + properties: + annotations: + additionalProperties: type: string - interval_year: - description: Moment.js style format string used when a time - requiring year accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - type: object - disable_gravatar: - description: Set to true to disable gravatar. Defaults to false - (gravatar is enabled) - type: boolean - editors_can_admin: - description: Editors can manage folders, teams and dashboards - created by them - type: boolean - external_image_storage: - description: External image store settings + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - access_key: - description: S3 access key. Requires permissions to the S3 - bucket for the s3:PutObject and s3:PutObjectAcl actions - maxLength: 4096 - pattern: ^[A-Z0-9]+$ - type: string - bucket_url: - description: Bucket URL for S3 - maxLength: 2048 - type: string - provider: - description: Provider type + integrationType: enum: - - s3 + - read_replica type: string - secret_key: - description: S3 secret key - maxLength: 4096 - pattern: ^[A-Za-z0-9/+=]+$ + sourceServiceName: + maxLength: 64 + minLength: 1 type: string required: - - access_key - - bucket_url - - provider - - secret_key + - integrationType + - sourceServiceName type: object - google_analytics_ua_id: - description: Google Analytics ID - maxLength: 64 - pattern: ^(G|UA|YT|MO)-[a-zA-Z0-9-]+$ + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Cassandra specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + alerting_enabled: + description: + Enable or disable Grafana legacy alerting functionality. + This should not be enabled with unified_alerting_enabled. + type: boolean + alerting_error_or_timeout: + description: + Default error or timeout setting for new alerting + rules + enum: + - alerting + - keep_state + type: string + alerting_max_annotations_to_keep: + description: + Max number of alert annotations that Grafana stores. + 0 (default) keeps all alert annotations. + maximum: 1000000 + minimum: 0 + type: integer + alerting_nodata_or_nullvalues: + description: + Default value for 'no data or null values' for new + alerting rules + enum: + - alerting + - no_data + - keep_state + - ok + type: string + allow_embedding: + description: + Allow embedding Grafana dashboards with iframe/frame/object/embed + tags. Disabled by default to limit impact of clickjacking + type: boolean + auth_azuread: + description: Azure AD OAuth integration properties: - description: - description: Description for IP filter list entry + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Allowed domains + items: + type: string + maxItems: 50 + type: array + allowed_groups: + description: Require users to belong to one of given groups + items: + type: string + maxItems: 50 + type: array + auth_url: + description: Authorization URL + maxLength: 2048 + type: string + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider maxLength: 1024 + pattern: ^[\040-\176]+$ type: string - network: - description: CIDR address block - maxLength: 43 + token_url: + description: Token URL + maxLength: 2048 type: string required: - - network + - auth_url + - client_id + - client_secret + - token_url type: object - maxItems: 1024 - type: array - metrics_enabled: - description: Enable Grafana /metrics endpoint - type: boolean - oauth_allow_insecure_email_lookup: - description: Enforce user lookup based on email instead of the - unique ID provided by the IdP - type: boolean - private_access: - description: Allow access to selected service ports from private - networks - properties: - grafana: - description: Allow clients to connect to grafana with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - grafana: - description: Enable grafana - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - grafana: - description: Allow clients to connect to grafana from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ - type: string - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - smtp_server: - description: SMTP server settings + auth_basic_enabled: + description: + Enable or disable basic authentication form, used + by Grafana built-in login + type: boolean + auth_generic_oauth: + description: Generic OAuth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Allowed domains + items: + type: string + maxItems: 50 + type: array + allowed_organizations: + description: + Require user to be member of one of the listed + organizations + items: + type: string + maxItems: 50 + type: array + api_url: + description: API URL + maxLength: 2048 + type: string + auth_url: + description: Authorization URL + maxLength: 2048 + type: string + auto_login: + description: + Allow users to bypass the login screen and automatically + log in + type: boolean + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + name: + description: Name of the OAuth integration + maxLength: 128 + pattern: ^[a-zA-Z0-9_\- ]+$ + type: string + scopes: + description: OAuth scopes + items: + type: string + maxItems: 50 + type: array + token_url: + description: Token URL + maxLength: 2048 + type: string + required: + - api_url + - auth_url + - client_id + - client_secret + - token_url + type: object + auth_github: + description: Github Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_organizations: + description: Require users to belong to one of given organizations + items: + type: string + maxItems: 50 + type: array + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + team_ids: + description: + Require users to belong to one of given team + IDs + items: + type: integer + maxItems: 50 + type: array + required: + - client_id + - client_secret + type: object + auth_gitlab: + description: GitLab Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_groups: + description: Require users to belong to one of given groups + items: + type: string + maxItems: 50 + type: array + api_url: + description: + API URL. This only needs to be set when using + self hosted GitLab + maxLength: 2048 + type: string + auth_url: + description: + Authorization URL. This only needs to be set + when using self hosted GitLab + maxLength: 2048 + type: string + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + token_url: + description: + Token URL. This only needs to be set when using + self hosted GitLab + maxLength: 2048 + type: string + required: + - allowed_groups + - client_id + - client_secret + type: object + auth_google: + description: Google Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Domains allowed to sign-in to this Grafana + items: + type: string + maxItems: 64 + type: array + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + required: + - allowed_domains + - client_id + - client_secret + type: object + cookie_samesite: + description: + "Cookie SameSite attribute: 'strict' prevents sending + cookie for cross-site requests, effectively disabling direct + linking from other sites to Grafana. 'lax' is the default + value." + enum: + - lax + - strict + - none + type: string + custom_domain: + description: + Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + dashboard_previews_enabled: + description: + This feature is new in Grafana 9 and is quite resource + intensive. It may cause low-end plans to work more slowly while + the dashboard previews are rendering. + type: boolean + dashboards_min_refresh_interval: + description: + Signed sequence of decimal numbers, followed by a + unit suffix (ms, s, m, h, d), e.g. 30s, 1h + maxLength: 16 + pattern: ^[0-9]+(ms|s|m|h|d)$ + type: string + dashboards_versions_to_keep: + description: Dashboard versions to keep per dashboard + maximum: 100 + minimum: 1 + type: integer + dataproxy_send_user_header: + description: Send 'X-Grafana-User' header to data source + type: boolean + dataproxy_timeout: + description: Timeout for data proxy requests in seconds + maximum: 90 + minimum: 15 + type: integer + date_formats: + description: Grafana date format specifications + properties: + default_timezone: + description: + Default time zone for user preferences. Value + 'browser' uses browser local time zone. + maxLength: 64 + pattern: (?i)^([a-zA-Z_]+/){1,2}[a-zA-Z_-]+$|^(Etc/)?(UTC|GMT)([+-](\d){1,2})?$|^(Factory)$|^(browser)$ + type: string + full_date: + description: + Moment.js style format string for cases where + full date is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_day: + description: + Moment.js style format string used when a time + requiring day accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_hour: + description: + Moment.js style format string used when a time + requiring hour accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_minute: + description: + Moment.js style format string used when a time + requiring minute accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_month: + description: + Moment.js style format string used when a time + requiring month accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_second: + description: + Moment.js style format string used when a time + requiring second accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_year: + description: + Moment.js style format string used when a time + requiring year accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + type: object + disable_gravatar: + description: + Set to true to disable gravatar. Defaults to false + (gravatar is enabled) + type: boolean + editors_can_admin: + description: + Editors can manage folders, teams and dashboards + created by them + type: boolean + external_image_storage: + description: External image store settings + properties: + access_key: + description: + S3 access key. Requires permissions to the S3 + bucket for the s3:PutObject and s3:PutObjectAcl actions + maxLength: 4096 + pattern: ^[A-Z0-9]+$ + type: string + bucket_url: + description: Bucket URL for S3 + maxLength: 2048 + type: string + provider: + description: Provider type + enum: + - s3 + type: string + secret_key: + description: S3 secret key + maxLength: 4096 + pattern: ^[A-Za-z0-9/+=]+$ + type: string + required: + - access_key + - bucket_url + - provider + - secret_key + type: object + google_analytics_ua_id: + description: Google Analytics ID + maxLength: 64 + pattern: ^(G|UA|YT|MO)-[a-zA-Z0-9-]+$ + type: string + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + metrics_enabled: + description: Enable Grafana /metrics endpoint + type: boolean + oauth_allow_insecure_email_lookup: + description: + Enforce user lookup based on email instead of the + unique ID provided by the IdP + type: boolean + private_access: + description: + Allow access to selected service ports from private + networks + properties: + grafana: + description: + Allow clients to connect to grafana with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + grafana: + description: Enable grafana + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + grafana: + description: + Allow clients to connect to grafana from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ + type: string + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + smtp_server: + description: SMTP server settings + properties: + from_address: + description: Address used for sending emails + maxLength: 319 + pattern: ^[A-Za-z0-9_\-\.+\'&]+@(([\da-zA-Z])([_\w-]{,62})\.){,127}(([\da-zA-Z])[_\w-]{,61})?([\da-zA-Z]\.((xn\-\-[a-zA-Z\d]+)|([a-zA-Z\d]{2,})))$ + type: string + from_name: + description: Name used in outgoing emails, defaults to Grafana + maxLength: 128 + pattern: ^[^\x00-\x1F]+$ + type: string + host: + description: Server hostname or IP + maxLength: 255 + type: string + password: + description: Password for SMTP authentication + maxLength: 255 + pattern: ^[^\x00-\x1F]+$ + type: string + port: + description: SMTP server port + maximum: 65535 + minimum: 1 + type: integer + skip_verify: + description: + Skip verifying server certificate. Defaults to + false + type: boolean + starttls_policy: + description: + Either OpportunisticStartTLS, MandatoryStartTLS + or NoStartTLS. Default is OpportunisticStartTLS. + enum: + - OpportunisticStartTLS + - MandatoryStartTLS + - NoStartTLS + type: string + username: + description: Username for SMTP authentication + maxLength: 255 + pattern: ^[^\x00-\x1F]+$ + type: string + required: + - from_address + - host + - port + type: object + static_ips: + description: Use static public IP addresses + type: boolean + unified_alerting_enabled: + description: + Enable or disable Grafana unified alerting functionality. + By default this is enabled and any legacy alerts will be migrated + on upgrade to Grafana 9+. To stay on legacy alerting, set unified_alerting_enabled + to false and alerting_enabled to true. See https://grafana.com/docs/grafana/latest/alerting/set-up/migrating-alerts/ + for more details. + type: boolean + user_auto_assign_org: + description: + Auto-assign new users on signup to main organization. + Defaults to false + type: boolean + user_auto_assign_org_role: + description: Set role for new signups. Defaults to Viewer + enum: + - Viewer + - Admin + - Editor + type: string + viewers_can_edit: + description: + Users with view-only permission can edit but not + save dashboards + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - from_address: - description: Address used for sending emails - maxLength: 319 - pattern: ^[A-Za-z0-9_\-\.+\'&]+@(([\da-zA-Z])([_\w-]{,62})\.){,127}(([\da-zA-Z])[_\w-]{,61})?([\da-zA-Z]\.((xn\-\-[a-zA-Z\d]+)|([a-zA-Z\d]{2,})))$ - type: string - from_name: - description: Name used in outgoing emails, defaults to Grafana - maxLength: 128 - pattern: ^[^\x00-\x1F]+$ - type: string - host: - description: Server hostname or IP - maxLength: 255 + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - password: - description: Password for SMTP authentication - maxLength: 255 - pattern: ^[^\x00-\x1F]+$ + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - port: - description: SMTP server port - maximum: 65535 - minimum: 1 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 type: integer - skip_verify: - description: Skip verifying server certificate. Defaults to - false - type: boolean - starttls_policy: - description: Either OpportunisticStartTLS, MandatoryStartTLS - or NoStartTLS. Default is OpportunisticStartTLS. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. enum: - - OpportunisticStartTLS - - MandatoryStartTLS - - NoStartTLS + - "True" + - "False" + - Unknown type: string - username: - description: Username for SMTP authentication - maxLength: 255 - pattern: ^[^\x00-\x1F]+$ + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - from_address - - host - - port + - lastTransitionTime + - message + - reason + - status + - type type: object - static_ips: - description: Use static public IP addresses - type: boolean - unified_alerting_enabled: - description: Enable or disable Grafana unified alerting functionality. - By default this is enabled and any legacy alerts will be migrated - on upgrade to Grafana 9+. To stay on legacy alerting, set unified_alerting_enabled - to false and alerting_enabled to true. See https://grafana.com/docs/grafana/latest/alerting/set-up/migrating-alerts/ - for more details. - type: boolean - user_auto_assign_org: - description: Auto-assign new users on signup to main organization. - Defaults to false - type: boolean - user_auto_assign_org_role: - description: Set role for new signups. Defaults to Viewer - enum: - - Viewer - - Admin - - Editor - type: string - viewers_can_edit: - description: Users with view-only permission can edit but not - save dashboards - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkaacls.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkaacls.yaml index 30e2e2b5..6f031472 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkaacls.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkaacls.yaml @@ -15,167 +15,176 @@ spec: singular: kafkaacl scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.username - name: Username - type: string - - jsonPath: .spec.permission - name: Permission - type: string - - jsonPath: .spec.topic - name: Topic - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaACL is the Schema for the kafkaacls API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaACLSpec defines the desired state of KafkaACL - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - permission: - description: Kafka permission to grant (admin, read, readwrite, write) - enum: - - admin - - read - - readwrite - - write - type: string - project: - description: Project to link the Kafka ACL to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service to link the Kafka ACL to - maxLength: 63 - type: string - topic: - description: Topic name pattern for the ACL entry - type: string - username: - description: Username pattern for the ACL entry - type: string - required: - - permission - - project - - serviceName - - topic - - username - type: object - status: - description: KafkaACLStatus defines the observed state of KafkaACL - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaACL state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.username + name: Username + type: string + - jsonPath: .spec.permission + name: Permission + type: string + - jsonPath: .spec.topic + name: Topic + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaACL is the Schema for the kafkaacls API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaACLSpec defines the desired state of KafkaACL + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - id: - description: Kafka ACL ID - type: string - required: - - conditions - - id - type: object - type: object - served: true - storage: true - subresources: - status: {} + permission: + description: Kafka permission to grant (admin, read, readwrite, write) + enum: + - admin + - read + - readwrite + - write + type: string + project: + description: Project to link the Kafka ACL to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service to link the Kafka ACL to + maxLength: 63 + type: string + topic: + description: Topic name pattern for the ACL entry + type: string + username: + description: Username pattern for the ACL entry + type: string + required: + - permission + - project + - serviceName + - topic + - username + type: object + status: + description: KafkaACLStatus defines the observed state of KafkaACL + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaACL state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + id: + description: Kafka ACL ID + type: string + required: + - conditions + - id + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkaconnectors.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkaconnectors.yaml index 2058658f..91871b0b 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkaconnectors.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkaconnectors.yaml @@ -15,212 +15,223 @@ spec: singular: kafkaconnector scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connectorClass - name: Connector Class - type: string - - jsonPath: .status.state - name: State - type: string - - jsonPath: .status.tasksStatus.total - name: Tasks Total - type: integer - - jsonPath: .status.tasksStatus.running - name: Tasks Running - type: integer - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaConnector is the Schema for the kafkaconnectors API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaConnectorSpec defines the desired state of KafkaConnector - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connectorClass: - description: The Java class of the connector. - maxLength: 1024 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service name. - maxLength: 63 - type: string - userConfig: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connectorClass + name: Connector Class + type: string + - jsonPath: .status.state + name: State + type: string + - jsonPath: .status.tasksStatus.total + name: Tasks Total + type: integer + - jsonPath: .status.tasksStatus.running + name: Tasks Running + type: integer + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaConnector is the Schema for the kafkaconnectors API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaConnectorSpec defines the desired state of KafkaConnector + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + connectorClass: + description: The Java class of the connector. + maxLength: 1024 type: string - description: The connector specific configuration To build config - values from secret the template function {{`{{ fromSecret "name" "key" - }}`}} is provided when interpreting the keys - type: object - required: - - connectorClass - - project - - serviceName - - userConfig - type: object - status: - description: KafkaConnectorStatus defines the observed state of KafkaConnector - properties: - conditions: - description: Conditions represent the latest available observations - of an kafka connector state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service name. + maxLength: 63 + type: string + userConfig: + additionalProperties: + type: string + description: + The connector specific configuration To build config + values from secret the template function {{`{{ fromSecret "name" "key" + }}`}} is provided when interpreting the keys + type: object + required: + - connectorClass + - project + - serviceName + - userConfig + type: object + status: + description: KafkaConnectorStatus defines the observed state of KafkaConnector + properties: + conditions: + description: + Conditions represent the latest available observations + of an kafka connector state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + pluginStatus: + description: + PluginStatus contains metadata about the configured connector + plugin properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + author: type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + class: type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + docUrl: type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + title: type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + version: type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - author + - class + - docUrl + - title + - type + - version type: object - type: array - pluginStatus: - description: PluginStatus contains metadata about the configured connector - plugin - properties: - author: - type: string - class: - type: string - docUrl: - type: string - title: - type: string - type: - type: string - version: - type: string - required: - - author - - class - - docUrl - - title - - type - - version - type: object - state: - description: Connector state - type: string - tasksStatus: - description: TasksStatus contains metadata about the running tasks - properties: - failed: - type: integer - paused: - type: integer - running: - type: integer - stackTrace: - type: string - total: - type: integer - unassigned: - type: integer - unknown: - type: integer - required: - - total - type: object - required: - - conditions - - pluginStatus - - state - - tasksStatus - type: object - type: object - served: true - storage: true - subresources: - status: {} + state: + description: Connector state + type: string + tasksStatus: + description: TasksStatus contains metadata about the running tasks + properties: + failed: + type: integer + paused: + type: integer + running: + type: integer + stackTrace: + type: string + total: + type: integer + unassigned: + type: integer + unknown: + type: integer + required: + - total + type: object + required: + - conditions + - pluginStatus + - state + - tasksStatus + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkaconnects.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkaconnects.yaml index 2abf81ff..8ff70dac 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkaconnects.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkaconnects.yaml @@ -15,426 +15,468 @@ spec: singular: kafkaconnect scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaConnect is the Schema for the kafkaconnects API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaConnectSpec defines the desired state of KafkaConnect - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaConnect is the Schema for the kafkaconnects API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaConnectSpec defines the desired state of KafkaConnect + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: KafkaConnect specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 type: string - maxItems: 1 - type: array - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + properties: + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName + type: object + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: KafkaConnect specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: description: - description: Description for IP filter list entry - maxLength: 1024 + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + kafka_connect: + description: Kafka Connect configuration values + properties: + connector_client_config_override_policy: + description: + Defines what client configurations can be overridden + by the connector. Default is None + enum: + - None + - All + type: string + consumer_auto_offset_reset: + description: + What to do when there is no initial offset in + Kafka or if the current offset does not exist any more on + the server. Default is earliest + enum: + - earliest + - latest type: string - network: - description: CIDR address block - maxLength: 43 + consumer_fetch_max_bytes: + description: + Records are fetched in batches by the consumer, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that the consumer can make + progress. As such, this is not a absolute maximum. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_isolation_level: + description: + Transaction read isolation level. read_uncommitted + is the default, but read_committed can be used if consume-exactly-once + behavior is desired. + enum: + - read_uncommitted + - read_committed type: string - required: - - network + consumer_max_partition_fetch_bytes: + description: + Records are fetched in batches by the consumer.If + the first record batch in the first non-empty partition + of the fetch is larger than this limit, the batch will still + be returned to ensure that the consumer can make progress. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_max_poll_interval_ms: + description: + The maximum delay in milliseconds between invocations + of poll() when using consumer group management (defaults + to 300000). + maximum: 2147483647 + minimum: 1 + type: integer + consumer_max_poll_records: + description: + The maximum number of records returned in a single + call to poll() (defaults to 500). + maximum: 10000 + minimum: 1 + type: integer + offset_flush_interval_ms: + description: + The interval at which to try committing offsets + for tasks (defaults to 60000). + maximum: 100000000 + minimum: 1 + type: integer + offset_flush_timeout_ms: + description: + Maximum number of milliseconds to wait for records + to flush and partition offset data to be committed to offset + storage before cancelling the process and restoring the + offset data to be committed in a future attempt (defaults + to 5000). + maximum: 2147483647 + minimum: 1 + type: integer + producer_batch_size: + description: + This setting gives the upper bound of the batch + size to be sent. If there are fewer than this many bytes + accumulated for this partition, the producer will 'linger' + for the linger.ms time waiting for more records to show + up. A batch size of zero will disable batching entirely + (defaults to 16384). + maximum: 5242880 + minimum: 0 + type: integer + producer_buffer_memory: + description: + The total bytes of memory the producer can use + to buffer records waiting to be sent to the broker (defaults + to 33554432). + maximum: 134217728 + minimum: 5242880 + type: integer + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: + "This setting gives the upper bound on the delay + for batching: once there is batch.size worth of records + for a partition it will be sent immediately regardless of + this setting, however if there are fewer than this many + bytes accumulated for this partition the producer will 'linger' + for the specified time waiting for more records to show + up. Defaults to 0." + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: + This setting will limit the number of record + batches the producer will send in a single request to avoid + sending huge requests. + maximum: 67108864 + minimum: 131072 + type: integer + scheduled_rebalance_max_delay_ms: + description: + The maximum delay that is scheduled in order + to wait for the return of one or more departed workers before + rebalancing and reassigning their connectors and tasks to + the group. During this period the connectors and tasks of + the departed workers remain unassigned. Defaults to 5 minutes. + maximum: 600000 + minimum: 0 + type: integer + session_timeout_ms: + description: + The timeout in milliseconds used to detect failures + when using Kafka’s group management facilities (defaults + to 10000). + maximum: 2147483647 + minimum: 1 + type: integer + type: object + private_access: + description: + Allow access to selected service ports from private + networks + properties: + kafka_connect: + description: + Allow clients to connect to kafka_connect with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + jolokia: + description: Enable jolokia + type: boolean + kafka_connect: + description: Enable kafka_connect + type: boolean + prometheus: + description: Enable prometheus + type: boolean type: object - maxItems: 1024 - type: array - kafka_connect: - description: Kafka Connect configuration values + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + kafka_connect: + description: + Allow clients to connect to kafka_connect from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - connector_client_config_override_policy: - description: Defines what client configurations can be overridden - by the connector. Default is None - enum: - - None - - All - type: string - consumer_auto_offset_reset: - description: What to do when there is no initial offset in - Kafka or if the current offset does not exist any more on - the server. Default is earliest - enum: - - earliest - - latest + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - consumer_fetch_max_bytes: - description: Records are fetched in batches by the consumer, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that the consumer can make - progress. As such, this is not a absolute maximum. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_isolation_level: - description: Transaction read isolation level. read_uncommitted - is the default, but read_committed can be used if consume-exactly-once - behavior is desired. - enum: - - read_uncommitted - - read_committed + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - consumer_max_partition_fetch_bytes: - description: Records are fetched in batches by the consumer.If - the first record batch in the first non-empty partition - of the fetch is larger than this limit, the batch will still - be returned to ensure that the consumer can make progress. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_max_poll_interval_ms: - description: The maximum delay in milliseconds between invocations - of poll() when using consumer group management (defaults - to 300000). - maximum: 2147483647 - minimum: 1 - type: integer - consumer_max_poll_records: - description: The maximum number of records returned in a single - call to poll() (defaults to 500). - maximum: 10000 - minimum: 1 - type: integer - offset_flush_interval_ms: - description: The interval at which to try committing offsets - for tasks (defaults to 60000). - maximum: 100000000 - minimum: 1 - type: integer - offset_flush_timeout_ms: - description: Maximum number of milliseconds to wait for records - to flush and partition offset data to be committed to offset - storage before cancelling the process and restoring the - offset data to be committed in a future attempt (defaults - to 5000). - maximum: 2147483647 - minimum: 1 - type: integer - producer_batch_size: - description: This setting gives the upper bound of the batch - size to be sent. If there are fewer than this many bytes - accumulated for this partition, the producer will 'linger' - for the linger.ms time waiting for more records to show - up. A batch size of zero will disable batching entirely - (defaults to 16384). - maximum: 5242880 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - producer_buffer_memory: - description: The total bytes of memory the producer can use - to buffer records waiting to be sent to the broker (defaults - to 33554432). - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. enum: - - gzip - - snappy - - lz4 - - zstd - - none + - "True" + - "False" + - Unknown type: string - producer_linger_ms: - description: 'This setting gives the upper bound on the delay - for batching: once there is batch.size worth of records - for a partition it will be sent immediately regardless of - this setting, however if there are fewer than this many - bytes accumulated for this partition the producer will ''linger'' - for the specified time waiting for more records to show - up. Defaults to 0.' - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: This setting will limit the number of record - batches the producer will send in a single request to avoid - sending huge requests. - maximum: 67108864 - minimum: 131072 - type: integer - scheduled_rebalance_max_delay_ms: - description: The maximum delay that is scheduled in order - to wait for the return of one or more departed workers before - rebalancing and reassigning their connectors and tasks to - the group. During this period the connectors and tasks of - the departed workers remain unassigned. Defaults to 5 minutes. - maximum: 600000 - minimum: 0 - type: integer - session_timeout_ms: - description: The timeout in milliseconds used to detect failures - when using Kafka’s group management facilities (defaults - to 10000). - maximum: 2147483647 - minimum: 1 - type: integer - type: object - private_access: - description: Allow access to selected service ports from private - networks - properties: - kafka_connect: - description: Allow clients to connect to kafka_connect with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - jolokia: - description: Enable jolokia - type: boolean - kafka_connect: - description: Enable kafka_connect - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - kafka_connect: - description: Allow clients to connect to kafka_connect from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml index d359f376..ea73fcba 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkas.yaml @@ -15,966 +15,1069 @@ spec: singular: kafka scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Kafka is the Schema for the kafkas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaSpec defines the desired state of Kafka - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `KAFKA_HOST`, `KAFKA_PORT`, `KAFKA_USERNAME`, `KAFKA_PASSWORD`, - `KAFKA_ACCESS_CERT`, `KAFKA_ACCESS_KEY`, `KAFKA_SASL_HOST`, `KAFKA_SASL_PORT`, - `KAFKA_SCHEMA_REGISTRY_HOST`, `KAFKA_SCHEMA_REGISTRY_PORT`, `KAFKA_CONNECT_HOST`, - `KAFKA_CONNECT_PORT`, `KAFKA_REST_HOST`, `KAFKA_REST_PORT`' - properties: - annotations: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Kafka is the Schema for the kafkas API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaSpec defines the desired state of Kafka + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - karapace: - description: Switch the service to use Karapace for schema registry - and REST proxy - type: boolean - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `KAFKA_HOST`, `KAFKA_PORT`, `KAFKA_USERNAME`, `KAFKA_PASSWORD`, + `KAFKA_ACCESS_CERT`, `KAFKA_ACCESS_KEY`, `KAFKA_SASL_HOST`, `KAFKA_SASL_PORT`, + `KAFKA_SCHEMA_REGISTRY_HOST`, `KAFKA_SCHEMA_REGISTRY_PORT`, `KAFKA_CONNECT_HOST`, + `KAFKA_CONNECT_PORT`, `KAFKA_REST_HOST`, `KAFKA_REST_PORT`" properties: - integrationType: - enum: - - read_replica + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - integrationType - - sourceServiceName + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + karapace: + description: + Switch the service to use Karapace for schema registry + and REST proxy + type: boolean + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Kafka specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 type: string - maxItems: 1 - type: array - aiven_kafka_topic_messages: - description: Allow access to read Kafka topic messages in the - Aiven Console and REST API. - type: boolean - custom_domain: - description: Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 - type: string - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - kafka: - description: Kafka broker configuration values + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - auto_create_topics_enable: - description: Enable auto creation of topics - type: boolean - compression_type: - description: Specify the final compression type for a given - topic. This configuration accepts the standard compression - codecs ('gzip', 'snappy', 'lz4', 'zstd'). It additionally - accepts 'uncompressed' which is equivalent to no compression; - and 'producer' which means retain the original compression - codec set by the producer. - enum: - - gzip - - snappy - - lz4 - - zstd - - uncompressed - - producer - type: string - connections_max_idle_ms: - description: 'Idle connections timeout: the server socket - processor threads close the connections that idle for longer - than this.' - maximum: 3600000 - minimum: 1000 - type: integer - default_replication_factor: - description: Replication factor for autocreated topics - maximum: 10 - minimum: 1 - type: integer - group_initial_rebalance_delay_ms: - description: The amount of time, in milliseconds, the group - coordinator will wait for more consumers to join a new group - before performing the first rebalance. A longer delay means - potentially fewer rebalances, but increases the time until - processing begins. The default value for this is 3 seconds. - During development and testing it might be desirable to - set this to 0 in order to not delay test execution time. - maximum: 300000 - minimum: 0 - type: integer - group_max_session_timeout_ms: - description: The maximum allowed session timeout for registered - consumers. Longer timeouts give consumers more time to process - messages in between heartbeats at the cost of a longer time - to detect failures. - maximum: 1800000 - minimum: 0 - type: integer - group_min_session_timeout_ms: - description: The minimum allowed session timeout for registered - consumers. Longer timeouts give consumers more time to process - messages in between heartbeats at the cost of a longer time - to detect failures. - maximum: 60000 - minimum: 0 - type: integer - log_cleaner_delete_retention_ms: - description: How long are delete records retained? - maximum: 315569260000 - minimum: 0 - type: integer - log_cleaner_max_compaction_lag_ms: - description: The maximum amount of time message will remain - uncompacted. Only applicable for logs that are being compacted - minimum: 30000 - type: integer - log_cleaner_min_cleanable_ratio: - description: Controls log compactor frequency. Larger value - means more frequent compactions but also more space wasted - for logs. Consider setting log.cleaner.max.compaction.lag.ms - to enforce compactions sooner, instead of setting a very - high value for this option. - maximum: 0.9 - minimum: 0.2 - type: number - log_cleaner_min_compaction_lag_ms: - description: The minimum time a message will remain uncompacted - in the log. Only applicable for logs that are being compacted. - minimum: 0 - type: integer - log_cleanup_policy: - description: The default cleanup policy for segments beyond - the retention window + integrationType: enum: - - delete - - compact - - compact,delete - type: string - log_flush_interval_messages: - description: The number of messages accumulated on a log partition - before messages are flushed to disk - minimum: 1 - type: integer - log_flush_interval_ms: - description: The maximum time in ms that a message in any - topic is kept in memory before flushed to disk. If not set, - the value in log.flush.scheduler.interval.ms is used - minimum: 0 - type: integer - log_index_interval_bytes: - description: The interval with which Kafka adds an entry to - the offset index - maximum: 104857600 - minimum: 0 - type: integer - log_index_size_max_bytes: - description: The maximum size in bytes of the offset index - maximum: 104857600 - minimum: 1048576 - type: integer - log_local_retention_bytes: - description: The maximum size of local log segments that can - grow for a partition before it gets eligible for deletion. - If set to -2, the value of log.retention.bytes is used. - The effective value should always be less than or equal - to log.retention.bytes value. - minimum: -2 - type: integer - log_local_retention_ms: - description: The number of milliseconds to keep the local - log segments before it gets eligible for deletion. If set - to -2, the value of log.retention.ms is used. The effective - value should always be less than or equal to log.retention.ms - value. - minimum: -2 - type: integer - log_message_downconversion_enable: - description: This configuration controls whether down-conversion - of message formats is enabled to satisfy consume requests. - type: boolean - log_message_timestamp_difference_max_ms: - description: The maximum difference allowed between the timestamp - when a broker receives a message and the timestamp specified - in the message - minimum: 0 - type: integer - log_message_timestamp_type: - description: Define whether the timestamp in the message is - message create time or log append time. - enum: - - CreateTime - - LogAppendTime - type: string - log_preallocate: - description: Should pre allocate file when create new segment? - type: boolean - log_retention_bytes: - description: The maximum size of the log before deleting messages - minimum: -1 - type: integer - log_retention_hours: - description: The number of hours to keep a log file before - deleting it - maximum: 2147483647 - minimum: -1 - type: integer - log_retention_ms: - description: The number of milliseconds to keep a log file - before deleting it (in milliseconds), If not set, the value - in log.retention.minutes is used. If set to -1, no time - limit is applied. - minimum: -1 - type: integer - log_roll_jitter_ms: - description: The maximum jitter to subtract from logRollTimeMillis - (in milliseconds). If not set, the value in log.roll.jitter.hours - is used - minimum: 0 - type: integer - log_roll_ms: - description: The maximum time before a new log segment is - rolled out (in milliseconds). - minimum: 1 - type: integer - log_segment_bytes: - description: The maximum size of a single log file - maximum: 1073741824 - minimum: 10485760 - type: integer - log_segment_delete_delay_ms: - description: The amount of time to wait before deleting a - file from the filesystem - maximum: 3600000 - minimum: 0 - type: integer - max_connections_per_ip: - description: The maximum number of connections allowed from - each ip address (defaults to 2147483647). - maximum: 2147483647 - minimum: 256 - type: integer - max_incremental_fetch_session_cache_slots: - description: The maximum number of incremental fetch sessions - that the broker will maintain. - maximum: 10000 - minimum: 1000 - type: integer - message_max_bytes: - description: The maximum size of message that the server can - receive. - maximum: 100001200 - minimum: 0 - type: integer - min_insync_replicas: - description: When a producer sets acks to 'all' (or '-1'), - min.insync.replicas specifies the minimum number of replicas - that must acknowledge a write for the write to be considered - successful. - maximum: 7 - minimum: 1 - type: integer - num_partitions: - description: Number of partitions for autocreated topics - maximum: 1000 - minimum: 1 - type: integer - offsets_retention_minutes: - description: Log retention window in minutes for offsets topic - maximum: 2147483647 - minimum: 1 - type: integer - producer_purgatory_purge_interval_requests: - description: The purge interval (in number of requests) of - the producer request purgatory(defaults to 1000). - maximum: 10000 - minimum: 10 - type: integer - replica_fetch_max_bytes: - description: The number of bytes of messages to attempt to - fetch for each partition (defaults to 1048576). This is - not an absolute maximum, if the first record batch in the - first non-empty partition of the fetch is larger than this - value, the record batch will still be returned to ensure - that progress can be made. - maximum: 104857600 - minimum: 1048576 - type: integer - replica_fetch_response_max_bytes: - description: Maximum bytes expected for the entire fetch response - (defaults to 10485760). Records are fetched in batches, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that progress can be made. - As such, this is not an absolute maximum. - maximum: 1048576000 - minimum: 10485760 - type: integer - sasl_oauthbearer_expected_audience: - description: The (optional) comma-delimited setting for the - broker to use to verify that the JWT was issued for one - of the expected audiences. - maxLength: 128 - type: string - sasl_oauthbearer_expected_issuer: - description: Optional setting for the broker to use to verify - that the JWT was created by the expected issuer. - maxLength: 128 - type: string - sasl_oauthbearer_jwks_endpoint_url: - description: OIDC JWKS endpoint URL. By setting this the SASL - SSL OAuth2/OIDC authentication is enabled. See also other - options for SASL OAuth2/OIDC. - maxLength: 2048 + - read_replica type: string - sasl_oauthbearer_sub_claim_name: - description: Name of the scope from which to extract the subject - claim from the JWT. Defaults to sub. - maxLength: 128 + sourceServiceName: + maxLength: 64 + minLength: 1 type: string - socket_request_max_bytes: - description: The maximum number of bytes in a socket request - (defaults to 104857600). - maximum: 209715200 - minimum: 10485760 - type: integer - transaction_partition_verification_enable: - description: Enable verification that checks that the partition - has been added to the transaction before writing transactional - records to the partition - type: boolean - transaction_remove_expired_transaction_cleanup_interval_ms: - description: The interval at which to remove transactions - that have expired due to transactional.id.expiration.ms - passing (defaults to 3600000 (1 hour)). - maximum: 3600000 - minimum: 600000 - type: integer - transaction_state_log_segment_bytes: - description: The transaction topic segment bytes should be - kept relatively small in order to facilitate faster log - compaction and cache loads (defaults to 104857600 (100 mebibytes)). - maximum: 2147483647 - minimum: 1048576 - type: integer - type: object - kafka_authentication_methods: - description: Kafka authentication methods - properties: - certificate: - description: Enable certificate/SSL authentication - type: boolean - sasl: - description: Enable SASL authentication - type: boolean + required: + - integrationType + - sourceServiceName type: object - kafka_connect: - description: Enable Kafka Connect service - type: boolean - kafka_connect_config: - description: Kafka Connect configuration values - properties: - connector_client_config_override_policy: - description: Defines what client configurations can be overridden - by the connector. Default is None - enum: - - None - - All - type: string - consumer_auto_offset_reset: - description: What to do when there is no initial offset in - Kafka or if the current offset does not exist any more on - the server. Default is earliest - enum: - - earliest - - latest + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Kafka specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: type: string - consumer_fetch_max_bytes: - description: Records are fetched in batches by the consumer, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that the consumer can make - progress. As such, this is not a absolute maximum. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_isolation_level: - description: Transaction read isolation level. read_uncommitted - is the default, but read_committed can be used if consume-exactly-once - behavior is desired. - enum: - - read_uncommitted - - read_committed + maxItems: 1 + type: array + aiven_kafka_topic_messages: + description: + Allow access to read Kafka topic messages in the + Aiven Console and REST API. + type: boolean + custom_domain: + description: + Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + kafka: + description: Kafka broker configuration values + properties: + auto_create_topics_enable: + description: Enable auto creation of topics + type: boolean + compression_type: + description: + Specify the final compression type for a given + topic. This configuration accepts the standard compression + codecs ('gzip', 'snappy', 'lz4', 'zstd'). It additionally + accepts 'uncompressed' which is equivalent to no compression; + and 'producer' which means retain the original compression + codec set by the producer. + enum: + - gzip + - snappy + - lz4 + - zstd + - uncompressed + - producer + type: string + connections_max_idle_ms: + description: + "Idle connections timeout: the server socket + processor threads close the connections that idle for longer + than this." + maximum: 3600000 + minimum: 1000 + type: integer + default_replication_factor: + description: Replication factor for autocreated topics + maximum: 10 + minimum: 1 + type: integer + group_initial_rebalance_delay_ms: + description: + The amount of time, in milliseconds, the group + coordinator will wait for more consumers to join a new group + before performing the first rebalance. A longer delay means + potentially fewer rebalances, but increases the time until + processing begins. The default value for this is 3 seconds. + During development and testing it might be desirable to + set this to 0 in order to not delay test execution time. + maximum: 300000 + minimum: 0 + type: integer + group_max_session_timeout_ms: + description: + The maximum allowed session timeout for registered + consumers. Longer timeouts give consumers more time to process + messages in between heartbeats at the cost of a longer time + to detect failures. + maximum: 1800000 + minimum: 0 + type: integer + group_min_session_timeout_ms: + description: + The minimum allowed session timeout for registered + consumers. Longer timeouts give consumers more time to process + messages in between heartbeats at the cost of a longer time + to detect failures. + maximum: 60000 + minimum: 0 + type: integer + log_cleaner_delete_retention_ms: + description: How long are delete records retained? + maximum: 315569260000 + minimum: 0 + type: integer + log_cleaner_max_compaction_lag_ms: + description: + The maximum amount of time message will remain + uncompacted. Only applicable for logs that are being compacted + minimum: 30000 + type: integer + log_cleaner_min_cleanable_ratio: + description: + Controls log compactor frequency. Larger value + means more frequent compactions but also more space wasted + for logs. Consider setting log.cleaner.max.compaction.lag.ms + to enforce compactions sooner, instead of setting a very + high value for this option. + maximum: 0.9 + minimum: 0.2 + type: number + log_cleaner_min_compaction_lag_ms: + description: + The minimum time a message will remain uncompacted + in the log. Only applicable for logs that are being compacted. + minimum: 0 + type: integer + log_cleanup_policy: + description: + The default cleanup policy for segments beyond + the retention window + enum: + - delete + - compact + - compact,delete + type: string + log_flush_interval_messages: + description: + The number of messages accumulated on a log partition + before messages are flushed to disk + minimum: 1 + type: integer + log_flush_interval_ms: + description: + The maximum time in ms that a message in any + topic is kept in memory before flushed to disk. If not set, + the value in log.flush.scheduler.interval.ms is used + minimum: 0 + type: integer + log_index_interval_bytes: + description: + The interval with which Kafka adds an entry to + the offset index + maximum: 104857600 + minimum: 0 + type: integer + log_index_size_max_bytes: + description: The maximum size in bytes of the offset index + maximum: 104857600 + minimum: 1048576 + type: integer + log_local_retention_bytes: + description: + The maximum size of local log segments that can + grow for a partition before it gets eligible for deletion. + If set to -2, the value of log.retention.bytes is used. + The effective value should always be less than or equal + to log.retention.bytes value. + minimum: -2 + type: integer + log_local_retention_ms: + description: + The number of milliseconds to keep the local + log segments before it gets eligible for deletion. If set + to -2, the value of log.retention.ms is used. The effective + value should always be less than or equal to log.retention.ms + value. + minimum: -2 + type: integer + log_message_downconversion_enable: + description: + This configuration controls whether down-conversion + of message formats is enabled to satisfy consume requests. + type: boolean + log_message_timestamp_difference_max_ms: + description: + The maximum difference allowed between the timestamp + when a broker receives a message and the timestamp specified + in the message + minimum: 0 + type: integer + log_message_timestamp_type: + description: + Define whether the timestamp in the message is + message create time or log append time. + enum: + - CreateTime + - LogAppendTime + type: string + log_preallocate: + description: Should pre allocate file when create new segment? + type: boolean + log_retention_bytes: + description: The maximum size of the log before deleting messages + minimum: -1 + type: integer + log_retention_hours: + description: + The number of hours to keep a log file before + deleting it + maximum: 2147483647 + minimum: -1 + type: integer + log_retention_ms: + description: + The number of milliseconds to keep a log file + before deleting it (in milliseconds), If not set, the value + in log.retention.minutes is used. If set to -1, no time + limit is applied. + minimum: -1 + type: integer + log_roll_jitter_ms: + description: + The maximum jitter to subtract from logRollTimeMillis + (in milliseconds). If not set, the value in log.roll.jitter.hours + is used + minimum: 0 + type: integer + log_roll_ms: + description: + The maximum time before a new log segment is + rolled out (in milliseconds). + minimum: 1 + type: integer + log_segment_bytes: + description: The maximum size of a single log file + maximum: 1073741824 + minimum: 10485760 + type: integer + log_segment_delete_delay_ms: + description: + The amount of time to wait before deleting a + file from the filesystem + maximum: 3600000 + minimum: 0 + type: integer + max_connections_per_ip: + description: + The maximum number of connections allowed from + each ip address (defaults to 2147483647). + maximum: 2147483647 + minimum: 256 + type: integer + max_incremental_fetch_session_cache_slots: + description: + The maximum number of incremental fetch sessions + that the broker will maintain. + maximum: 10000 + minimum: 1000 + type: integer + message_max_bytes: + description: + The maximum size of message that the server can + receive. + maximum: 100001200 + minimum: 0 + type: integer + min_insync_replicas: + description: + When a producer sets acks to 'all' (or '-1'), + min.insync.replicas specifies the minimum number of replicas + that must acknowledge a write for the write to be considered + successful. + maximum: 7 + minimum: 1 + type: integer + num_partitions: + description: Number of partitions for autocreated topics + maximum: 1000 + minimum: 1 + type: integer + offsets_retention_minutes: + description: Log retention window in minutes for offsets topic + maximum: 2147483647 + minimum: 1 + type: integer + producer_purgatory_purge_interval_requests: + description: + The purge interval (in number of requests) of + the producer request purgatory(defaults to 1000). + maximum: 10000 + minimum: 10 + type: integer + replica_fetch_max_bytes: + description: + The number of bytes of messages to attempt to + fetch for each partition (defaults to 1048576). This is + not an absolute maximum, if the first record batch in the + first non-empty partition of the fetch is larger than this + value, the record batch will still be returned to ensure + that progress can be made. + maximum: 104857600 + minimum: 1048576 + type: integer + replica_fetch_response_max_bytes: + description: + Maximum bytes expected for the entire fetch response + (defaults to 10485760). Records are fetched in batches, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that progress can be made. + As such, this is not an absolute maximum. + maximum: 1048576000 + minimum: 10485760 + type: integer + sasl_oauthbearer_expected_audience: + description: + The (optional) comma-delimited setting for the + broker to use to verify that the JWT was issued for one + of the expected audiences. + maxLength: 128 + type: string + sasl_oauthbearer_expected_issuer: + description: + Optional setting for the broker to use to verify + that the JWT was created by the expected issuer. + maxLength: 128 + type: string + sasl_oauthbearer_jwks_endpoint_url: + description: + OIDC JWKS endpoint URL. By setting this the SASL + SSL OAuth2/OIDC authentication is enabled. See also other + options for SASL OAuth2/OIDC. + maxLength: 2048 + type: string + sasl_oauthbearer_sub_claim_name: + description: + Name of the scope from which to extract the subject + claim from the JWT. Defaults to sub. + maxLength: 128 + type: string + socket_request_max_bytes: + description: + The maximum number of bytes in a socket request + (defaults to 104857600). + maximum: 209715200 + minimum: 10485760 + type: integer + transaction_partition_verification_enable: + description: + Enable verification that checks that the partition + has been added to the transaction before writing transactional + records to the partition + type: boolean + transaction_remove_expired_transaction_cleanup_interval_ms: + description: + The interval at which to remove transactions + that have expired due to transactional.id.expiration.ms + passing (defaults to 3600000 (1 hour)). + maximum: 3600000 + minimum: 600000 + type: integer + transaction_state_log_segment_bytes: + description: + The transaction topic segment bytes should be + kept relatively small in order to facilitate faster log + compaction and cache loads (defaults to 104857600 (100 mebibytes)). + maximum: 2147483647 + minimum: 1048576 + type: integer + type: object + kafka_authentication_methods: + description: Kafka authentication methods + properties: + certificate: + description: Enable certificate/SSL authentication + type: boolean + sasl: + description: Enable SASL authentication + type: boolean + type: object + kafka_connect: + description: Enable Kafka Connect service + type: boolean + kafka_connect_config: + description: Kafka Connect configuration values + properties: + connector_client_config_override_policy: + description: + Defines what client configurations can be overridden + by the connector. Default is None + enum: + - None + - All + type: string + consumer_auto_offset_reset: + description: + What to do when there is no initial offset in + Kafka or if the current offset does not exist any more on + the server. Default is earliest + enum: + - earliest + - latest + type: string + consumer_fetch_max_bytes: + description: + Records are fetched in batches by the consumer, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that the consumer can make + progress. As such, this is not a absolute maximum. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_isolation_level: + description: + Transaction read isolation level. read_uncommitted + is the default, but read_committed can be used if consume-exactly-once + behavior is desired. + enum: + - read_uncommitted + - read_committed + type: string + consumer_max_partition_fetch_bytes: + description: + Records are fetched in batches by the consumer.If + the first record batch in the first non-empty partition + of the fetch is larger than this limit, the batch will still + be returned to ensure that the consumer can make progress. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_max_poll_interval_ms: + description: + The maximum delay in milliseconds between invocations + of poll() when using consumer group management (defaults + to 300000). + maximum: 2147483647 + minimum: 1 + type: integer + consumer_max_poll_records: + description: + The maximum number of records returned in a single + call to poll() (defaults to 500). + maximum: 10000 + minimum: 1 + type: integer + offset_flush_interval_ms: + description: + The interval at which to try committing offsets + for tasks (defaults to 60000). + maximum: 100000000 + minimum: 1 + type: integer + offset_flush_timeout_ms: + description: + Maximum number of milliseconds to wait for records + to flush and partition offset data to be committed to offset + storage before cancelling the process and restoring the + offset data to be committed in a future attempt (defaults + to 5000). + maximum: 2147483647 + minimum: 1 + type: integer + producer_batch_size: + description: + This setting gives the upper bound of the batch + size to be sent. If there are fewer than this many bytes + accumulated for this partition, the producer will 'linger' + for the linger.ms time waiting for more records to show + up. A batch size of zero will disable batching entirely + (defaults to 16384). + maximum: 5242880 + minimum: 0 + type: integer + producer_buffer_memory: + description: + The total bytes of memory the producer can use + to buffer records waiting to be sent to the broker (defaults + to 33554432). + maximum: 134217728 + minimum: 5242880 + type: integer + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: + "This setting gives the upper bound on the delay + for batching: once there is batch.size worth of records + for a partition it will be sent immediately regardless of + this setting, however if there are fewer than this many + bytes accumulated for this partition the producer will 'linger' + for the specified time waiting for more records to show + up. Defaults to 0." + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: + This setting will limit the number of record + batches the producer will send in a single request to avoid + sending huge requests. + maximum: 67108864 + minimum: 131072 + type: integer + scheduled_rebalance_max_delay_ms: + description: + The maximum delay that is scheduled in order + to wait for the return of one or more departed workers before + rebalancing and reassigning their connectors and tasks to + the group. During this period the connectors and tasks of + the departed workers remain unassigned. Defaults to 5 minutes. + maximum: 600000 + minimum: 0 + type: integer + session_timeout_ms: + description: + The timeout in milliseconds used to detect failures + when using Kafka’s group management facilities (defaults + to 10000). + maximum: 2147483647 + minimum: 1 + type: integer + type: object + kafka_rest: + description: Enable Kafka-REST service + type: boolean + kafka_rest_authorization: + description: Enable authorization in Kafka-REST service + type: boolean + kafka_rest_config: + description: Kafka REST configuration + properties: + consumer_enable_auto_commit: + description: + If true the consumer's offset will be periodically + committed to Kafka in the background + type: boolean + consumer_request_max_bytes: + description: + Maximum number of bytes in unencoded message + keys and values by a single request + maximum: 671088640 + minimum: 0 + type: integer + consumer_request_timeout_ms: + description: + The maximum total time to wait for messages for + a request if the maximum number of messages has not yet + been reached + enum: + - 1000 + - 15000 + - 30000 + maximum: 30000 + minimum: 1000 + type: integer + name_strategy_validation: + description: + If true, validate that given schema is registered + under expected subject name by the used name strategy when + producing messages. + type: boolean + producer_acks: + description: + The number of acknowledgments the producer requires + the leader to have received before considering a request + complete. If set to 'all' or '-1', the leader will wait + for the full set of in-sync replicas to acknowledge the + record. + enum: + - all + - "-1" + - "0" + - "1" + type: string + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: + Wait for up to the given delay to allow batching + records together + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: + The maximum size of a request in bytes. Note + that Kafka broker can also cap the record batch size. + maximum: 2147483647 + minimum: 0 + type: integer + simpleconsumer_pool_size_max: + description: + Maximum number of SimpleConsumers that can be + instantiated per broker + maximum: 250 + minimum: 10 + type: integer + type: object + kafka_version: + description: Kafka major version + enum: + - "3.3" + - "3.1" + - "3.4" + - "3.5" + - "3.6" + type: string + private_access: + description: + Allow access to selected service ports from private + networks + properties: + kafka: + description: + Allow clients to connect to kafka with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + kafka_connect: + description: + Allow clients to connect to kafka_connect with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + kafka_rest: + description: + Allow clients to connect to kafka_rest with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + schema_registry: + description: + Allow clients to connect to schema_registry with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + jolokia: + description: Enable jolokia + type: boolean + kafka: + description: Enable kafka + type: boolean + kafka_connect: + description: Enable kafka_connect + type: boolean + kafka_rest: + description: Enable kafka_rest + type: boolean + prometheus: + description: Enable prometheus + type: boolean + schema_registry: + description: Enable schema_registry + type: boolean + type: object + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + kafka: + description: + Allow clients to connect to kafka from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + kafka_connect: + description: + Allow clients to connect to kafka_connect from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + kafka_rest: + description: + Allow clients to connect to kafka_rest from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + schema_registry: + description: + Allow clients to connect to schema_registry from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + schema_registry: + description: Enable Schema-Registry service + type: boolean + schema_registry_config: + description: Schema Registry configuration + properties: + leader_eligibility: + description: + If true, Karapace / Schema Registry on the service + nodes can participate in leader election. It might be needed + to disable this when the schemas topic is replicated to + a secondary cluster and Karapace / Schema Registry there + must not participate in leader election. Defaults to `true`. + type: boolean + topic_name: + description: + The durable single partition topic that acts + as the durable log for the data. This topic must be compacted + to avoid losing data due to retention policy. Please note + that changing this configuration in an existing Schema Registry + / Karapace setup leads to previous schemas being inaccessible, + data encoded with them potentially unreadable and schema + ID sequence put out of order. It's only possible to do the + switch while Schema Registry / Karapace is disabled. Defaults + to `_schemas`. + maxLength: 249 + minLength: 1 + type: string + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + static_ips: + description: Use static public IP addresses + type: boolean + tiered_storage: + description: Tiered storage configuration + properties: + enabled: + description: Whether to enable the tiered storage functionality + type: boolean + local_cache: + description: Deprecated. Local cache configuration + properties: + size: + description: Deprecated. Local cache size in bytes + maximum: 107374182400 + minimum: 1 + type: integer + type: object + type: object + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - consumer_max_partition_fetch_bytes: - description: Records are fetched in batches by the consumer.If - the first record batch in the first non-empty partition - of the fetch is larger than this limit, the batch will still - be returned to ensure that the consumer can make progress. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_max_poll_interval_ms: - description: The maximum delay in milliseconds between invocations - of poll() when using consumer group management (defaults - to 300000). - maximum: 2147483647 - minimum: 1 - type: integer - consumer_max_poll_records: - description: The maximum number of records returned in a single - call to poll() (defaults to 500). - maximum: 10000 - minimum: 1 - type: integer - offset_flush_interval_ms: - description: The interval at which to try committing offsets - for tasks (defaults to 60000). - maximum: 100000000 - minimum: 1 - type: integer - offset_flush_timeout_ms: - description: Maximum number of milliseconds to wait for records - to flush and partition offset data to be committed to offset - storage before cancelling the process and restoring the - offset data to be committed in a future attempt (defaults - to 5000). - maximum: 2147483647 - minimum: 1 - type: integer - producer_batch_size: - description: This setting gives the upper bound of the batch - size to be sent. If there are fewer than this many bytes - accumulated for this partition, the producer will 'linger' - for the linger.ms time waiting for more records to show - up. A batch size of zero will disable batching entirely - (defaults to 16384). - maximum: 5242880 - minimum: 0 - type: integer - producer_buffer_memory: - description: The total bytes of memory the producer can use - to buffer records waiting to be sent to the broker (defaults - to 33554432). - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. - enum: - - gzip - - snappy - - lz4 - - zstd - - none + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - producer_linger_ms: - description: 'This setting gives the upper bound on the delay - for batching: once there is batch.size worth of records - for a partition it will be sent immediately regardless of - this setting, however if there are fewer than this many - bytes accumulated for this partition the producer will ''linger'' - for the specified time waiting for more records to show - up. Defaults to 0.' - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: This setting will limit the number of record - batches the producer will send in a single request to avoid - sending huge requests. - maximum: 67108864 - minimum: 131072 - type: integer - scheduled_rebalance_max_delay_ms: - description: The maximum delay that is scheduled in order - to wait for the return of one or more departed workers before - rebalancing and reassigning their connectors and tasks to - the group. During this period the connectors and tasks of - the departed workers remain unassigned. Defaults to 5 minutes. - maximum: 600000 - minimum: 0 - type: integer - session_timeout_ms: - description: The timeout in milliseconds used to detect failures - when using Kafka’s group management facilities (defaults - to 10000). - maximum: 2147483647 - minimum: 1 - type: integer - type: object - kafka_rest: - description: Enable Kafka-REST service - type: boolean - kafka_rest_authorization: - description: Enable authorization in Kafka-REST service - type: boolean - kafka_rest_config: - description: Kafka REST configuration - properties: - consumer_enable_auto_commit: - description: If true the consumer's offset will be periodically - committed to Kafka in the background - type: boolean - consumer_request_max_bytes: - description: Maximum number of bytes in unencoded message - keys and values by a single request - maximum: 671088640 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - consumer_request_timeout_ms: - description: The maximum total time to wait for messages for - a request if the maximum number of messages has not yet - been reached - enum: - - 1000 - - 15000 - - 30000 - maximum: 30000 - minimum: 1000 - type: integer - name_strategy_validation: - description: If true, validate that given schema is registered - under expected subject name by the used name strategy when - producing messages. - type: boolean - producer_acks: - description: The number of acknowledgments the producer requires - the leader to have received before considering a request - complete. If set to 'all' or '-1', the leader will wait - for the full set of in-sync replicas to acknowledge the - record. - enum: - - all - - "-1" - - "0" - - "1" + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. + status: + description: status of the condition, one of True, False, Unknown. enum: - - gzip - - snappy - - lz4 - - zstd - - none + - "True" + - "False" + - Unknown type: string - producer_linger_ms: - description: Wait for up to the given delay to allow batching - records together - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: The maximum size of a request in bytes. Note - that Kafka broker can also cap the record batch size. - maximum: 2147483647 - minimum: 0 - type: integer - simpleconsumer_pool_size_max: - description: Maximum number of SimpleConsumers that can be - instantiated per broker - maximum: 250 - minimum: 10 - type: integer - type: object - kafka_version: - description: Kafka major version - enum: - - "3.3" - - "3.1" - - "3.4" - - "3.5" - - "3.6" - type: string - private_access: - description: Allow access to selected service ports from private - networks - properties: - kafka: - description: Allow clients to connect to kafka with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - kafka_connect: - description: Allow clients to connect to kafka_connect with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - kafka_rest: - description: Allow clients to connect to kafka_rest with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - schema_registry: - description: Allow clients to connect to schema_registry with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - jolokia: - description: Enable jolokia - type: boolean - kafka: - description: Enable kafka - type: boolean - kafka_connect: - description: Enable kafka_connect - type: boolean - kafka_rest: - description: Enable kafka_rest - type: boolean - prometheus: - description: Enable prometheus - type: boolean - schema_registry: - description: Enable schema_registry - type: boolean - type: object - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - kafka: - description: Allow clients to connect to kafka from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - kafka_connect: - description: Allow clients to connect to kafka_connect from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - kafka_rest: - description: Allow clients to connect to kafka_rest from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - schema_registry: - description: Allow clients to connect to schema_registry from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - schema_registry: - description: Enable Schema-Registry service - type: boolean - schema_registry_config: - description: Schema Registry configuration - properties: - leader_eligibility: - description: If true, Karapace / Schema Registry on the service - nodes can participate in leader election. It might be needed - to disable this when the schemas topic is replicated to - a secondary cluster and Karapace / Schema Registry there - must not participate in leader election. Defaults to `true`. - type: boolean - topic_name: - description: The durable single partition topic that acts - as the durable log for the data. This topic must be compacted - to avoid losing data due to retention policy. Please note - that changing this configuration in an existing Schema Registry - / Karapace setup leads to previous schemas being inaccessible, - data encoded with them potentially unreadable and schema - ID sequence put out of order. It's only possible to do the - switch while Schema Registry / Karapace is disabled. Defaults - to `_schemas`. - maxLength: 249 - minLength: 1 + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - static_ips: - description: Use static public IP addresses - type: boolean - tiered_storage: - description: Tiered storage configuration - properties: - enabled: - description: Whether to enable the tiered storage functionality - type: boolean - local_cache: - description: Deprecated. Local cache configuration - properties: - size: - description: Deprecated. Local cache size in bytes - maximum: 107374182400 - minimum: 1 - type: integer - type: object - type: object - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkaschemas.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkaschemas.yaml index e96a87bc..ffb7aa2e 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkaschemas.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkaschemas.yaml @@ -15,171 +15,181 @@ spec: singular: kafkaschema scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.subjectName - name: Subject - type: string - - jsonPath: .spec.compatibilityLevel - name: Compatibility Level - type: string - - jsonPath: .status.version - name: Version - type: number - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaSchema is the Schema for the kafkaschemas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaSchemaSpec defines the desired state of KafkaSchema - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - compatibilityLevel: - description: Kafka Schemas compatibility level - enum: - - BACKWARD - - BACKWARD_TRANSITIVE - - FORWARD - - FORWARD_TRANSITIVE - - FULL - - FULL_TRANSITIVE - - NONE - type: string - project: - description: Project to link the Kafka Schema to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - schema: - description: Kafka Schema configuration should be a valid Avro Schema - JSON format - type: string - serviceName: - description: Service to link the Kafka Schema to - maxLength: 63 - type: string - subjectName: - description: Kafka Schema Subject name - maxLength: 63 - type: string - required: - - project - - schema - - serviceName - - subjectName - type: object - status: - description: KafkaSchemaStatus defines the observed state of KafkaSchema - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaSchema state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.subjectName + name: Subject + type: string + - jsonPath: .spec.compatibilityLevel + name: Compatibility Level + type: string + - jsonPath: .status.version + name: Version + type: number + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaSchema is the Schema for the kafkaschemas API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaSchemaSpec defines the desired state of KafkaSchema + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - version: - description: Kafka Schema configuration version - type: integer - required: - - conditions - - version - type: object - type: object - served: true - storage: true - subresources: - status: {} + compatibilityLevel: + description: Kafka Schemas compatibility level + enum: + - BACKWARD + - BACKWARD_TRANSITIVE + - FORWARD + - FORWARD_TRANSITIVE + - FULL + - FULL_TRANSITIVE + - NONE + type: string + project: + description: Project to link the Kafka Schema to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + schema: + description: + Kafka Schema configuration should be a valid Avro Schema + JSON format + type: string + serviceName: + description: Service to link the Kafka Schema to + maxLength: 63 + type: string + subjectName: + description: Kafka Schema Subject name + maxLength: 63 + type: string + required: + - project + - schema + - serviceName + - subjectName + type: object + status: + description: KafkaSchemaStatus defines the observed state of KafkaSchema + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaSchema state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + version: + description: Kafka Schema configuration version + type: integer + required: + - conditions + - version + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_kafkatopics.yaml b/charts/aiven-operator-crds/templates/aiven.io_kafkatopics.yaml index b48be5eb..dbddcef8 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_kafkatopics.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_kafkatopics.yaml @@ -15,280 +15,291 @@ spec: singular: kafkatopic scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.partitions - name: Partitions - type: string - - jsonPath: .spec.replication - name: Replication - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaTopic is the Schema for the kafkatopics API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaTopicSpec defines the desired state of KafkaTopic - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - config: - description: Kafka topic configuration - properties: - cleanup_policy: - description: cleanup.policy value - type: string - compression_type: - description: compression.type value - type: string - delete_retention_ms: - description: delete.retention.ms value - format: int64 - type: integer - file_delete_delay_ms: - description: file.delete.delay.ms value - format: int64 - type: integer - flush_messages: - description: flush.messages value - format: int64 - type: integer - flush_ms: - description: flush.ms value - format: int64 - type: integer - index_interval_bytes: - description: index.interval.bytes value - format: int64 - type: integer - max_compaction_lag_ms: - description: max.compaction.lag.ms value - format: int64 - type: integer - max_message_bytes: - description: max.message.bytes value - format: int64 - type: integer - message_downconversion_enable: - description: message.downconversion.enable value - type: boolean - message_format_version: - description: message.format.version value - type: string - message_timestamp_difference_max_ms: - description: message.timestamp.difference.max.ms value - format: int64 - type: integer - message_timestamp_type: - description: message.timestamp.type value - type: string - min_cleanable_dirty_ratio: - description: min.cleanable.dirty.ratio value - type: number - min_compaction_lag_ms: - description: min.compaction.lag.ms value - format: int64 - type: integer - min_insync_replicas: - description: min.insync.replicas value - format: int64 - type: integer - preallocate: - description: preallocate value - type: boolean - retention_bytes: - description: retention.bytes value - format: int64 - type: integer - retention_ms: - description: retention.ms value - format: int64 - type: integer - segment_bytes: - description: segment.bytes value - format: int64 - type: integer - segment_index_bytes: - description: segment.index.bytes value - format: int64 - type: integer - segment_jitter_ms: - description: segment.jitter.ms value - format: int64 - type: integer - segment_ms: - description: segment.ms value - format: int64 - type: integer - type: object - partitions: - description: Number of partitions to create in the topic - maximum: 1000000 - minimum: 1 - type: integer - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - replication: - description: Replication factor for the topic - minimum: 2 - type: integer - serviceName: - description: Service name. - maxLength: 63 - type: string - tags: - description: Kafka topic tags - items: + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.partitions + name: Partitions + type: string + - jsonPath: .spec.replication + name: Replication + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaTopic is the Schema for the kafkatopics API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaTopicSpec defines the desired state of KafkaTopic + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: key: - format: ^[a-zA-Z0-9_-]*$ - maxLength: 64 minLength: 1 type: string - value: - format: ^[a-zA-Z0-9_-]*$ - maxLength: 256 + name: + minLength: 1 type: string required: - - key + - key + - name type: object - type: array - termination_protection: - description: It is a Kubernetes side deletion protections, which prevents - the kafka topic from being deleted by Kubernetes. It is recommended - to enable this for any production databases containing critical - data. - type: boolean - topicName: - description: Topic name. If provided, is used instead of metadata.name. - This field supports additional characters, has a longer length, - and will replace metadata.name in future releases - maxLength: 249 - minLength: 1 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - partitions - - project - - replication - - serviceName - type: object - status: - description: KafkaTopicStatus defines the observed state of KafkaTopic - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaTopic state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + config: + description: Kafka topic configuration properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + cleanup_policy: + description: cleanup.policy value type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + compression_type: + description: compression.type value type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + delete_retention_ms: + description: delete.retention.ms value format: int64 - minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + file_delete_delay_ms: + description: file.delete.delay.ms value + format: int64 + type: integer + flush_messages: + description: flush.messages value + format: int64 + type: integer + flush_ms: + description: flush.ms value + format: int64 + type: integer + index_interval_bytes: + description: index.interval.bytes value + format: int64 + type: integer + max_compaction_lag_ms: + description: max.compaction.lag.ms value + format: int64 + type: integer + max_message_bytes: + description: max.message.bytes value + format: int64 + type: integer + message_downconversion_enable: + description: message.downconversion.enable value + type: boolean + message_format_version: + description: message.format.version value type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + message_timestamp_difference_max_ms: + description: message.timestamp.difference.max.ms value + format: int64 + type: integer + message_timestamp_type: + description: message.timestamp.type value type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + min_cleanable_dirty_ratio: + description: min.cleanable.dirty.ratio value + type: number + min_compaction_lag_ms: + description: min.compaction.lag.ms value + format: int64 + type: integer + min_insync_replicas: + description: min.insync.replicas value + format: int64 + type: integer + preallocate: + description: preallocate value + type: boolean + retention_bytes: + description: retention.bytes value + format: int64 + type: integer + retention_ms: + description: retention.ms value + format: int64 + type: integer + segment_bytes: + description: segment.bytes value + format: int64 + type: integer + segment_index_bytes: + description: segment.index.bytes value + format: int64 + type: integer + segment_jitter_ms: + description: segment.jitter.ms value + format: int64 + type: integer + segment_ms: + description: segment.ms value + format: int64 + type: integer type: object - type: array - state: - description: State represents the state of the kafka topic - type: string - required: - - conditions - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + partitions: + description: Number of partitions to create in the topic + maximum: 1000000 + minimum: 1 + type: integer + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + replication: + description: Replication factor for the topic + minimum: 2 + type: integer + serviceName: + description: Service name. + maxLength: 63 + type: string + tags: + description: Kafka topic tags + items: + properties: + key: + format: ^[a-zA-Z0-9_-]*$ + maxLength: 64 + minLength: 1 + type: string + value: + format: ^[a-zA-Z0-9_-]*$ + maxLength: 256 + type: string + required: + - key + type: object + type: array + termination_protection: + description: + It is a Kubernetes side deletion protections, which prevents + the kafka topic from being deleted by Kubernetes. It is recommended + to enable this for any production databases containing critical + data. + type: boolean + topicName: + description: + Topic name. If provided, is used instead of metadata.name. + This field supports additional characters, has a longer length, + and will replace metadata.name in future releases + maxLength: 249 + minLength: 1 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - partitions + - project + - replication + - serviceName + type: object + status: + description: KafkaTopicStatus defines the observed state of KafkaTopic + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaTopic state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: State represents the state of the kafka topic + type: string + required: + - conditions + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml b/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml index 635c30b8..d9232633 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_mysqls.yaml @@ -15,658 +15,735 @@ spec: singular: mysql scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: MySQL is the Schema for the mysqls API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MySQLSpec defines the desired state of MySQL - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `MYSQL_HOST`, `MYSQL_PORT`, `MYSQL_DATABASE`, `MYSQL_USER`, `MYSQL_PASSWORD`, - `MYSQL_SSL_MODE`, `MYSQL_URI`, `MYSQL_REPLICA_URI`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: MySQL is the Schema for the mysqls API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: MySQLSpec defines the desired state of MySQL + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: MySQL specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `MYSQL_HOST`, `MYSQL_PORT`, `MYSQL_DATABASE`, `MYSQL_USER`, `MYSQL_PASSWORD`, + `MYSQL_SSL_MODE`, `MYSQL_URI`, `MYSQL_REPLICA_URI`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - maxItems: 1 - type: array - admin_password: - description: Custom password for admin user. Defaults to random - string. This must be set only when a new service is being created. - maxLength: 256 - minLength: 8 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - admin_username: - description: Custom username for admin user. This must be set - only when a new service is being created. - maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - x-kubernetes-validations: + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - backup_hour: - description: The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 - minimum: 0 - type: integer - binlog_retention_period: - description: The minimum amount of time in seconds to keep binlog - entries before deletion. This may be extended for services that - require binlog entries for longer than the default for example - if using the MySQL Debezium Kafka connector. - maximum: 86400 - minimum: 600 - type: integer - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) + integrationType: enum: - - dump - - replication - type: string - password: - description: Password for authentication with the server where - to migrate data from - maxLength: 256 + - read_replica type: string - port: - description: Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: The server where to migrate data from is secured - with SSL - type: boolean - username: - description: User name for authentication with the server - where to migrate data from - maxLength: 256 + sourceServiceName: + maxLength: 64 + minLength: 1 type: string required: - - host - - port - type: object - mysql: - description: mysql.conf configuration values - properties: - connect_timeout: - description: The number of seconds that the mysqld server - waits for a connect packet before responding with Bad handshake - maximum: 3600 - minimum: 2 - type: integer - default_time_zone: - description: Default server time zone as an offset from UTC - (from -12:00 to +12:00), a time zone name, or 'SYSTEM' to - use the MySQL server default. - maxLength: 100 - minLength: 2 - type: string - group_concat_max_len: - description: The maximum permitted result length in bytes - for the GROUP_CONCAT() function. - minimum: 4 - type: integer - information_schema_stats_expiry: - description: The time, in seconds, before cached statistics - expire - maximum: 31536000 - minimum: 900 - type: integer - innodb_change_buffer_max_size: - description: Maximum size for the InnoDB change buffer, as - a percentage of the total size of the buffer pool. Default - is 25 - maximum: 50 - minimum: 0 - type: integer - innodb_flush_neighbors: - description: 'Specifies whether flushing a page from the InnoDB - buffer pool also flushes other dirty pages in the same extent - (default is 1): 0 - dirty pages in the same extent are not - flushed, 1 - flush contiguous dirty pages in the same extent, 2 - - flush dirty pages in the same extent' - maximum: 2 - minimum: 0 - type: integer - innodb_ft_min_token_size: - description: Minimum length of words that are stored in an - InnoDB FULLTEXT index. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 16 - minimum: 0 - type: integer - innodb_ft_server_stopword_table: - description: This option is used to specify your own InnoDB - FULLTEXT index stopword list for all InnoDB tables. - maxLength: 1024 - pattern: ^.+/.+$ - type: string - innodb_lock_wait_timeout: - description: The length of time in seconds an InnoDB transaction - waits for a row lock before giving up. Default is 120. - maximum: 3600 - minimum: 1 - type: integer - innodb_log_buffer_size: - description: The size in bytes of the buffer that InnoDB uses - to write to the log files on disk. - maximum: 4294967295 - minimum: 1048576 - type: integer - innodb_online_alter_log_max_size: - description: The upper limit in bytes on the size of the temporary - log files used during online DDL operations for InnoDB tables. - maximum: 1099511627776 - minimum: 65536 - type: integer - innodb_print_all_deadlocks: - description: When enabled, information about all deadlocks - in InnoDB user transactions is recorded in the error log. - Disabled by default. - type: boolean - innodb_read_io_threads: - description: The number of I/O threads for read operations - in InnoDB. Default is 4. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 64 - minimum: 1 - type: integer - innodb_rollback_on_timeout: - description: When enabled a transaction timeout causes InnoDB - to abort and roll back the entire transaction. Changing - this parameter will lead to a restart of the MySQL service. - type: boolean - innodb_thread_concurrency: - description: Defines the maximum number of threads permitted - inside of InnoDB. Default is 0 (infinite concurrency - no - limit) - maximum: 1000 - minimum: 0 - type: integer - innodb_write_io_threads: - description: The number of I/O threads for write operations - in InnoDB. Default is 4. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 64 - minimum: 1 - type: integer - interactive_timeout: - description: The number of seconds the server waits for activity - on an interactive connection before closing it. - maximum: 604800 - minimum: 30 - type: integer - internal_tmp_mem_storage_engine: - description: The storage engine for in-memory internal temporary - tables. - enum: - - TempTable - - MEMORY - type: string - long_query_time: - description: The slow_query_logs work as SQL statements that - take more than long_query_time seconds to execute. Default - is 10s - maximum: 3600 - minimum: 0 - type: number - max_allowed_packet: - description: Size of the largest message in bytes that can - be received by the server. Default is 67108864 (64M) - maximum: 1073741824 - minimum: 102400 - type: integer - max_heap_table_size: - description: Limits the size of internal in-memory tables. - Also set tmp_table_size. Default is 16777216 (16M) - maximum: 1073741824 - minimum: 1048576 - type: integer - net_buffer_length: - description: Start sizes of connection buffer and result buffer. - Default is 16384 (16K). Changing this parameter will lead - to a restart of the MySQL service. - maximum: 1048576 - minimum: 1024 - type: integer - net_read_timeout: - description: The number of seconds to wait for more data from - a connection before aborting the read. - maximum: 3600 - minimum: 1 - type: integer - net_write_timeout: - description: The number of seconds to wait for a block to - be written to a connection before aborting the write. - maximum: 3600 - minimum: 1 - type: integer - slow_query_log: - description: Slow query log enables capturing of slow queries. - Setting slow_query_log to false also truncates the mysql.slow_log - table. Default is off - type: boolean - sort_buffer_size: - description: Sort buffer size in bytes for ORDER BY optimization. - Default is 262144 (256K) - maximum: 1073741824 - minimum: 32768 - type: integer - sql_mode: - description: Global SQL mode. Set to empty to use MySQL server - defaults. When creating a new service and not setting this - field Aiven default SQL mode (strict, SQL standard compliant) - will be assigned. - maxLength: 1024 - pattern: ^[A-Z_]*(,[A-Z_]+)*$ - type: string - sql_require_primary_key: - description: Require primary key to be defined for new tables - or old tables modified with ALTER TABLE and fail if missing. - It is recommended to always have primary keys because various - functionality may break if any large table is missing them. - type: boolean - tmp_table_size: - description: Limits the size of internal in-memory tables. - Also set max_heap_table_size. Default is 16777216 (16M) - maximum: 1073741824 - minimum: 1048576 - type: integer - wait_timeout: - description: The number of seconds the server waits for activity - on a noninteractive connection before closing it. - maximum: 2147483 - minimum: 1 - type: integer + - integrationType + - sourceServiceName type: object - mysql_version: - description: MySQL major version - enum: - - "8" - type: string - private_access: - description: Allow access to selected service ports from private - networks - properties: - mysql: - description: Allow clients to connect to mysql with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - mysqlx: - description: Allow clients to connect to mysqlx with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - mysql: - description: Enable mysql - type: boolean - mysqlx: - description: Enable mysqlx - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - mysql: - description: Allow clients to connect to mysql from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - mysqlx: - description: Allow clients to connect to mysqlx from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_target_time: - description: Recovery target time when forking a service. This - has effect only when a new service is being created. - maxLength: 32 + tags: + additionalProperties: type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: MySQL specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + admin_password: + description: + Custom password for admin user. Defaults to random + string. This must be set only when a new service is being created. + maxLength: 256 + minLength: 8 + pattern: ^[a-zA-Z0-9-_]+$ type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + admin_username: + description: + Custom username for admin user. This must be set + only when a new service is being created. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + backup_hour: + description: + The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + backup_minute: + description: + The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + binlog_retention_period: + description: + The minimum amount of time in seconds to keep binlog + entries before deletion. This may be extended for services that + require binlog entries for longer than the default for example + if using the MySQL Debezium Kafka connector. + maximum: 86400 + minimum: 600 + type: integer + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server + properties: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: + Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: + Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: + The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) + enum: + - dump + - replication + type: string + password: + description: + Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: + Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: + The server where to migrate data from is secured + with SSL + type: boolean + username: + description: + User name for authentication with the server + where to migrate data from + maxLength: 256 + type: string + required: + - host + - port + type: object + mysql: + description: mysql.conf configuration values + properties: + connect_timeout: + description: + The number of seconds that the mysqld server + waits for a connect packet before responding with Bad handshake + maximum: 3600 + minimum: 2 + type: integer + default_time_zone: + description: + Default server time zone as an offset from UTC + (from -12:00 to +12:00), a time zone name, or 'SYSTEM' to + use the MySQL server default. + maxLength: 100 + minLength: 2 + type: string + group_concat_max_len: + description: + The maximum permitted result length in bytes + for the GROUP_CONCAT() function. + minimum: 4 + type: integer + information_schema_stats_expiry: + description: + The time, in seconds, before cached statistics + expire + maximum: 31536000 + minimum: 900 + type: integer + innodb_change_buffer_max_size: + description: + Maximum size for the InnoDB change buffer, as + a percentage of the total size of the buffer pool. Default + is 25 + maximum: 50 + minimum: 0 + type: integer + innodb_flush_neighbors: + description: + "Specifies whether flushing a page from the InnoDB + buffer pool also flushes other dirty pages in the same extent + (default is 1): 0 - dirty pages in the same extent are not + flushed, 1 - flush contiguous dirty pages in the same extent, 2 + - flush dirty pages in the same extent" + maximum: 2 + minimum: 0 + type: integer + innodb_ft_min_token_size: + description: + Minimum length of words that are stored in an + InnoDB FULLTEXT index. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 16 + minimum: 0 + type: integer + innodb_ft_server_stopword_table: + description: + This option is used to specify your own InnoDB + FULLTEXT index stopword list for all InnoDB tables. + maxLength: 1024 + pattern: ^.+/.+$ + type: string + innodb_lock_wait_timeout: + description: + The length of time in seconds an InnoDB transaction + waits for a row lock before giving up. Default is 120. + maximum: 3600 + minimum: 1 + type: integer + innodb_log_buffer_size: + description: + The size in bytes of the buffer that InnoDB uses + to write to the log files on disk. + maximum: 4294967295 + minimum: 1048576 + type: integer + innodb_online_alter_log_max_size: + description: + The upper limit in bytes on the size of the temporary + log files used during online DDL operations for InnoDB tables. + maximum: 1099511627776 + minimum: 65536 + type: integer + innodb_print_all_deadlocks: + description: + When enabled, information about all deadlocks + in InnoDB user transactions is recorded in the error log. + Disabled by default. + type: boolean + innodb_read_io_threads: + description: + The number of I/O threads for read operations + in InnoDB. Default is 4. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 64 + minimum: 1 + type: integer + innodb_rollback_on_timeout: + description: + When enabled a transaction timeout causes InnoDB + to abort and roll back the entire transaction. Changing + this parameter will lead to a restart of the MySQL service. + type: boolean + innodb_thread_concurrency: + description: + Defines the maximum number of threads permitted + inside of InnoDB. Default is 0 (infinite concurrency - no + limit) + maximum: 1000 + minimum: 0 + type: integer + innodb_write_io_threads: + description: + The number of I/O threads for write operations + in InnoDB. Default is 4. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 64 + minimum: 1 + type: integer + interactive_timeout: + description: + The number of seconds the server waits for activity + on an interactive connection before closing it. + maximum: 604800 + minimum: 30 + type: integer + internal_tmp_mem_storage_engine: + description: + The storage engine for in-memory internal temporary + tables. + enum: + - TempTable + - MEMORY + type: string + long_query_time: + description: + The slow_query_logs work as SQL statements that + take more than long_query_time seconds to execute. Default + is 10s + maximum: 3600 + minimum: 0 + type: number + max_allowed_packet: + description: + Size of the largest message in bytes that can + be received by the server. Default is 67108864 (64M) + maximum: 1073741824 + minimum: 102400 + type: integer + max_heap_table_size: + description: + Limits the size of internal in-memory tables. + Also set tmp_table_size. Default is 16777216 (16M) + maximum: 1073741824 + minimum: 1048576 + type: integer + net_buffer_length: + description: + Start sizes of connection buffer and result buffer. + Default is 16384 (16K). Changing this parameter will lead + to a restart of the MySQL service. + maximum: 1048576 + minimum: 1024 + type: integer + net_read_timeout: + description: + The number of seconds to wait for more data from + a connection before aborting the read. + maximum: 3600 + minimum: 1 + type: integer + net_write_timeout: + description: + The number of seconds to wait for a block to + be written to a connection before aborting the write. + maximum: 3600 + minimum: 1 + type: integer + slow_query_log: + description: + Slow query log enables capturing of slow queries. + Setting slow_query_log to false also truncates the mysql.slow_log + table. Default is off + type: boolean + sort_buffer_size: + description: + Sort buffer size in bytes for ORDER BY optimization. + Default is 262144 (256K) + maximum: 1073741824 + minimum: 32768 + type: integer + sql_mode: + description: + Global SQL mode. Set to empty to use MySQL server + defaults. When creating a new service and not setting this + field Aiven default SQL mode (strict, SQL standard compliant) + will be assigned. + maxLength: 1024 + pattern: ^[A-Z_]*(,[A-Z_]+)*$ + type: string + sql_require_primary_key: + description: + Require primary key to be defined for new tables + or old tables modified with ALTER TABLE and fail if missing. + It is recommended to always have primary keys because various + functionality may break if any large table is missing them. + type: boolean + tmp_table_size: + description: + Limits the size of internal in-memory tables. + Also set max_heap_table_size. Default is 16777216 (16M) + maximum: 1073741824 + minimum: 1048576 + type: integer + wait_timeout: + description: + The number of seconds the server waits for activity + on a noninteractive connection before closing it. + maximum: 2147483 + minimum: 1 + type: integer + type: object + mysql_version: + description: MySQL major version enum: - - "True" - - "False" - - Unknown + - "8" type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + private_access: + description: + Allow access to selected service ports from private + networks + properties: + mysql: + description: + Allow clients to connect to mysql with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + mysqlx: + description: + Allow clients to connect to mysqlx with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + mysql: + description: Enable mysql + type: boolean + mysqlx: + description: Enable mysqlx + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + mysql: + description: + Allow clients to connect to mysql from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + mysqlx: + description: + Allow clients to connect to mysqlx from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_target_time: + description: + Recovery target time when forking a service. This + has effect only when a new service is being created. + maxLength: 32 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml index 7fa9b0ac..8a403e83 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml @@ -15,946 +15,1048 @@ spec: singular: opensearch scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: OpenSearch is the Schema for the opensearches API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: OpenSearchSpec defines the desired state of OpenSearch - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`' - properties: - annotations: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: OpenSearch is the Schema for the opensearches API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: OpenSearchSpec defines the desired state of OpenSearch + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`" properties: - integrationType: - enum: - - read_replica + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - integrationType - - sourceServiceName + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: OpenSearch specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 type: string - maxItems: 1 - type: array - custom_domain: - description: Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + properties: + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName + type: object + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - disable_replication_factor_adjustment: - description: 'DEPRECATED: Disable automatic replication factor - adjustment for multi-node services. By default, Aiven ensures - all indexes are replicated at least to two nodes. Note: Due - to potential data loss in case of losing a service node, this - setting can no longer be activated.' - type: boolean - index_patterns: - description: Index patterns - items: - description: 'Allows you to create glob style patterns and set - a max number of indexes matching this pattern you want to - keep. Creating indexes exceeding this value will cause the - oldest one to get deleted. You could for example create a - pattern looking like ''logs.?'' and then create index logs.1, - logs.2 etc, it will delete logs.1 once you create logs.6. - Do note ''logs.?'' does not apply to logs.10. Note: Setting - max_index_count to 0 will do nothing and the pattern gets - ignored.' + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: OpenSearch specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + custom_domain: + description: + Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + disable_replication_factor_adjustment: + description: + "DEPRECATED: Disable automatic replication factor + adjustment for multi-node services. By default, Aiven ensures + all indexes are replicated at least to two nodes. Note: Due + to potential data loss in case of losing a service node, this + setting can no longer be activated." + type: boolean + index_patterns: + description: Index patterns + items: + description: + "Allows you to create glob style patterns and set + a max number of indexes matching this pattern you want to + keep. Creating indexes exceeding this value will cause the + oldest one to get deleted. You could for example create a + pattern looking like 'logs.?' and then create index logs.1, + logs.2 etc, it will delete logs.1 once you create logs.6. + Do note 'logs.?' does not apply to logs.10. Note: Setting + max_index_count to 0 will do nothing and the pattern gets + ignored." + properties: + max_index_count: + description: Maximum number of indexes to keep + minimum: 0 + type: integer + pattern: + description: fnmatch pattern + maxLength: 1024 + pattern: ^[A-Za-z0-9-_.*?]+$ + type: string + sorting_algorithm: + description: Deletion sorting algorithm + enum: + - alphabetical + - creation_date + type: string + required: + - max_index_count + - pattern + type: object + maxItems: 512 + type: array + index_template: + description: Template settings for all new indexes properties: - max_index_count: - description: Maximum number of indexes to keep + mapping_nested_objects_limit: + description: + The maximum number of nested JSON objects that + a single document can contain across all nested types. This + limit helps to prevent out of memory errors when a document + contains too many nested objects. Default is 10000. + maximum: 100000 + minimum: 0 + type: integer + number_of_replicas: + description: The number of replicas each primary shard has. + maximum: 29 minimum: 0 type: integer - pattern: - description: fnmatch pattern + number_of_shards: + description: + The number of primary shards that an index should + have. + maximum: 1024 + minimum: 1 + type: integer + type: object + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + keep_index_refresh_interval: + description: + Aiven automation resets index.refresh_interval to + default value for every index to be sure that indices are always + visible to search. If it doesn't fit your case, you can disable + this by setting up this flag to true. + type: boolean + max_index_count: + description: "DEPRECATED: use index_patterns instead" + minimum: 0 + type: integer + openid: + description: OpenSearch OpenID Connect Configuration + properties: + client_id: + description: + The ID of the OpenID Connect client configured + in your IdP. Required. + maxLength: 1024 + minLength: 1 + type: string + client_secret: + description: + The client secret of the OpenID Connect client + configured in your IdP. Required. + maxLength: 1024 + minLength: 1 + type: string + connect_url: + description: + The URL of your IdP where the Security plugin + can find the OpenID Connect metadata/configuration settings. + maxLength: 2048 + type: string + enabled: + description: + Enables or disables OpenID Connect authentication + for OpenSearch. When enabled, users can authenticate using + OpenID Connect with an Identity Provider. + type: boolean + header: + description: + HTTP header name of the JWT token. Optional. + Default is Authorization. + maxLength: 1024 + minLength: 1 + type: string + jwt_header: + description: + "The HTTP header that stores the token. Typically + the Authorization header with the Bearer schema: Authorization: + Bearer . Optional. Default is Authorization." + maxLength: 1024 + minLength: 1 + type: string + jwt_url_parameter: + description: + If the token is not transmitted in the HTTP header, + but as an URL parameter, define the name of the parameter + here. Optional. + maxLength: 1024 + minLength: 1 + type: string + refresh_rate_limit_count: + description: + The maximum number of unknown key IDs in the + time frame. Default is 10. Optional. + minimum: 10 + type: integer + refresh_rate_limit_time_window_ms: + description: + The time frame to use when checking the maximum + number of unknown key IDs, in milliseconds. Optional.Default + is 10000 (10 seconds). + minimum: 10000 + type: integer + roles_key: + description: + The key in the JSON payload that stores the user’s + roles. The value of this key must be a comma-separated list + of roles. Required only if you want to use roles in the + JWT + maxLength: 1024 + minLength: 1 + type: string + scope: + description: + The scope of the identity token issued by the + IdP. Optional. Default is openid profile email address phone. maxLength: 1024 - pattern: ^[A-Za-z0-9-_.*?]+$ + minLength: 1 type: string - sorting_algorithm: - description: Deletion sorting algorithm - enum: - - alphabetical - - creation_date + subject_key: + description: + The key in the JSON payload that stores the user’s + name. If not defined, the subject registered claim is used. + Most IdP providers use the preferred_username claim. Optional. + maxLength: 1024 + minLength: 1 type: string required: - - max_index_count - - pattern + - client_id + - client_secret + - connect_url + - enabled type: object - maxItems: 512 - type: array - index_template: - description: Template settings for all new indexes - properties: - mapping_nested_objects_limit: - description: The maximum number of nested JSON objects that - a single document can contain across all nested types. This - limit helps to prevent out of memory errors when a document - contains too many nested objects. Default is 10000. - maximum: 100000 - minimum: 0 - type: integer - number_of_replicas: - description: The number of replicas each primary shard has. - maximum: 29 - minimum: 0 - type: integer - number_of_shards: - description: The number of primary shards that an index should - have. - maximum: 1024 - minimum: 1 - type: integer - type: object - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field + opensearch: + description: OpenSearch settings properties: - description: - description: Description for IP filter list entry + action_auto_create_index_enabled: + description: + Explicitly allow or block automatic creation + of indices. Defaults to true + type: boolean + action_destructive_requires_name: + description: Require explicit index names when deleting + type: boolean + auth_failure_listeners: + description: Opensearch Security Plugin Settings + properties: + internal_authentication_backend_limiting: + properties: + allowed_tries: + description: + The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 0 + type: integer + authentication_backend: + description: internal_authentication_backend_limiting.authentication_backend + enum: + - internal + maxLength: 1024 + type: string + block_expiry_seconds: + description: + The duration of time that login remains + blocked after a failed login + maximum: 2147483647 + minimum: 0 + type: integer + max_blocked_clients: + description: internal_authentication_backend_limiting.max_blocked_clients + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: + The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: + The window of time in which the value + for `allowed_tries` is enforced + maximum: 2147483647 + minimum: 0 + type: integer + type: + description: internal_authentication_backend_limiting.type + enum: + - username + maxLength: 1024 + type: string + type: object + ip_rate_limiting: + description: IP address rate limiting settings + properties: + allowed_tries: + description: + The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 1 + type: integer + block_expiry_seconds: + description: + The duration of time that login remains + blocked after a failed login + maximum: 36000 + minimum: 1 + type: integer + max_blocked_clients: + description: The maximum number of blocked IP addresses + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: + The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: + The window of time in which the value + for `allowed_tries` is enforced + maximum: 36000 + minimum: 1 + type: integer + type: + description: The type of rate limiting + enum: + - ip + maxLength: 1024 + type: string + type: object + type: object + cluster_max_shards_per_node: + description: + Controls the number of shards allowed in the + cluster per data node + maximum: 10000 + minimum: 100 + type: integer + cluster_routing_allocation_node_concurrent_recoveries: + description: + How many concurrent incoming/outgoing shard recoveries + (normally replicas) are allowed to happen on a node. Defaults + to 2. + maximum: 16 + minimum: 2 + type: integer + email_sender_name: + description: + Sender name placeholder to be used in Opensearch + Dashboards and Opensearch keystore + maxLength: 40 + pattern: ^[a-zA-Z0-9-_]+$ + type: string + email_sender_password: + description: + Sender password for Opensearch alerts to authenticate + with SMTP server + maxLength: 1024 + pattern: ^[^\x00-\x1F]+$ + type: string + email_sender_username: + description: Sender username for Opensearch alerts + maxLength: 320 + pattern: ^[^\x00-\x1F]+$ + type: string + enable_security_audit: + description: Enable/Disable security audit + type: boolean + http_max_content_length: + description: + Maximum content length for HTTP requests to the + OpenSearch HTTP API, in bytes. + maximum: 2147483647 + minimum: 1 + type: integer + http_max_header_size: + description: The max size of allowed headers, in bytes + maximum: 262144 + minimum: 1024 + type: integer + http_max_initial_line_length: + description: The max length of an HTTP URL, in bytes + maximum: 65536 + minimum: 1024 + type: integer + indices_fielddata_cache_size: + description: + Relative amount. Maximum amount of heap memory + used for field data cache. This is an expert setting; decreasing + the value too much will increase overhead of loading field + data; too much memory used for field data cache will decrease + amount of heap available for other operations. + maximum: 100 + minimum: 3 + type: integer + indices_memory_index_buffer_size: + description: + Percentage value. Default is 10%. Total amount + of heap used for indexing buffer, before writing segments + to disk. This is an expert setting. Too low value will slow + down indexing; too high value will increase indexing performance + but causes performance issues for query performance. + maximum: 40 + minimum: 3 + type: integer + indices_memory_max_index_buffer_size: + description: + Absolute value. Default is unbound. Doesn't work + without indices.memory.index_buffer_size. Maximum amount + of heap used for query cache, an absolute indices.memory.index_buffer_size + maximum hard limit. + maximum: 2048 + minimum: 3 + type: integer + indices_memory_min_index_buffer_size: + description: + Absolute value. Default is 48mb. Doesn't work + without indices.memory.index_buffer_size. Minimum amount + of heap used for query cache, an absolute indices.memory.index_buffer_size + minimal hard limit. + maximum: 2048 + minimum: 3 + type: integer + indices_queries_cache_size: + description: + Percentage value. Default is 10%. Maximum amount + of heap used for query cache. This is an expert setting. + Too low value will decrease query performance and increase + performance for other operations; too high value will cause + issues with other OpenSearch functionality. + maximum: 40 + minimum: 3 + type: integer + indices_query_bool_max_clause_count: + description: + Maximum number of clauses Lucene BooleanQuery + can have. The default value (1024) is relatively high, and + increasing it may cause performance issues. Investigate + other approaches first before increasing this value. + maximum: 4096 + minimum: 64 + type: integer + indices_recovery_max_bytes_per_sec: + description: + Limits total inbound and outbound recovery traffic + for each node. Applies to both peer recoveries as well as + snapshot recoveries (i.e., restores from a snapshot). Defaults + to 40mb + maximum: 400 + minimum: 40 + type: integer + indices_recovery_max_concurrent_file_chunks: + description: + Number of file chunks sent in parallel for each + recovery. Defaults to 2. + maximum: 5 + minimum: 2 + type: integer + ism_enabled: + description: Specifies whether ISM is enabled or not + type: boolean + ism_history_enabled: + description: + Specifies whether audit history is enabled or + not. The logs from ISM are automatically indexed to a logs + document. + type: boolean + ism_history_max_age: + description: + The maximum age before rolling over the audit + history index in hours + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_max_docs: + description: + The maximum number of documents before rolling + over the audit history index. + minimum: 1 + type: integer + ism_history_rollover_check_period: + description: + The time between rollover checks for the audit + history index in hours. + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_rollover_retention_period: + description: How long audit history indices are kept in days. + maximum: 2147483647 + minimum: 1 + type: integer + override_main_response_version: + description: + Compatibility mode sets OpenSearch to report + its version as 7.10 so clients continue to work. Default + is false + type: boolean + reindex_remote_whitelist: + description: + Whitelisted addresses for reindexing. Changing + this value will cause all OpenSearch instances to restart. + items: + type: string + maxItems: 32 + type: array + script_max_compilations_rate: + description: + Script compilation circuit breaker limits the + number of inline script compilations within a period of + time. Default is use-context + maxLength: 1024 + type: string + search_max_buckets: + description: + Maximum number of aggregation buckets allowed + in a single response. OpenSearch default value is used when + this is not defined. + maximum: 1000000 + minimum: 1 + type: integer + thread_pool_analyze_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_analyze_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_force_merge_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_get_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_get_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_throttled_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_throttled_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_write_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_write_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + type: object + opensearch_dashboards: + description: OpenSearch Dashboards settings + properties: + enabled: + description: Enable or disable OpenSearch Dashboards + type: boolean + max_old_space_size: + description: + "Limits the maximum amount of memory (in MiB) + the OpenSearch Dashboards process can use. This sets the + max_old_space_size option of the nodejs running the OpenSearch + Dashboards. Note: the memory reserved by OpenSearch Dashboards + is not available for OpenSearch." + maximum: 2048 + minimum: 64 + type: integer + opensearch_request_timeout: + description: + Timeout in milliseconds for requests made by + OpenSearch Dashboards towards OpenSearch + maximum: 120000 + minimum: 5000 + type: integer + type: object + opensearch_version: + description: OpenSearch major version + enum: + - "1" + - "2" + type: string + private_access: + description: + Allow access to selected service ports from private + networks + properties: + opensearch: + description: + Allow clients to connect to opensearch with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + opensearch_dashboards: + description: + Allow clients to connect to opensearch_dashboards + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + opensearch: + description: Enable opensearch + type: boolean + opensearch_dashboards: + description: Enable opensearch_dashboards + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + opensearch: + description: + Allow clients to connect to opensearch from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + opensearch_dashboards: + description: + Allow clients to connect to opensearch_dashboards + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ + type: string + saml: + description: OpenSearch SAML configuration + properties: + enabled: + description: + Enables or disables SAML-based authentication + for OpenSearch. When enabled, users can authenticate using + SAML with an Identity Provider. + type: boolean + idp_entity_id: + description: + The unique identifier for the Identity Provider + (IdP) entity that is used for SAML authentication. This + value is typically provided by the IdP. maxLength: 1024 + minLength: 1 type: string - network: - description: CIDR address block - maxLength: 43 + idp_metadata_url: + description: + The URL of the SAML metadata for the Identity + Provider (IdP). This is used to configure SAML-based authentication + with the IdP. + maxLength: 2048 + minLength: 1 + type: string + idp_pemtrustedcas_content: + description: + This parameter specifies the PEM-encoded root + certificate authority (CA) content for the SAML identity + provider (IdP) server verification. The root CA content + is used to verify the SSL/TLS certificate presented by the + server. + maxLength: 16384 + type: string + roles_key: + description: + Optional. Specifies the attribute in the SAML + response where role information is stored, if available. + Role attributes are not required for SAML authentication, + but can be included in SAML assertions by most Identity + Providers (IdPs) to determine user access levels or permissions. + maxLength: 256 + minLength: 1 + type: string + sp_entity_id: + description: + The unique identifier for the Service Provider + (SP) entity that is used for SAML authentication. This value + is typically provided by the SP. + maxLength: 1024 + minLength: 1 + type: string + subject_key: + description: + Optional. Specifies the attribute in the SAML + response where the subject identifier is stored. If not + configured, the NameID attribute is used by default. + maxLength: 256 + minLength: 1 type: string required: - - network + - enabled + - idp_entity_id + - idp_metadata_url + - sp_entity_id type: object - maxItems: 1024 - type: array - keep_index_refresh_interval: - description: Aiven automation resets index.refresh_interval to - default value for every index to be sure that indices are always - visible to search. If it doesn't fit your case, you can disable - this by setting up this flag to true. - type: boolean - max_index_count: - description: 'DEPRECATED: use index_patterns instead' - minimum: 0 - type: integer - openid: - description: OpenSearch OpenID Connect Configuration - properties: - client_id: - description: The ID of the OpenID Connect client configured - in your IdP. Required. - maxLength: 1024 - minLength: 1 - type: string - client_secret: - description: The client secret of the OpenID Connect client - configured in your IdP. Required. - maxLength: 1024 - minLength: 1 - type: string - connect_url: - description: The URL of your IdP where the Security plugin - can find the OpenID Connect metadata/configuration settings. - maxLength: 2048 - type: string - enabled: - description: Enables or disables OpenID Connect authentication - for OpenSearch. When enabled, users can authenticate using - OpenID Connect with an Identity Provider. - type: boolean - header: - description: HTTP header name of the JWT token. Optional. - Default is Authorization. - maxLength: 1024 - minLength: 1 - type: string - jwt_header: - description: 'The HTTP header that stores the token. Typically - the Authorization header with the Bearer schema: Authorization: - Bearer . Optional. Default is Authorization.' - maxLength: 1024 - minLength: 1 - type: string - jwt_url_parameter: - description: If the token is not transmitted in the HTTP header, - but as an URL parameter, define the name of the parameter - here. Optional. - maxLength: 1024 - minLength: 1 - type: string - refresh_rate_limit_count: - description: The maximum number of unknown key IDs in the - time frame. Default is 10. Optional. - minimum: 10 - type: integer - refresh_rate_limit_time_window_ms: - description: The time frame to use when checking the maximum - number of unknown key IDs, in milliseconds. Optional.Default - is 10000 (10 seconds). - minimum: 10000 - type: integer - roles_key: - description: The key in the JSON payload that stores the user’s - roles. The value of this key must be a comma-separated list - of roles. Required only if you want to use roles in the - JWT - maxLength: 1024 - minLength: 1 - type: string - scope: - description: The scope of the identity token issued by the - IdP. Optional. Default is openid profile email address phone. - maxLength: 1024 - minLength: 1 - type: string - subject_key: - description: The key in the JSON payload that stores the user’s - name. If not defined, the subject registered claim is used. - Most IdP providers use the preferred_username claim. Optional. - maxLength: 1024 - minLength: 1 - type: string - required: - - client_id - - client_secret - - connect_url - - enabled - type: object - opensearch: - description: OpenSearch settings + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - action_auto_create_index_enabled: - description: Explicitly allow or block automatic creation - of indices. Defaults to true - type: boolean - action_destructive_requires_name: - description: Require explicit index names when deleting - type: boolean - auth_failure_listeners: - description: Opensearch Security Plugin Settings - properties: - internal_authentication_backend_limiting: - properties: - allowed_tries: - description: The number of login attempts allowed - before login is blocked - maximum: 2147483647 - minimum: 0 - type: integer - authentication_backend: - description: internal_authentication_backend_limiting.authentication_backend - enum: - - internal - maxLength: 1024 - type: string - block_expiry_seconds: - description: The duration of time that login remains - blocked after a failed login - maximum: 2147483647 - minimum: 0 - type: integer - max_blocked_clients: - description: internal_authentication_backend_limiting.max_blocked_clients - maximum: 2147483647 - minimum: 0 - type: integer - max_tracked_clients: - description: The maximum number of tracked IP addresses - that have failed login - maximum: 2147483647 - minimum: 0 - type: integer - time_window_seconds: - description: The window of time in which the value - for `allowed_tries` is enforced - maximum: 2147483647 - minimum: 0 - type: integer - type: - description: internal_authentication_backend_limiting.type - enum: - - username - maxLength: 1024 - type: string - type: object - ip_rate_limiting: - description: IP address rate limiting settings - properties: - allowed_tries: - description: The number of login attempts allowed - before login is blocked - maximum: 2147483647 - minimum: 1 - type: integer - block_expiry_seconds: - description: The duration of time that login remains - blocked after a failed login - maximum: 36000 - minimum: 1 - type: integer - max_blocked_clients: - description: The maximum number of blocked IP addresses - maximum: 2147483647 - minimum: 0 - type: integer - max_tracked_clients: - description: The maximum number of tracked IP addresses - that have failed login - maximum: 2147483647 - minimum: 0 - type: integer - time_window_seconds: - description: The window of time in which the value - for `allowed_tries` is enforced - maximum: 36000 - minimum: 1 - type: integer - type: - description: The type of rate limiting - enum: - - ip - maxLength: 1024 - type: string - type: object - type: object - cluster_max_shards_per_node: - description: Controls the number of shards allowed in the - cluster per data node - maximum: 10000 - minimum: 100 - type: integer - cluster_routing_allocation_node_concurrent_recoveries: - description: How many concurrent incoming/outgoing shard recoveries - (normally replicas) are allowed to happen on a node. Defaults - to 2. - maximum: 16 - minimum: 2 - type: integer - email_sender_name: - description: Sender name placeholder to be used in Opensearch - Dashboards and Opensearch keystore - maxLength: 40 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - email_sender_password: - description: Sender password for Opensearch alerts to authenticate - with SMTP server - maxLength: 1024 - pattern: ^[^\x00-\x1F]+$ - type: string - email_sender_username: - description: Sender username for Opensearch alerts - maxLength: 320 - pattern: ^[^\x00-\x1F]+$ + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - enable_security_audit: - description: Enable/Disable security audit - type: boolean - http_max_content_length: - description: Maximum content length for HTTP requests to the - OpenSearch HTTP API, in bytes. - maximum: 2147483647 - minimum: 1 - type: integer - http_max_header_size: - description: The max size of allowed headers, in bytes - maximum: 262144 - minimum: 1024 - type: integer - http_max_initial_line_length: - description: The max length of an HTTP URL, in bytes - maximum: 65536 - minimum: 1024 - type: integer - indices_fielddata_cache_size: - description: Relative amount. Maximum amount of heap memory - used for field data cache. This is an expert setting; decreasing - the value too much will increase overhead of loading field - data; too much memory used for field data cache will decrease - amount of heap available for other operations. - maximum: 100 - minimum: 3 - type: integer - indices_memory_index_buffer_size: - description: Percentage value. Default is 10%. Total amount - of heap used for indexing buffer, before writing segments - to disk. This is an expert setting. Too low value will slow - down indexing; too high value will increase indexing performance - but causes performance issues for query performance. - maximum: 40 - minimum: 3 - type: integer - indices_memory_max_index_buffer_size: - description: Absolute value. Default is unbound. Doesn't work - without indices.memory.index_buffer_size. Maximum amount - of heap used for query cache, an absolute indices.memory.index_buffer_size - maximum hard limit. - maximum: 2048 - minimum: 3 - type: integer - indices_memory_min_index_buffer_size: - description: Absolute value. Default is 48mb. Doesn't work - without indices.memory.index_buffer_size. Minimum amount - of heap used for query cache, an absolute indices.memory.index_buffer_size - minimal hard limit. - maximum: 2048 - minimum: 3 - type: integer - indices_queries_cache_size: - description: Percentage value. Default is 10%. Maximum amount - of heap used for query cache. This is an expert setting. - Too low value will decrease query performance and increase - performance for other operations; too high value will cause - issues with other OpenSearch functionality. - maximum: 40 - minimum: 3 - type: integer - indices_query_bool_max_clause_count: - description: Maximum number of clauses Lucene BooleanQuery - can have. The default value (1024) is relatively high, and - increasing it may cause performance issues. Investigate - other approaches first before increasing this value. - maximum: 4096 - minimum: 64 - type: integer - indices_recovery_max_bytes_per_sec: - description: Limits total inbound and outbound recovery traffic - for each node. Applies to both peer recoveries as well as - snapshot recoveries (i.e., restores from a snapshot). Defaults - to 40mb - maximum: 400 - minimum: 40 - type: integer - indices_recovery_max_concurrent_file_chunks: - description: Number of file chunks sent in parallel for each - recovery. Defaults to 2. - maximum: 5 - minimum: 2 - type: integer - ism_enabled: - description: Specifies whether ISM is enabled or not - type: boolean - ism_history_enabled: - description: Specifies whether audit history is enabled or - not. The logs from ISM are automatically indexed to a logs - document. - type: boolean - ism_history_max_age: - description: The maximum age before rolling over the audit - history index in hours - maximum: 2147483647 - minimum: 1 - type: integer - ism_history_max_docs: - description: The maximum number of documents before rolling - over the audit history index. - minimum: 1 - type: integer - ism_history_rollover_check_period: - description: The time between rollover checks for the audit - history index in hours. - maximum: 2147483647 - minimum: 1 - type: integer - ism_history_rollover_retention_period: - description: How long audit history indices are kept in days. - maximum: 2147483647 - minimum: 1 - type: integer - override_main_response_version: - description: Compatibility mode sets OpenSearch to report - its version as 7.10 so clients continue to work. Default - is false - type: boolean - reindex_remote_whitelist: - description: Whitelisted addresses for reindexing. Changing - this value will cause all OpenSearch instances to restart. - items: - type: string - maxItems: 32 - type: array - script_max_compilations_rate: - description: Script compilation circuit breaker limits the - number of inline script compilations within a period of - time. Default is use-context - maxLength: 1024 + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - search_max_buckets: - description: Maximum number of aggregation buckets allowed - in a single response. OpenSearch default value is used when - this is not defined. - maximum: 1000000 - minimum: 1 - type: integer - thread_pool_analyze_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_analyze_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_force_merge_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_get_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_get_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_search_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_search_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_search_throttled_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_search_throttled_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_write_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_write_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - type: object - opensearch_dashboards: - description: OpenSearch Dashboards settings - properties: - enabled: - description: Enable or disable OpenSearch Dashboards - type: boolean - max_old_space_size: - description: 'Limits the maximum amount of memory (in MiB) - the OpenSearch Dashboards process can use. This sets the - max_old_space_size option of the nodejs running the OpenSearch - Dashboards. Note: the memory reserved by OpenSearch Dashboards - is not available for OpenSearch.' - maximum: 2048 - minimum: 64 - type: integer - opensearch_request_timeout: - description: Timeout in milliseconds for requests made by - OpenSearch Dashboards towards OpenSearch - maximum: 120000 - minimum: 5000 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 type: integer - type: object - opensearch_version: - description: OpenSearch major version - enum: - - "1" - - "2" - type: string - private_access: - description: Allow access to selected service ports from private - networks - properties: - opensearch: - description: Allow clients to connect to opensearch with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - opensearch_dashboards: - description: Allow clients to connect to opensearch_dashboards - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - opensearch: - description: Enable opensearch - type: boolean - opensearch_dashboards: - description: Enable opensearch_dashboards - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - opensearch: - description: Allow clients to connect to opensearch from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - opensearch_dashboards: - description: Allow clients to connect to opensearch_dashboards - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ - type: string - saml: - description: OpenSearch SAML configuration - properties: - enabled: - description: Enables or disables SAML-based authentication - for OpenSearch. When enabled, users can authenticate using - SAML with an Identity Provider. - type: boolean - idp_entity_id: - description: The unique identifier for the Identity Provider - (IdP) entity that is used for SAML authentication. This - value is typically provided by the IdP. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - idp_metadata_url: - description: The URL of the SAML metadata for the Identity - Provider (IdP). This is used to configure SAML-based authentication - with the IdP. - maxLength: 2048 - minLength: 1 - type: string - idp_pemtrustedcas_content: - description: This parameter specifies the PEM-encoded root - certificate authority (CA) content for the SAML identity - provider (IdP) server verification. The root CA content - is used to verify the SSL/TLS certificate presented by the - server. - maxLength: 16384 - type: string - roles_key: - description: Optional. Specifies the attribute in the SAML - response where role information is stored, if available. - Role attributes are not required for SAML authentication, - but can be included in SAML assertions by most Identity - Providers (IdPs) to determine user access levels or permissions. - maxLength: 256 - minLength: 1 - type: string - sp_entity_id: - description: The unique identifier for the Service Provider - (SP) entity that is used for SAML authentication. This value - is typically provided by the SP. - maxLength: 1024 - minLength: 1 + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - subject_key: - description: Optional. Specifies the attribute in the SAML - response where the subject identifier is stored. If not - configured, the NameID attribute is used by default. - maxLength: 256 - minLength: 1 + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - enabled - - idp_entity_id - - idp_metadata_url - - sp_entity_id + - lastTransitionTime + - message + - reason + - status + - type type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml b/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml index d22d4d69..75804c65 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml @@ -15,951 +15,1056 @@ spec: singular: postgresql scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: PostgreSQL is the Schema for the postgresql API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: PostgreSQLSpec defines the desired state of postgres instance - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `POSTGRESQL_HOST`, `POSTGRESQL_PORT`, `POSTGRESQL_DATABASE`, `POSTGRESQL_USER`, - `POSTGRESQL_PASSWORD`, `POSTGRESQL_SSLMODE`, `POSTGRESQL_DATABASE_URI`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: PostgreSQL is the Schema for the postgresql API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: PostgreSQLSpec defines the desired state of postgres instance + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: PostgreSQL specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `POSTGRESQL_HOST`, `POSTGRESQL_PORT`, `POSTGRESQL_DATABASE`, `POSTGRESQL_USER`, + `POSTGRESQL_PASSWORD`, `POSTGRESQL_SSLMODE`, `POSTGRESQL_DATABASE_URI`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - maxItems: 1 - type: array - admin_password: - description: Custom password for admin user. Defaults to random - string. This must be set only when a new service is being created. - maxLength: 256 - minLength: 8 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - admin_username: - description: Custom username for admin user. This must be set - only when a new service is being created. - maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - x-kubernetes-validations: + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - backup_hour: - description: The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 - minimum: 0 - type: integer - enable_ipv6: - description: Register AAAA DNS records for the service, and allow - IPv6 packets to service ports - type: boolean - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server - properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) - enum: - - dump - - replication - type: string - password: - description: Password for authentication with the server where - to migrate data from - maxLength: 256 - type: string - port: - description: Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: The server where to migrate data from is secured - with SSL - type: boolean - username: - description: User name for authentication with the server - where to migrate data from - maxLength: 256 - type: string - required: - - host - - port - type: object - pg: - description: postgresql.conf configuration values + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - autovacuum_analyze_scale_factor: - description: Specifies a fraction of the table size to add - to autovacuum_analyze_threshold when deciding whether to - trigger an ANALYZE. The default is 0.2 (20% of table size) - maximum: 1 - minimum: 0 - type: number - autovacuum_analyze_threshold: - description: Specifies the minimum number of inserted, updated - or deleted tuples needed to trigger an ANALYZE in any one - table. The default is 50 tuples. - maximum: 2147483647 - minimum: 0 - type: integer - autovacuum_freeze_max_age: - description: Specifies the maximum age (in transactions) that - a table's pg_class.relfrozenxid field can attain before - a VACUUM operation is forced to prevent transaction ID wraparound - within the table. Note that the system will launch autovacuum - processes to prevent wraparound even when autovacuum is - otherwise disabled. This parameter will cause the server - to be restarted. - maximum: 1500000000 - minimum: 200000000 - type: integer - autovacuum_max_workers: - description: Specifies the maximum number of autovacuum processes - (other than the autovacuum launcher) that may be running - at any one time. The default is three. This parameter can - only be set at server start. - maximum: 20 - minimum: 1 - type: integer - autovacuum_naptime: - description: Specifies the minimum delay between autovacuum - runs on any given database. The delay is measured in seconds, - and the default is one minute - maximum: 86400 - minimum: 1 - type: integer - autovacuum_vacuum_cost_delay: - description: Specifies the cost delay value that will be used - in automatic VACUUM operations. If -1 is specified, the - regular vacuum_cost_delay value will be used. The default - value is 20 milliseconds - maximum: 100 - minimum: -1 - type: integer - autovacuum_vacuum_cost_limit: - description: Specifies the cost limit value that will be used - in automatic VACUUM operations. If -1 is specified (which - is the default), the regular vacuum_cost_limit value will - be used. - maximum: 10000 - minimum: -1 - type: integer - autovacuum_vacuum_scale_factor: - description: Specifies a fraction of the table size to add - to autovacuum_vacuum_threshold when deciding whether to - trigger a VACUUM. The default is 0.2 (20% of table size) - maximum: 1 - minimum: 0 - type: number - autovacuum_vacuum_threshold: - description: Specifies the minimum number of updated or deleted - tuples needed to trigger a VACUUM in any one table. The - default is 50 tuples - maximum: 2147483647 - minimum: 0 - type: integer - bgwriter_delay: - description: Specifies the delay between activity rounds for - the background writer in milliseconds. Default is 200. - maximum: 10000 - minimum: 10 - type: integer - bgwriter_flush_after: - description: Whenever more than bgwriter_flush_after bytes - have been written by the background writer, attempt to force - the OS to issue these writes to the underlying storage. - Specified in kilobytes, default is 512. Setting of 0 disables - forced writeback. - maximum: 2048 - minimum: 0 - type: integer - bgwriter_lru_maxpages: - description: In each round, no more than this many buffers - will be written by the background writer. Setting this to - zero disables background writing. Default is 100. - maximum: 1073741823 - minimum: 0 - type: integer - bgwriter_lru_multiplier: - description: The average recent need for new buffers is multiplied - by bgwriter_lru_multiplier to arrive at an estimate of the - number that will be needed during the next round, (up to - bgwriter_lru_maxpages). 1.0 represents a “just in time” - policy of writing exactly the number of buffers predicted - to be needed. Larger values provide some cushion against - spikes in demand, while smaller values intentionally leave - writes to be done by server processes. The default is 2.0. - maximum: 10 - minimum: 0 - type: number - deadlock_timeout: - description: This is the amount of time, in milliseconds, - to wait on a lock before checking to see if there is a deadlock - condition. - maximum: 1800000 - minimum: 500 - type: integer - default_toast_compression: - description: Specifies the default TOAST compression method - for values of compressible columns (the default is lz4). - enum: - - lz4 - - pglz - type: string - idle_in_transaction_session_timeout: - description: Time out sessions with open transactions after - this number of milliseconds - maximum: 604800000 - minimum: 0 - type: integer - jit: - description: Controls system-wide use of Just-in-Time Compilation - (JIT). - type: boolean - log_autovacuum_min_duration: - description: Causes each action executed by autovacuum to - be logged if it ran for at least the specified number of - milliseconds. Setting this to zero logs all autovacuum actions. - Minus-one (the default) disables logging autovacuum actions. - maximum: 2147483647 - minimum: -1 - type: integer - log_error_verbosity: - description: Controls the amount of detail written in the - server log for each message that is logged. - enum: - - TERSE - - DEFAULT - - VERBOSE - type: string - log_line_prefix: - description: Choose from one of the available log-formats. - These can support popular log analyzers like pgbadger, pganalyze - etc. + integrationType: enum: - - '''pid=%p,user=%u,db=%d,app=%a,client=%h ''' - - '''%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h ''' - - '''%m [%p] %q[user=%u,db=%d,app=%a] ''' + - read_replica type: string - log_min_duration_statement: - description: Log statements that take more than this number - of milliseconds to run, -1 disables - maximum: 86400000 - minimum: -1 - type: integer - log_temp_files: - description: Log statements for each temporary file created - larger than this number of kilobytes, -1 disables - maximum: 2147483647 - minimum: -1 - type: integer - max_files_per_process: - description: PostgreSQL maximum number of files that can be - open per process - maximum: 4096 - minimum: 1000 - type: integer - max_locks_per_transaction: - description: PostgreSQL maximum locks per transaction - maximum: 6400 - minimum: 64 - type: integer - max_logical_replication_workers: - description: PostgreSQL maximum logical replication workers - (taken from the pool of max_parallel_workers) - maximum: 64 - minimum: 4 - type: integer - max_parallel_workers: - description: Sets the maximum number of workers that the system - can support for parallel queries - maximum: 96 - minimum: 0 - type: integer - max_parallel_workers_per_gather: - description: Sets the maximum number of workers that can be - started by a single Gather or Gather Merge node - maximum: 96 - minimum: 0 - type: integer - max_pred_locks_per_transaction: - description: PostgreSQL maximum predicate locks per transaction - maximum: 5120 - minimum: 64 - type: integer - max_prepared_transactions: - description: PostgreSQL maximum prepared transactions - maximum: 10000 - minimum: 0 - type: integer - max_replication_slots: - description: PostgreSQL maximum replication slots - maximum: 64 - minimum: 8 - type: integer - max_slot_wal_keep_size: - description: PostgreSQL maximum WAL size (MB) reserved for - replication slots. Default is -1 (unlimited). wal_keep_size - minimum WAL size setting takes precedence over this. - maximum: 2147483647 - minimum: -1 - type: integer - max_stack_depth: - description: Maximum depth of the stack in bytes - maximum: 6291456 - minimum: 2097152 - type: integer - max_standby_archive_delay: - description: Max standby archive delay in milliseconds - maximum: 43200000 - minimum: 1 - type: integer - max_standby_streaming_delay: - description: Max standby streaming delay in milliseconds - maximum: 43200000 - minimum: 1 - type: integer - max_wal_senders: - description: PostgreSQL maximum WAL senders - maximum: 64 - minimum: 20 - type: integer - max_worker_processes: - description: Sets the maximum number of background processes - that the system can support - maximum: 96 - minimum: 8 - type: integer - pg_partman_bgw.interval: - description: Sets the time interval to run pg_partman's scheduled - tasks - maximum: 604800 - minimum: 3600 - type: integer - pg_partman_bgw.role: - description: Controls which role to use for pg_partman's scheduled - background tasks. + sourceServiceName: maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - pg_stat_monitor.pgsm_enable_query_plan: - description: Enables or disables query plan monitoring - type: boolean - pg_stat_monitor.pgsm_max_buckets: - description: Sets the maximum number of buckets - maximum: 10 - minimum: 1 - type: integer - pg_stat_statements.track: - description: Controls which statements are counted. Specify - top to track top-level statements (those issued directly - by clients), all to also track nested statements (such as - statements invoked within functions), or none to disable - statement statistics collection. The default value is top. - enum: - - all - - top - - none - type: string - temp_file_limit: - description: PostgreSQL temporary file limit in KiB, -1 for - unlimited - maximum: 2147483647 - minimum: -1 - type: integer - timezone: - description: PostgreSQL service timezone - maxLength: 64 - type: string - track_activity_query_size: - description: Specifies the number of bytes reserved to track - the currently executing command for each active session. - maximum: 10240 - minimum: 1024 - type: integer - track_commit_timestamp: - description: Record commit time of transactions. - enum: - - "off" - - "on" - type: string - track_functions: - description: Enables tracking of function call counts and - time used. - enum: - - all - - pl - - none - type: string - track_io_timing: - description: Enables timing of database I/O calls. This parameter - is off by default, because it will repeatedly query the - operating system for the current time, which may cause significant - overhead on some platforms. - enum: - - "off" - - "on" - type: string - wal_sender_timeout: - description: Terminate replication connections that are inactive - for longer than this amount of time, in milliseconds. Setting - this value to zero disables the timeout. - type: integer - wal_writer_delay: - description: WAL flush interval in milliseconds. Note that - setting this value to lower than the default 200ms may negatively - impact performance - maximum: 200 - minimum: 10 - type: integer - type: object - pg_qualstats: - description: Deprecated. System-wide settings for the pg_qualstats - extension - properties: - enabled: - description: Deprecated. Enable / Disable pg_qualstats - type: boolean - min_err_estimate_num: - description: Deprecated. Error estimation num threshold to - save quals - minimum: 0 - type: integer - min_err_estimate_ratio: - description: Deprecated. Error estimation ratio threshold - to save quals - minimum: 0 - type: integer - track_constants: - description: Deprecated. Enable / Disable pg_qualstats constants - tracking - type: boolean - track_pg_catalog: - description: Deprecated. Track quals on system catalogs too. - type: boolean - type: object - pg_read_replica: - description: Should the service which is being forked be a read - replica (deprecated, use read_replica service integration instead). - type: boolean - pg_service_to_fork_from: - description: Name of the PG Service from which to fork (deprecated, - use service_to_fork_from). This has effect only when a new service - is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - pg_stat_monitor_enable: - description: Enable the pg_stat_monitor extension. Enabling this - extension will cause the cluster to be restarted.When this extension - is enabled, pg_stat_statements results for utility commands - are unreliable - type: boolean - pg_version: - description: PostgreSQL major version - enum: - - "11" - - "12" - - "13" - - "14" - - "15" - type: string - pgbouncer: - description: PGBouncer connection pooling settings - properties: - autodb_idle_timeout: - description: If the automatically created database pools have - been unused this many seconds, they are freed. If 0 then - timeout is disabled. [seconds] - maximum: 86400 - minimum: 0 - type: integer - autodb_max_db_connections: - description: Do not allow more than this many server connections - per database (regardless of user). Setting it to 0 means - unlimited. - maximum: 2147483647 - minimum: 0 - type: integer - autodb_pool_mode: - description: PGBouncer pool mode - enum: - - session - - transaction - - statement + minLength: 1 type: string - autodb_pool_size: - description: If non-zero then create automatically a pool - of that size per user when a pool doesn't exist. - maximum: 10000 - minimum: 0 - type: integer - ignore_startup_parameters: - description: List of parameters to ignore when given in startup - packet - items: - type: string - maxItems: 32 - type: array - min_pool_size: - description: Add more server connections to pool if below - this number. Improves behavior when usual load comes suddenly - back after period of total inactivity. The value is effectively - capped at the pool size. - maximum: 10000 - minimum: 0 - type: integer - server_idle_timeout: - description: If a server connection has been idle more than - this many seconds it will be dropped. If 0 then timeout - is disabled. [seconds] - maximum: 86400 - minimum: 0 - type: integer - server_lifetime: - description: The pooler will close an unused server connection - that has been connected longer than this. [seconds] - maximum: 86400 - minimum: 60 - type: integer - server_reset_query_always: - description: Run server_reset_query (DISCARD ALL) in all pooling - modes - type: boolean - type: object - pglookout: - description: System-wide settings for pglookout. - properties: - max_failover_replication_time_lag: - description: Number of seconds of master unavailability before - triggering database failover to standby - minimum: 10 - type: integer - type: object - private_access: - description: Allow access to selected service ports from private - networks - properties: - pg: - description: Allow clients to connect to pg with a DNS name - that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - pgbouncer: - description: Allow clients to connect to pgbouncer with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - pg: - description: Enable pg - type: boolean - pgbouncer: - description: Enable pgbouncer - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - pg: - description: Allow clients to connect to pg from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - pgbouncer: - description: Allow clients to connect to pgbouncer from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + required: + - integrationType + - sourceServiceName type: object - recovery_target_time: - description: Recovery target time when forking a service. This - has effect only when a new service is being created. - maxLength: 32 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 + tags: + additionalProperties: type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - shared_buffers_percentage: - description: Percentage of total RAM that the database server - uses for shared memory buffers. Valid range is 20-60 (float), - which corresponds to 20% - 60%. This setting adjusts the shared_buffers - configuration value. - maximum: 60 - minimum: 20 - type: number - static_ips: - description: Use static public IP addresses - type: boolean - synchronous_replication: - description: Synchronous replication type. Note that the service - plan also needs to support synchronous replication. - enum: - - quorum - - "off" - type: string - timescaledb: - description: System-wide settings for the timescaledb extension - properties: - max_background_workers: - description: The number of background workers for timescaledb - operations. You should configure this setting to the sum - of your number of databases and the total number of concurrent - background workers you want running at any given point in - time. - maximum: 4096 - minimum: 1 - type: integer - type: object - variant: - description: Variant of the PostgreSQL service, may affect the - features that are exposed by default - enum: - - aiven - - timescale - type: string - work_mem: - description: Sets the maximum amount of memory to be used by a - query operation (such as a sort or hash table) before writing - to temporary disk files, in MB. Default is 1MB + 0.075% of total - RAM (up to 32MB). - maximum: 1024 - minimum: 1 - type: integer - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: PostgreSQL specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + admin_password: + description: + Custom password for admin user. Defaults to random + string. This must be set only when a new service is being created. + maxLength: 256 + minLength: 8 + pattern: ^[a-zA-Z0-9-_]+$ type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + admin_username: + description: + Custom username for admin user. This must be set + only when a new service is being created. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + backup_hour: + description: + The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + backup_minute: + description: + The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + enable_ipv6: + description: + Register AAAA DNS records for the service, and allow + IPv6 packets to service ports + type: boolean + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server + properties: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: + Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: + Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: + The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) + enum: + - dump + - replication + type: string + password: + description: + Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: + Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: + The server where to migrate data from is secured + with SSL + type: boolean + username: + description: + User name for authentication with the server + where to migrate data from + maxLength: 256 + type: string + required: + - host + - port + type: object + pg: + description: postgresql.conf configuration values + properties: + autovacuum_analyze_scale_factor: + description: + Specifies a fraction of the table size to add + to autovacuum_analyze_threshold when deciding whether to + trigger an ANALYZE. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_analyze_threshold: + description: + Specifies the minimum number of inserted, updated + or deleted tuples needed to trigger an ANALYZE in any one + table. The default is 50 tuples. + maximum: 2147483647 + minimum: 0 + type: integer + autovacuum_freeze_max_age: + description: + Specifies the maximum age (in transactions) that + a table's pg_class.relfrozenxid field can attain before + a VACUUM operation is forced to prevent transaction ID wraparound + within the table. Note that the system will launch autovacuum + processes to prevent wraparound even when autovacuum is + otherwise disabled. This parameter will cause the server + to be restarted. + maximum: 1500000000 + minimum: 200000000 + type: integer + autovacuum_max_workers: + description: + Specifies the maximum number of autovacuum processes + (other than the autovacuum launcher) that may be running + at any one time. The default is three. This parameter can + only be set at server start. + maximum: 20 + minimum: 1 + type: integer + autovacuum_naptime: + description: + Specifies the minimum delay between autovacuum + runs on any given database. The delay is measured in seconds, + and the default is one minute + maximum: 86400 + minimum: 1 + type: integer + autovacuum_vacuum_cost_delay: + description: + Specifies the cost delay value that will be used + in automatic VACUUM operations. If -1 is specified, the + regular vacuum_cost_delay value will be used. The default + value is 20 milliseconds + maximum: 100 + minimum: -1 + type: integer + autovacuum_vacuum_cost_limit: + description: + Specifies the cost limit value that will be used + in automatic VACUUM operations. If -1 is specified (which + is the default), the regular vacuum_cost_limit value will + be used. + maximum: 10000 + minimum: -1 + type: integer + autovacuum_vacuum_scale_factor: + description: + Specifies a fraction of the table size to add + to autovacuum_vacuum_threshold when deciding whether to + trigger a VACUUM. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_vacuum_threshold: + description: + Specifies the minimum number of updated or deleted + tuples needed to trigger a VACUUM in any one table. The + default is 50 tuples + maximum: 2147483647 + minimum: 0 + type: integer + bgwriter_delay: + description: + Specifies the delay between activity rounds for + the background writer in milliseconds. Default is 200. + maximum: 10000 + minimum: 10 + type: integer + bgwriter_flush_after: + description: + Whenever more than bgwriter_flush_after bytes + have been written by the background writer, attempt to force + the OS to issue these writes to the underlying storage. + Specified in kilobytes, default is 512. Setting of 0 disables + forced writeback. + maximum: 2048 + minimum: 0 + type: integer + bgwriter_lru_maxpages: + description: + In each round, no more than this many buffers + will be written by the background writer. Setting this to + zero disables background writing. Default is 100. + maximum: 1073741823 + minimum: 0 + type: integer + bgwriter_lru_multiplier: + description: + The average recent need for new buffers is multiplied + by bgwriter_lru_multiplier to arrive at an estimate of the + number that will be needed during the next round, (up to + bgwriter_lru_maxpages). 1.0 represents a “just in time” + policy of writing exactly the number of buffers predicted + to be needed. Larger values provide some cushion against + spikes in demand, while smaller values intentionally leave + writes to be done by server processes. The default is 2.0. + maximum: 10 + minimum: 0 + type: number + deadlock_timeout: + description: + This is the amount of time, in milliseconds, + to wait on a lock before checking to see if there is a deadlock + condition. + maximum: 1800000 + minimum: 500 + type: integer + default_toast_compression: + description: + Specifies the default TOAST compression method + for values of compressible columns (the default is lz4). + enum: + - lz4 + - pglz + type: string + idle_in_transaction_session_timeout: + description: + Time out sessions with open transactions after + this number of milliseconds + maximum: 604800000 + minimum: 0 + type: integer + jit: + description: + Controls system-wide use of Just-in-Time Compilation + (JIT). + type: boolean + log_autovacuum_min_duration: + description: + Causes each action executed by autovacuum to + be logged if it ran for at least the specified number of + milliseconds. Setting this to zero logs all autovacuum actions. + Minus-one (the default) disables logging autovacuum actions. + maximum: 2147483647 + minimum: -1 + type: integer + log_error_verbosity: + description: + Controls the amount of detail written in the + server log for each message that is logged. + enum: + - TERSE + - DEFAULT + - VERBOSE + type: string + log_line_prefix: + description: + Choose from one of the available log-formats. + These can support popular log analyzers like pgbadger, pganalyze + etc. + enum: + - "'pid=%p,user=%u,db=%d,app=%a,client=%h '" + - "'%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h '" + - "'%m [%p] %q[user=%u,db=%d,app=%a] '" + type: string + log_min_duration_statement: + description: + Log statements that take more than this number + of milliseconds to run, -1 disables + maximum: 86400000 + minimum: -1 + type: integer + log_temp_files: + description: + Log statements for each temporary file created + larger than this number of kilobytes, -1 disables + maximum: 2147483647 + minimum: -1 + type: integer + max_files_per_process: + description: + PostgreSQL maximum number of files that can be + open per process + maximum: 4096 + minimum: 1000 + type: integer + max_locks_per_transaction: + description: PostgreSQL maximum locks per transaction + maximum: 6400 + minimum: 64 + type: integer + max_logical_replication_workers: + description: + PostgreSQL maximum logical replication workers + (taken from the pool of max_parallel_workers) + maximum: 64 + minimum: 4 + type: integer + max_parallel_workers: + description: + Sets the maximum number of workers that the system + can support for parallel queries + maximum: 96 + minimum: 0 + type: integer + max_parallel_workers_per_gather: + description: + Sets the maximum number of workers that can be + started by a single Gather or Gather Merge node + maximum: 96 + minimum: 0 + type: integer + max_pred_locks_per_transaction: + description: PostgreSQL maximum predicate locks per transaction + maximum: 5120 + minimum: 64 + type: integer + max_prepared_transactions: + description: PostgreSQL maximum prepared transactions + maximum: 10000 + minimum: 0 + type: integer + max_replication_slots: + description: PostgreSQL maximum replication slots + maximum: 64 + minimum: 8 + type: integer + max_slot_wal_keep_size: + description: + PostgreSQL maximum WAL size (MB) reserved for + replication slots. Default is -1 (unlimited). wal_keep_size + minimum WAL size setting takes precedence over this. + maximum: 2147483647 + minimum: -1 + type: integer + max_stack_depth: + description: Maximum depth of the stack in bytes + maximum: 6291456 + minimum: 2097152 + type: integer + max_standby_archive_delay: + description: Max standby archive delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_standby_streaming_delay: + description: Max standby streaming delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_wal_senders: + description: PostgreSQL maximum WAL senders + maximum: 64 + minimum: 20 + type: integer + max_worker_processes: + description: + Sets the maximum number of background processes + that the system can support + maximum: 96 + minimum: 8 + type: integer + pg_partman_bgw.interval: + description: + Sets the time interval to run pg_partman's scheduled + tasks + maximum: 604800 + minimum: 3600 + type: integer + pg_partman_bgw.role: + description: + Controls which role to use for pg_partman's scheduled + background tasks. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ + type: string + pg_stat_monitor.pgsm_enable_query_plan: + description: Enables or disables query plan monitoring + type: boolean + pg_stat_monitor.pgsm_max_buckets: + description: Sets the maximum number of buckets + maximum: 10 + minimum: 1 + type: integer + pg_stat_statements.track: + description: + Controls which statements are counted. Specify + top to track top-level statements (those issued directly + by clients), all to also track nested statements (such as + statements invoked within functions), or none to disable + statement statistics collection. The default value is top. + enum: + - all + - top + - none + type: string + temp_file_limit: + description: + PostgreSQL temporary file limit in KiB, -1 for + unlimited + maximum: 2147483647 + minimum: -1 + type: integer + timezone: + description: PostgreSQL service timezone + maxLength: 64 + type: string + track_activity_query_size: + description: + Specifies the number of bytes reserved to track + the currently executing command for each active session. + maximum: 10240 + minimum: 1024 + type: integer + track_commit_timestamp: + description: Record commit time of transactions. + enum: + - "off" + - "on" + type: string + track_functions: + description: + Enables tracking of function call counts and + time used. + enum: + - all + - pl + - none + type: string + track_io_timing: + description: + Enables timing of database I/O calls. This parameter + is off by default, because it will repeatedly query the + operating system for the current time, which may cause significant + overhead on some platforms. + enum: + - "off" + - "on" + type: string + wal_sender_timeout: + description: + Terminate replication connections that are inactive + for longer than this amount of time, in milliseconds. Setting + this value to zero disables the timeout. + type: integer + wal_writer_delay: + description: + WAL flush interval in milliseconds. Note that + setting this value to lower than the default 200ms may negatively + impact performance + maximum: 200 + minimum: 10 + type: integer + type: object + pg_qualstats: + description: + Deprecated. System-wide settings for the pg_qualstats + extension + properties: + enabled: + description: Deprecated. Enable / Disable pg_qualstats + type: boolean + min_err_estimate_num: + description: + Deprecated. Error estimation num threshold to + save quals + minimum: 0 + type: integer + min_err_estimate_ratio: + description: + Deprecated. Error estimation ratio threshold + to save quals + minimum: 0 + type: integer + track_constants: + description: + Deprecated. Enable / Disable pg_qualstats constants + tracking + type: boolean + track_pg_catalog: + description: Deprecated. Track quals on system catalogs too. + type: boolean + type: object + pg_read_replica: + description: + Should the service which is being forked be a read + replica (deprecated, use read_replica service integration instead). + type: boolean + pg_service_to_fork_from: + description: + Name of the PG Service from which to fork (deprecated, + use service_to_fork_from). This has effect only when a new service + is being created. + maxLength: 64 type: string - status: - description: status of the condition, one of True, False, Unknown. + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + pg_stat_monitor_enable: + description: + Enable the pg_stat_monitor extension. Enabling this + extension will cause the cluster to be restarted.When this extension + is enabled, pg_stat_statements results for utility commands + are unreliable + type: boolean + pg_version: + description: PostgreSQL major version enum: - - "True" - - "False" - - Unknown + - "11" + - "12" + - "13" + - "14" + - "15" type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + pgbouncer: + description: PGBouncer connection pooling settings + properties: + autodb_idle_timeout: + description: + If the automatically created database pools have + been unused this many seconds, they are freed. If 0 then + timeout is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + autodb_max_db_connections: + description: + Do not allow more than this many server connections + per database (regardless of user). Setting it to 0 means + unlimited. + maximum: 2147483647 + minimum: 0 + type: integer + autodb_pool_mode: + description: PGBouncer pool mode + enum: + - session + - transaction + - statement + type: string + autodb_pool_size: + description: + If non-zero then create automatically a pool + of that size per user when a pool doesn't exist. + maximum: 10000 + minimum: 0 + type: integer + ignore_startup_parameters: + description: + List of parameters to ignore when given in startup + packet + items: + type: string + maxItems: 32 + type: array + min_pool_size: + description: + Add more server connections to pool if below + this number. Improves behavior when usual load comes suddenly + back after period of total inactivity. The value is effectively + capped at the pool size. + maximum: 10000 + minimum: 0 + type: integer + server_idle_timeout: + description: + If a server connection has been idle more than + this many seconds it will be dropped. If 0 then timeout + is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + server_lifetime: + description: + The pooler will close an unused server connection + that has been connected longer than this. [seconds] + maximum: 86400 + minimum: 60 + type: integer + server_reset_query_always: + description: + Run server_reset_query (DISCARD ALL) in all pooling + modes + type: boolean + type: object + pglookout: + description: System-wide settings for pglookout. + properties: + max_failover_replication_time_lag: + description: + Number of seconds of master unavailability before + triggering database failover to standby + minimum: 10 + type: integer + type: object + private_access: + description: + Allow access to selected service ports from private + networks + properties: + pg: + description: + Allow clients to connect to pg with a DNS name + that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + pgbouncer: + description: + Allow clients to connect to pgbouncer with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + pg: + description: Enable pg + type: boolean + pgbouncer: + description: Enable pgbouncer + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + pg: + description: + Allow clients to connect to pg from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + pgbouncer: + description: + Allow clients to connect to pgbouncer from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_target_time: + description: + Recovery target time when forking a service. This + has effect only when a new service is being created. + maxLength: 32 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + shared_buffers_percentage: + description: + Percentage of total RAM that the database server + uses for shared memory buffers. Valid range is 20-60 (float), + which corresponds to 20% - 60%. This setting adjusts the shared_buffers + configuration value. + maximum: 60 + minimum: 20 + type: number + static_ips: + description: Use static public IP addresses + type: boolean + synchronous_replication: + description: + Synchronous replication type. Note that the service + plan also needs to support synchronous replication. + enum: + - quorum + - "off" + type: string + timescaledb: + description: System-wide settings for the timescaledb extension + properties: + max_background_workers: + description: + The number of background workers for timescaledb + operations. You should configure this setting to the sum + of your number of databases and the total number of concurrent + background workers you want running at any given point in + time. + maximum: 4096 + minimum: 1 + type: integer + type: object + variant: + description: + Variant of the PostgreSQL service, may affect the + features that are exposed by default + enum: + - aiven + - timescale + type: string + work_mem: + description: + Sets the maximum amount of memory to be used by a + query operation (such as a sort or hash table) before writing + to temporary disk files, in MB. Default is 1MB + 0.075% of total + RAM (up to 32MB). + maximum: 1024 + minimum: 1 + type: integer type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_projects.yaml b/charts/aiven-operator-crds/templates/aiven.io_projects.yaml index 0bf1f9fc..5256e9c1 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_projects.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_projects.yaml @@ -15,229 +15,244 @@ spec: singular: project scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Project is the Schema for the projects API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ProjectSpec defines the desired state of Project - properties: - accountId: - description: Account ID - maxLength: 32 - type: string - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - billingAddress: - description: Billing name and address of the project - maxLength: 1000 - type: string - billingCurrency: - description: Billing currency - enum: - - AUD - - CAD - - CHF - - DKK - - EUR - - GBP - - NOK - - SEK - - USD - type: string - billingEmails: - description: Billing contact emails of the project - items: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Project is the Schema for the projects API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ProjectSpec defines the desired state of Project + properties: + accountId: + description: Account ID + maxLength: 32 type: string - maxItems: 10 - type: array - billingExtraText: - description: Extra text to be included in all project invoices, e.g. - purchase order or cost center number - maxLength: 1000 - type: string - billingGroupId: - description: BillingGroup ID - maxLength: 36 - minLength: 36 - type: string - cardId: - description: Credit card ID; The ID may be either last 4 digits of - the card or the actual ID - maxLength: 64 - type: string - cloud: - description: 'Target cloud, example: aws-eu-central-1' - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `PROJECT_CA_CERT`' - properties: - annotations: - additionalProperties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + required: + - key + - name + type: object + billingAddress: + description: Billing name and address of the project + maxLength: 1000 + type: string + billingCurrency: + description: Billing currency + enum: + - AUD + - CAD + - CHF + - DKK + - EUR + - GBP + - NOK + - SEK + - USD + type: string + billingEmails: + description: Billing contact emails of the project + items: type: string - required: - - name - type: object - copyFromProject: - description: Project name from which to copy settings to the new project - maxLength: 63 - type: string - countryCode: - description: Billing country code of the project - maxLength: 2 - minLength: 2 - type: string - tags: - additionalProperties: + maxItems: 10 + type: array + billingExtraText: + description: + Extra text to be included in all project invoices, e.g. + purchase order or cost center number + maxLength: 1000 type: string - description: Tags are key-value pairs that allow you to categorize - projects - type: object - technicalEmails: - description: Technical contact emails of the project - items: + billingGroupId: + description: BillingGroup ID + maxLength: 36 + minLength: 36 type: string - maxItems: 10 - type: array - type: object - status: - description: ProjectStatus defines the observed state of Project - properties: - availableCredits: - description: Available credirs - type: string - conditions: - description: Conditions represent the latest available observations - of an Project state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + cardId: + description: + Credit card ID; The ID may be either last 4 digits of + the card or the actual ID + maxLength: 64 + type: string + cloud: + description: "Target cloud, example: aws-eu-central-1" + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `PROJECT_CA_CERT`" properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name + type: object + copyFromProject: + description: Project name from which to copy settings to the new project + maxLength: 63 + type: string + countryCode: + description: Billing country code of the project + maxLength: 2 + minLength: 2 + type: string + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + projects type: object - type: array - country: - description: Country name - type: string - estimatedBalance: - description: Estimated balance - type: string - paymentMethod: - description: Payment method name - type: string - vatId: - description: EU VAT Identification Number - maxLength: 64 - type: string - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + technicalEmails: + description: Technical contact emails of the project + items: + type: string + maxItems: 10 + type: array + type: object + status: + description: ProjectStatus defines the observed state of Project + properties: + availableCredits: + description: Available credirs + type: string + conditions: + description: + Conditions represent the latest available observations + of an Project state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + country: + description: Country name + type: string + estimatedBalance: + description: Estimated balance + type: string + paymentMethod: + description: Payment method name + type: string + vatId: + description: EU VAT Identification Number + maxLength: 64 + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_projectvpcs.yaml b/charts/aiven-operator-crds/templates/aiven.io_projectvpcs.yaml index 720040e8..f6b08d0a 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_projectvpcs.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_projectvpcs.yaml @@ -15,165 +15,174 @@ spec: singular: projectvpc scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Cloud - type: string - - jsonPath: .spec.networkCidr - name: Network CIDR - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ProjectVPC is the Schema for the projectvpcs API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ProjectVPCSpec defines the desired state of ProjectVPC - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the VPC is in - maxLength: 256 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - networkCidr: - description: Network address range used by the VPC like 192.168.0.0/24 - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - project: - description: The project the VPC belongs to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - cloudName - - networkCidr - - project - type: object - status: - description: ProjectVPCStatus defines the observed state of ProjectVPC - properties: - conditions: - description: Conditions represent the latest available observations - of an ProjectVPC state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Cloud + type: string + - jsonPath: .spec.networkCidr + name: Network CIDR + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ProjectVPC is the Schema for the projectvpcs API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ProjectVPCSpec defines the desired state of ProjectVPC + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - id: - description: Project VPC id - type: string - state: - description: State of VPC - type: string - required: - - conditions - - id - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + cloudName: + description: Cloud the VPC is in + maxLength: 256 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + networkCidr: + description: Network address range used by the VPC like 192.168.0.0/24 + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + project: + description: The project the VPC belongs to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - cloudName + - networkCidr + - project + type: object + status: + description: ProjectVPCStatus defines the observed state of ProjectVPC + properties: + conditions: + description: + Conditions represent the latest available observations + of an ProjectVPC state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + id: + description: Project VPC id + type: string + state: + description: State of VPC + type: string + required: + - conditions + - id + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_redis.yaml b/charts/aiven-operator-crds/templates/aiven.io_redis.yaml index 2b665d1c..bd6c988d 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_redis.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_redis.yaml @@ -15,464 +15,509 @@ spec: singular: redis scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Redis is the Schema for the redis API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RedisSpec defines the desired state of Redis - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `REDIS_HOST`, `REDIS_PORT`, `REDIS_USER`, `REDIS_PASSWORD`' - properties: - annotations: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Redis is the Schema for the redis API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: RedisSpec defines the desired state of Redis + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `REDIS_HOST`, `REDIS_PORT`, `REDIS_USER`, `REDIS_PASSWORD`" properties: - integrationType: - enum: - - read_replica + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - integrationType - - sourceServiceName + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Redis specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 type: string - maxItems: 1 - type: array - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) + integrationType: enum: - - dump - - replication + - read_replica type: string - password: - description: Password for authentication with the server where - to migrate data from - maxLength: 256 - type: string - port: - description: Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: The server where to migrate data from is secured - with SSL - type: boolean - username: - description: User name for authentication with the server - where to migrate data from - maxLength: 256 + sourceServiceName: + maxLength: 64 + minLength: 1 type: string required: - - host - - port + - integrationType + - sourceServiceName type: object - private_access: - description: Allow access to selected service ports from private - networks - properties: - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - redis: - description: Allow clients to connect to redis with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - prometheus: - description: Enable prometheus - type: boolean - redis: - description: Enable redis - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - redis: - description: Allow clients to connect to redis from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ + tags: + additionalProperties: type: string - redis_acl_channels_default: - description: Determines default pub/sub channels' ACL for new - users if ACL is not supplied. When this option is not defined, - all_channels is assumed to keep backward compatibility. This - option doesn't affect Redis configuration acl-pubsub-default. - enum: - - allchannels - - resetchannels - type: string - redis_io_threads: - description: Set Redis IO thread count. Changing this will cause - a restart of the Redis service. - maximum: 32 - minimum: 1 - type: integer - redis_lfu_decay_time: - description: LFU maxmemory-policy counter decay time in minutes - maximum: 120 - minimum: 1 - type: integer - redis_lfu_log_factor: - description: Counter logarithm factor for volatile-lfu and allkeys-lfu - maxmemory-policies - maximum: 100 - minimum: 0 - type: integer - redis_maxmemory_policy: - description: Redis maxmemory-policy - enum: - - noeviction - - allkeys-lru - - volatile-lru - - allkeys-random - - volatile-random - - volatile-ttl - - volatile-lfu - - allkeys-lfu - type: string - redis_notify_keyspace_events: - description: Set notify-keyspace-events option - maxLength: 32 - pattern: ^[KEg\$lshzxeA]*$ - type: string - redis_number_of_databases: - description: Set number of Redis databases. Changing this will - cause a restart of the Redis service. - maximum: 128 - minimum: 1 - type: integer - redis_persistence: - description: When persistence is 'rdb', Redis does RDB dumps each - 10 minutes if any key is changed. Also RDB dumps are done according - to backup schedule for backup purposes. When persistence is - 'off', no RDB dumps and backups are done, so data can be lost - at any moment if service is restarted for any reason, or if - service is powered off. Also service can't be forked. - enum: - - "off" - - rdb - type: string - redis_pubsub_client_output_buffer_limit: - description: Set output buffer limit for pub / sub clients in - MB. The value is the hard limit, the soft limit is 1/4 of the - hard limit. When setting the limit, be mindful of the available - memory in the selected service plan. - maximum: 512 - minimum: 32 - type: integer - redis_ssl: - description: Require SSL to access Redis - type: boolean - redis_timeout: - description: Redis idle connection timeout in seconds - maximum: 31536000 - minimum: 0 - type: integer - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Redis specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server + properties: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: + Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: + Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: + The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) + enum: + - dump + - replication + type: string + password: + description: + Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: + Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: + The server where to migrate data from is secured + with SSL + type: boolean + username: + description: + User name for authentication with the server + where to migrate data from + maxLength: 256 + type: string + required: + - host + - port + type: object + private_access: + description: + Allow access to selected service ports from private + networks + properties: + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + redis: + description: + Allow clients to connect to redis with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + prometheus: + description: Enable prometheus + type: boolean + redis: + description: Enable redis + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + redis: + description: + Allow clients to connect to redis from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + redis_acl_channels_default: + description: + Determines default pub/sub channels' ACL for new + users if ACL is not supplied. When this option is not defined, + all_channels is assumed to keep backward compatibility. This + option doesn't affect Redis configuration acl-pubsub-default. + enum: + - allchannels + - resetchannels type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + redis_io_threads: + description: + Set Redis IO thread count. Changing this will cause + a restart of the Redis service. + maximum: 32 + minimum: 1 + type: integer + redis_lfu_decay_time: + description: LFU maxmemory-policy counter decay time in minutes + maximum: 120 + minimum: 1 + type: integer + redis_lfu_log_factor: + description: + Counter logarithm factor for volatile-lfu and allkeys-lfu + maxmemory-policies + maximum: 100 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + redis_maxmemory_policy: + description: Redis maxmemory-policy + enum: + - noeviction + - allkeys-lru + - volatile-lru + - allkeys-random + - volatile-random + - volatile-ttl + - volatile-lfu + - allkeys-lfu type: string - status: - description: status of the condition, one of True, False, Unknown. + redis_notify_keyspace_events: + description: Set notify-keyspace-events option + maxLength: 32 + pattern: ^[KEg\$lshzxeA]*$ + type: string + redis_number_of_databases: + description: + Set number of Redis databases. Changing this will + cause a restart of the Redis service. + maximum: 128 + minimum: 1 + type: integer + redis_persistence: + description: + When persistence is 'rdb', Redis does RDB dumps each + 10 minutes if any key is changed. Also RDB dumps are done according + to backup schedule for backup purposes. When persistence is + 'off', no RDB dumps and backups are done, so data can be lost + at any moment if service is restarted for any reason, or if + service is powered off. Also service can't be forked. enum: - - "True" - - "False" - - Unknown + - "off" + - rdb type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + redis_pubsub_client_output_buffer_limit: + description: + Set output buffer limit for pub / sub clients in + MB. The value is the hard limit, the soft limit is 1/4 of the + hard limit. When setting the limit, be mindful of the available + memory in the selected service plan. + maximum: 512 + minimum: 32 + type: integer + redis_ssl: + description: Require SSL to access Redis + type: boolean + redis_timeout: + description: Redis idle connection timeout in seconds + maximum: 31536000 + minimum: 0 + type: integer + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_serviceintegrations.yaml b/charts/aiven-operator-crds/templates/aiven.io_serviceintegrations.yaml index 7ba61edd..7ddcb94b 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_serviceintegrations.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_serviceintegrations.yaml @@ -15,748 +15,790 @@ spec: singular: serviceintegration scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.integrationType - name: Type - type: string - - jsonPath: .spec.sourceServiceName - name: Source Service Name - type: string - - jsonPath: .spec.destinationServiceName - name: Destination Service Name - type: string - - jsonPath: .spec.sourceEndpointId - name: Source Endpoint ID - type: string - - jsonPath: .spec.destinationEndpointId - name: Destination Endpoint ID - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ServiceIntegration is the Schema for the serviceintegrations - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceIntegrationSpec defines the desired state of ServiceIntegration - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - clickhouseKafka: - description: Clickhouse Kafka configuration values - properties: - tables: - description: Tables to create - items: - description: Table to create + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.integrationType + name: Type + type: string + - jsonPath: .spec.sourceServiceName + name: Source Service Name + type: string + - jsonPath: .spec.destinationServiceName + name: Destination Service Name + type: string + - jsonPath: .spec.sourceEndpointId + name: Source Endpoint ID + type: string + - jsonPath: .spec.destinationEndpointId + name: Destination Endpoint ID + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: + ServiceIntegration is the Schema for the serviceintegrations + API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ServiceIntegrationSpec defines the desired state of ServiceIntegration + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + clickhouseKafka: + description: Clickhouse Kafka configuration values + properties: + tables: + description: Tables to create + items: + description: Table to create + properties: + auto_offset_reset: + description: + Action to take when there is no initial offset + in offset store or the desired offset is out of range + enum: + - smallest + - earliest + - beginning + - largest + - latest + - end + type: string + columns: + description: Table columns + items: + description: Table column + properties: + name: + description: Column name + maxLength: 40 + minLength: 1 + type: string + type: + description: Column type + maxLength: 1000 + minLength: 1 + type: string + required: + - name + - type + type: object + maxItems: 100 + type: array + data_format: + description: Message data format + enum: + - Avro + - CSV + - JSONAsString + - JSONCompactEachRow + - JSONCompactStringsEachRow + - JSONEachRow + - JSONStringsEachRow + - MsgPack + - TSKV + - TSV + - TabSeparated + - RawBLOB + - AvroConfluent + type: string + date_time_input_format: + description: Method to read DateTime from text input formats + enum: + - basic + - best_effort + - best_effort_us + type: string + group_name: + description: Kafka consumers group + maxLength: 249 + minLength: 1 + type: string + handle_error_mode: + description: How to handle errors for Kafka engine + enum: + - default + - stream + type: string + max_block_size: + description: + Number of row collected by poll(s) for flushing + data from Kafka + maximum: 1000000000 + minimum: 0 + type: integer + max_rows_per_message: + description: + The maximum number of rows produced in one + kafka message for row-based formats + maximum: 1000000000 + minimum: 1 + type: integer + name: + description: Name of the table + maxLength: 40 + minLength: 1 + type: string + num_consumers: + description: The number of consumers per table per replica + maximum: 10 + minimum: 1 + type: integer + poll_max_batch_size: + description: + Maximum amount of messages to be polled in + a single Kafka poll + maximum: 1000000000 + minimum: 0 + type: integer + skip_broken_messages: + description: + Skip at least this number of broken messages + from Kafka topic per block + maximum: 1000000000 + minimum: 0 + type: integer + topics: + description: Kafka topics + items: + description: Kafka topic + properties: + name: + description: Name of the topic + maxLength: 249 + minLength: 1 + type: string + required: + - name + type: object + maxItems: 100 + type: array + required: + - columns + - data_format + - group_name + - name + - topics + type: object + maxItems: 100 + type: array + type: object + clickhousePostgresql: + description: Clickhouse PostgreSQL configuration values + properties: + databases: + description: Databases to expose + items: + description: Database to expose + properties: + database: + description: PostgreSQL database to expose + maxLength: 63 + minLength: 1 + type: string + schema: + description: PostgreSQL schema to expose + maxLength: 63 + minLength: 1 + type: string + type: object + maxItems: 10 + type: array + type: object + datadog: + description: Datadog specific user configuration options + properties: + datadog_dbm_enabled: + description: Enable Datadog Database Monitoring + type: boolean + datadog_tags: + description: Custom tags provided by user + items: + description: Datadog tag defined by user + properties: + comment: + description: Optional tag explanation + maxLength: 1024 + type: string + tag: + description: + "Tag format and usage are described here: https://docs.datadoghq.com/getting_started/tagging. + Tags with prefix 'aiven-' are reserved for Aiven." + maxLength: 200 + minLength: 1 + type: string + required: + - tag + type: object + maxItems: 32 + type: array + exclude_consumer_groups: + description: List of custom metrics + items: + type: string + maxItems: 1024 + type: array + exclude_topics: + description: List of topics to exclude + items: + type: string + maxItems: 1024 + type: array + include_consumer_groups: + description: List of custom metrics + items: + type: string + maxItems: 1024 + type: array + include_topics: + description: List of topics to include + items: + type: string + maxItems: 1024 + type: array + kafka_custom_metrics: + description: List of custom metrics + items: + type: string + maxItems: 1024 + type: array + max_jmx_metrics: + description: Maximum number of JMX metrics to send + maximum: 100000 + minimum: 10 + type: integer + opensearch: + description: Datadog Opensearch Options properties: - auto_offset_reset: - description: Action to take when there is no initial offset - in offset store or the desired offset is out of range - enum: - - smallest - - earliest - - beginning - - largest - - latest - - end - type: string - columns: - description: Table columns - items: - description: Table column - properties: - name: - description: Column name - maxLength: 40 - minLength: 1 - type: string - type: - description: Column type - maxLength: 1000 - minLength: 1 - type: string - required: - - name - - type - type: object - maxItems: 100 - type: array - data_format: - description: Message data format - enum: - - Avro - - CSV - - JSONAsString - - JSONCompactEachRow - - JSONCompactStringsEachRow - - JSONEachRow - - JSONStringsEachRow - - MsgPack - - TSKV - - TSV - - TabSeparated - - RawBLOB - - AvroConfluent + index_stats_enabled: + description: Enable Datadog Opensearch Index Monitoring + type: boolean + pending_task_stats_enabled: + description: Enable Datadog Opensearch Pending Task Monitoring + type: boolean + pshard_stats_enabled: + description: Enable Datadog Opensearch Primary Shard Monitoring + type: boolean + type: object + redis: + description: Datadog Redis Options + properties: + command_stats_enabled: + description: Enable command_stats option in the agent's configuration + type: boolean + type: object + type: object + destinationEndpointId: + description: Destination endpoint for the integration (if any) + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + destinationProjectName: + description: Destination project for the integration (if any) + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + destinationServiceName: + description: Destination service for the integration (if any) + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + externalAWSCloudwatchMetrics: + description: + External AWS CloudWatch Metrics integration Logs configuration + values + properties: + dropped_metrics: + description: + Metrics to not send to AWS CloudWatch (takes precedence + over extra_metrics) + items: + description: Metric name and subfield + properties: + field: + description: Identifier of a value in the metric + maxLength: 1000 + type: string + metric: + description: Identifier of the metric + maxLength: 1000 + type: string + required: + - field + - metric + type: object + maxItems: 1024 + type: array + extra_metrics: + description: + Metrics to allow through to AWS CloudWatch (in addition + to default metrics) + items: + description: Metric name and subfield + properties: + field: + description: Identifier of a value in the metric + maxLength: 1000 + type: string + metric: + description: Identifier of the metric + maxLength: 1000 + type: string + required: + - field + - metric + type: object + maxItems: 1024 + type: array + type: object + integrationType: + description: + Type of the service integration accepted by Aiven API. + Some values may not be supported by the operator + enum: + - alertmanager + - autoscaler + - caching + - cassandra_cross_service_cluster + - clickhouse_kafka + - clickhouse_postgresql + - dashboard + - datadog + - datasource + - external_aws_cloudwatch_logs + - external_aws_cloudwatch_metrics + - external_elasticsearch_logs + - external_google_cloud_logging + - external_opensearch_logs + - flink + - flink_external_kafka + - internal_connectivity + - jolokia + - kafka_connect + - kafka_logs + - kafka_mirrormaker + - logs + - m3aggregator + - m3coordinator + - metrics + - opensearch_cross_cluster_replication + - opensearch_cross_cluster_search + - prometheus + - read_replica + - rsyslog + - schema_registry_proxy + - stresstester + - thanosquery + - thanosstore + - vmalert + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + kafkaConnect: + description: Kafka Connect service configuration values + properties: + kafka_connect: + description: Kafka Connect service configuration values + properties: + config_storage_topic: + description: + The name of the topic where connector and task + configuration data are stored.This must be the same for + all workers with the same group_id. + maxLength: 249 type: string - date_time_input_format: - description: Method to read DateTime from text input formats - enum: - - basic - - best_effort - - best_effort_us + group_id: + description: + A unique string that identifies the Connect cluster + group this worker belongs to. + maxLength: 249 type: string - group_name: - description: Kafka consumers group + offset_storage_topic: + description: + The name of the topic where connector and task + configuration offsets are stored.This must be the same for + all workers with the same group_id. maxLength: 249 - minLength: 1 type: string - handle_error_mode: - description: How to handle errors for Kafka engine - enum: - - default - - stream + status_storage_topic: + description: + The name of the topic where connector and task + configuration status updates are stored.This must be the + same for all workers with the same group_id. + maxLength: 249 type: string - max_block_size: - description: Number of row collected by poll(s) for flushing - data from Kafka - maximum: 1000000000 + type: object + type: object + kafkaLogs: + description: Kafka logs configuration values + properties: + kafka_topic: + description: Topic name + maxLength: 249 + minLength: 1 + type: string + selected_log_fields: + description: + The list of logging fields that will be sent to the + integration logging service. The MESSAGE and timestamp fields + are always sent. + items: + type: string + maxItems: 5 + type: array + required: + - kafka_topic + type: object + kafkaMirrormaker: + description: Kafka MirrorMaker configuration values + properties: + cluster_alias: + description: + "The alias under which the Kafka cluster is known + to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, + '.', '_', and '-'." + maxLength: 128 + pattern: ^[a-zA-Z0-9_.-]+$ + type: string + kafka_mirrormaker: + description: Kafka MirrorMaker configuration values + properties: + consumer_fetch_min_bytes: + description: + The minimum amount of data the server should + return for a fetch request + maximum: 5242880 + minimum: 1 + type: integer + producer_batch_size: + description: + The batch size in bytes producer will attempt + to collect before publishing to broker. + maximum: 5242880 minimum: 0 type: integer - max_rows_per_message: - description: The maximum number of rows produced in one - kafka message for row-based formats - maximum: 1000000000 - minimum: 1 + producer_buffer_memory: + description: + The amount of bytes producer can use for buffering + data before publishing to broker. + maximum: 134217728 + minimum: 5242880 type: integer - name: - description: Name of the table - maxLength: 40 - minLength: 1 + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none type: string - num_consumers: - description: The number of consumers per table per replica - maximum: 10 - minimum: 1 - type: integer - poll_max_batch_size: - description: Maximum amount of messages to be polled in - a single Kafka poll - maximum: 1000000000 + producer_linger_ms: + description: + The linger time (ms) for waiting new data to + arrive for publishing. + maximum: 5000 minimum: 0 type: integer - skip_broken_messages: - description: Skip at least this number of broken messages - from Kafka topic per block - maximum: 1000000000 + producer_max_request_size: + description: The maximum request size in bytes. + maximum: 268435456 minimum: 0 type: integer - topics: - description: Kafka topics - items: - description: Kafka topic - properties: - name: - description: Name of the topic - maxLength: 249 - minLength: 1 - type: string - required: - - name - type: object - maxItems: 100 - type: array - required: - - columns - - data_format - - group_name - - name - - topics type: object - maxItems: 100 - type: array - type: object - clickhousePostgresql: - description: Clickhouse PostgreSQL configuration values - properties: - databases: - description: Databases to expose - items: - description: Database to expose - properties: - database: - description: PostgreSQL database to expose - maxLength: 63 - minLength: 1 - type: string - schema: - description: PostgreSQL schema to expose - maxLength: 63 - minLength: 1 - type: string - type: object - maxItems: 10 - type: array - type: object - datadog: - description: Datadog specific user configuration options - properties: - datadog_dbm_enabled: - description: Enable Datadog Database Monitoring - type: boolean - datadog_tags: - description: Custom tags provided by user - items: - description: Datadog tag defined by user - properties: - comment: - description: Optional tag explanation - maxLength: 1024 - type: string - tag: - description: 'Tag format and usage are described here: https://docs.datadoghq.com/getting_started/tagging. - Tags with prefix ''aiven-'' are reserved for Aiven.' - maxLength: 200 - minLength: 1 - type: string - required: - - tag - type: object - maxItems: 32 - type: array - exclude_consumer_groups: - description: List of custom metrics - items: - type: string - maxItems: 1024 - type: array - exclude_topics: - description: List of topics to exclude - items: - type: string - maxItems: 1024 - type: array - include_consumer_groups: - description: List of custom metrics - items: + type: object + logs: + description: Logs configuration values + properties: + elasticsearch_index_days_max: + description: Elasticsearch index retention limit + maximum: 10000 + minimum: 1 + type: integer + elasticsearch_index_prefix: + description: Elasticsearch index prefix + maxLength: 1024 + minLength: 1 type: string - maxItems: 1024 - type: array - include_topics: - description: List of topics to include - items: + selected_log_fields: + description: + The list of logging fields that will be sent to the + integration logging service. The MESSAGE and timestamp fields + are always sent. + items: + type: string + maxItems: 5 + type: array + type: object + metrics: + description: Metrics configuration values + properties: + database: + description: + Name of the database where to store metric datapoints. + Only affects PostgreSQL destinations. Defaults to 'metrics'. + Note that this must be the same for all metrics integrations + that write data to the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-_A-Za-z0-9]{0,39}$ type: string - maxItems: 1024 - type: array - kafka_custom_metrics: - description: List of custom metrics - items: + retention_days: + description: + Number of days to keep old metrics. Only affects + PostgreSQL destinations. Set to 0 for no automatic cleanup. + Defaults to 30 days. + maximum: 10000 + minimum: 0 + type: integer + ro_username: + description: + Name of a user that can be used to read metrics. + This will be used for Grafana integration (if enabled) to prevent + Grafana users from making undesired changes. Only affects PostgreSQL + destinations. Defaults to 'metrics_reader'. Note that this must + be the same for all metrics integrations that write data to + the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ type: string - maxItems: 1024 - type: array - max_jmx_metrics: - description: Maximum number of JMX metrics to send - maximum: 100000 - minimum: 10 - type: integer - opensearch: - description: Datadog Opensearch Options - properties: - index_stats_enabled: - description: Enable Datadog Opensearch Index Monitoring - type: boolean - pending_task_stats_enabled: - description: Enable Datadog Opensearch Pending Task Monitoring - type: boolean - pshard_stats_enabled: - description: Enable Datadog Opensearch Primary Shard Monitoring - type: boolean - type: object - redis: - description: Datadog Redis Options - properties: - command_stats_enabled: - description: Enable command_stats option in the agent's configuration - type: boolean - type: object - type: object - destinationEndpointId: - description: Destination endpoint for the integration (if any) - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - destinationProjectName: - description: Destination project for the integration (if any) - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - destinationServiceName: - description: Destination service for the integration (if any) - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - externalAWSCloudwatchMetrics: - description: External AWS CloudWatch Metrics integration Logs configuration - values - properties: - dropped_metrics: - description: Metrics to not send to AWS CloudWatch (takes precedence - over extra_metrics) - items: - description: Metric name and subfield + source_mysql: + description: + Configuration options for metrics where source service + is MySQL properties: - field: - description: Identifier of a value in the metric - maxLength: 1000 - type: string - metric: - description: Identifier of the metric - maxLength: 1000 - type: string - required: - - field - - metric + telegraf: + description: + Configuration options for Telegraf MySQL input + plugin + properties: + gather_event_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.EVENT_WAITS + type: boolean + gather_file_events_stats: + description: gather metrics from PERFORMANCE_SCHEMA.FILE_SUMMARY_BY_EVENT_NAME + type: boolean + gather_index_io_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_INDEX_USAGE + type: boolean + gather_info_schema_auto_inc: + description: + Gather auto_increment columns and max values + from information schema + type: boolean + gather_innodb_metrics: + description: Gather metrics from INFORMATION_SCHEMA.INNODB_METRICS + type: boolean + gather_perf_events_statements: + description: Gather metrics from PERFORMANCE_SCHEMA.EVENTS_STATEMENTS_SUMMARY_BY_DIGEST + type: boolean + gather_process_list: + description: Gather thread state counts from INFORMATION_SCHEMA.PROCESSLIST + type: boolean + gather_slave_status: + description: + Gather metrics from SHOW SLAVE STATUS command + output + type: boolean + gather_table_io_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_TABLE + type: boolean + gather_table_lock_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_LOCK_WAITS + type: boolean + gather_table_schema: + description: Gather metrics from INFORMATION_SCHEMA.TABLES + type: boolean + perf_events_statements_digest_text_limit: + description: + Truncates digest text from perf_events_statements + into this many characters + maximum: 2048 + minimum: 1 + type: integer + perf_events_statements_limit: + description: Limits metrics from perf_events_statements + maximum: 4000 + minimum: 1 + type: integer + perf_events_statements_time_limit: + description: + Only include perf_events_statements whose + last seen is less than this many seconds + maximum: 2592000 + minimum: 1 + type: integer + type: object type: object - maxItems: 1024 - type: array - extra_metrics: - description: Metrics to allow through to AWS CloudWatch (in addition - to default metrics) - items: - description: Metric name and subfield - properties: - field: - description: Identifier of a value in the metric - maxLength: 1000 - type: string - metric: - description: Identifier of the metric - maxLength: 1000 - type: string - required: - - field - - metric - type: object - maxItems: 1024 - type: array - type: object - integrationType: - description: Type of the service integration accepted by Aiven API. - Some values may not be supported by the operator - enum: - - alertmanager - - autoscaler - - caching - - cassandra_cross_service_cluster - - clickhouse_kafka - - clickhouse_postgresql - - dashboard - - datadog - - datasource - - external_aws_cloudwatch_logs - - external_aws_cloudwatch_metrics - - external_elasticsearch_logs - - external_google_cloud_logging - - external_opensearch_logs - - flink - - flink_external_kafka - - internal_connectivity - - jolokia - - kafka_connect - - kafka_logs - - kafka_mirrormaker - - logs - - m3aggregator - - m3coordinator - - metrics - - opensearch_cross_cluster_replication - - opensearch_cross_cluster_search - - prometheus - - read_replica - - rsyslog - - schema_registry_proxy - - stresstester - - thanosquery - - thanosstore - - vmalert - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - kafkaConnect: - description: Kafka Connect service configuration values - properties: - kafka_connect: - description: Kafka Connect service configuration values + username: + description: + Name of the user used to write metrics. Only affects + PostgreSQL destinations. Defaults to 'metrics_writer'. Note + that this must be the same for all metrics integrations that + write data to the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ + type: string + type: object + project: + description: Project the integration belongs to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceEndpointID: + description: Source endpoint for the integration (if any) + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceProjectName: + description: Source project for the integration (if any) + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceServiceName: + description: Source service for the integration (if any) + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - integrationType + - project + type: object + status: + description: ServiceIntegrationStatus defines the observed state of ServiceIntegration + properties: + conditions: + description: + Conditions represent the latest available observations + of an ServiceIntegration state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - config_storage_topic: - description: The name of the topic where connector and task - configuration data are stored.This must be the same for - all workers with the same group_id. - maxLength: 249 - type: string - group_id: - description: A unique string that identifies the Connect cluster - group this worker belongs to. - maxLength: 249 - type: string - offset_storage_topic: - description: The name of the topic where connector and task - configuration offsets are stored.This must be the same for - all workers with the same group_id. - maxLength: 249 + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - status_storage_topic: - description: The name of the topic where connector and task - configuration status updates are stored.This must be the - same for all workers with the same group_id. - maxLength: 249 + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - type: object - type: object - kafkaLogs: - description: Kafka logs configuration values - properties: - kafka_topic: - description: Topic name - maxLength: 249 - minLength: 1 - type: string - selected_log_fields: - description: The list of logging fields that will be sent to the - integration logging service. The MESSAGE and timestamp fields - are always sent. - items: - type: string - maxItems: 5 - type: array - required: - - kafka_topic - type: object - kafkaMirrormaker: - description: Kafka MirrorMaker configuration values - properties: - cluster_alias: - description: 'The alias under which the Kafka cluster is known - to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, - ''.'', ''_'', and ''-''.' - maxLength: 128 - pattern: ^[a-zA-Z0-9_.-]+$ - type: string - kafka_mirrormaker: - description: Kafka MirrorMaker configuration values - properties: - consumer_fetch_min_bytes: - description: The minimum amount of data the server should - return for a fetch request - maximum: 5242880 - minimum: 1 - type: integer - producer_batch_size: - description: The batch size in bytes producer will attempt - to collect before publishing to broker. - maximum: 5242880 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - producer_buffer_memory: - description: The amount of bytes producer can use for buffering - data before publishing to broker. - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. enum: - - gzip - - snappy - - lz4 - - zstd - - none + - "True" + - "False" + - Unknown type: string - producer_linger_ms: - description: The linger time (ms) for waiting new data to - arrive for publishing. - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: The maximum request size in bytes. - maximum: 268435456 - minimum: 0 - type: integer - type: object - type: object - logs: - description: Logs configuration values - properties: - elasticsearch_index_days_max: - description: Elasticsearch index retention limit - maximum: 10000 - minimum: 1 - type: integer - elasticsearch_index_prefix: - description: Elasticsearch index prefix - maxLength: 1024 - minLength: 1 - type: string - selected_log_fields: - description: The list of logging fields that will be sent to the - integration logging service. The MESSAGE and timestamp fields - are always sent. - items: - type: string - maxItems: 5 - type: array - type: object - metrics: - description: Metrics configuration values - properties: - database: - description: Name of the database where to store metric datapoints. - Only affects PostgreSQL destinations. Defaults to 'metrics'. - Note that this must be the same for all metrics integrations - that write data to the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-_A-Za-z0-9]{0,39}$ - type: string - retention_days: - description: Number of days to keep old metrics. Only affects - PostgreSQL destinations. Set to 0 for no automatic cleanup. - Defaults to 30 days. - maximum: 10000 - minimum: 0 - type: integer - ro_username: - description: Name of a user that can be used to read metrics. - This will be used for Grafana integration (if enabled) to prevent - Grafana users from making undesired changes. Only affects PostgreSQL - destinations. Defaults to 'metrics_reader'. Note that this must - be the same for all metrics integrations that write data to - the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ - type: string - source_mysql: - description: Configuration options for metrics where source service - is MySQL - properties: - telegraf: - description: Configuration options for Telegraf MySQL input - plugin - properties: - gather_event_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.EVENT_WAITS - type: boolean - gather_file_events_stats: - description: gather metrics from PERFORMANCE_SCHEMA.FILE_SUMMARY_BY_EVENT_NAME - type: boolean - gather_index_io_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_INDEX_USAGE - type: boolean - gather_info_schema_auto_inc: - description: Gather auto_increment columns and max values - from information schema - type: boolean - gather_innodb_metrics: - description: Gather metrics from INFORMATION_SCHEMA.INNODB_METRICS - type: boolean - gather_perf_events_statements: - description: Gather metrics from PERFORMANCE_SCHEMA.EVENTS_STATEMENTS_SUMMARY_BY_DIGEST - type: boolean - gather_process_list: - description: Gather thread state counts from INFORMATION_SCHEMA.PROCESSLIST - type: boolean - gather_slave_status: - description: Gather metrics from SHOW SLAVE STATUS command - output - type: boolean - gather_table_io_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_TABLE - type: boolean - gather_table_lock_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_LOCK_WAITS - type: boolean - gather_table_schema: - description: Gather metrics from INFORMATION_SCHEMA.TABLES - type: boolean - perf_events_statements_digest_text_limit: - description: Truncates digest text from perf_events_statements - into this many characters - maximum: 2048 - minimum: 1 - type: integer - perf_events_statements_limit: - description: Limits metrics from perf_events_statements - maximum: 4000 - minimum: 1 - type: integer - perf_events_statements_time_limit: - description: Only include perf_events_statements whose - last seen is less than this many seconds - maximum: 2592000 - minimum: 1 - type: integer - type: object + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - username: - description: Name of the user used to write metrics. Only affects - PostgreSQL destinations. Defaults to 'metrics_writer'. Note - that this must be the same for all metrics integrations that - write data to the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ - type: string - type: object - project: - description: Project the integration belongs to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceEndpointID: - description: Source endpoint for the integration (if any) - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceProjectName: - description: Source project for the integration (if any) - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceServiceName: - description: Source service for the integration (if any) - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - integrationType - - project - type: object - status: - description: ServiceIntegrationStatus defines the observed state of ServiceIntegration - properties: - conditions: - description: Conditions represent the latest available observations - of an ServiceIntegration state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - id: - description: Service integration ID - type: string - required: - - conditions - - id - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + id: + description: Service integration ID + type: string + required: + - conditions + - id + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml b/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml index e188b02d..b71e03fb 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_serviceusers.yaml @@ -15,179 +15,191 @@ spec: singular: serviceuser scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connInfoSecretTarget.name - name: Connection Information Secret - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ServiceUser is the Schema for the serviceusers API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceUserSpec defines the desired state of ServiceUser - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - authentication: - description: Authentication details - enum: - - caching_sha2_password - - mysql_native_password - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `SERVICEUSER_HOST`, `SERVICEUSER_PORT`, `SERVICEUSER_USERNAME`, - `SERVICEUSER_PASSWORD`, `SERVICEUSER_CA_CERT`, `SERVICEUSER_ACCESS_CERT`, - `SERVICEUSER_ACCESS_KEY`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - project: - description: Project to link the user to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service to link the user to - maxLength: 63 - type: string - required: - - project - - serviceName - type: object - status: - description: ServiceUserStatus defines the observed state of ServiceUser - properties: - conditions: - description: Conditions represent the latest available observations - of an ServiceUser state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connInfoSecretTarget.name + name: Connection Information Secret + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ServiceUser is the Schema for the serviceusers API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ServiceUserSpec defines the desired state of ServiceUser + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + key: + minLength: 1 type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + name: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + required: + - key + - name + type: object + authentication: + description: Authentication details + enum: + - caching_sha2_password + - mysql_native_password + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `SERVICEUSER_HOST`, `SERVICEUSER_PORT`, `SERVICEUSER_USERNAME`, + `SERVICEUSER_PASSWORD`, `SERVICEUSER_CA_CERT`, `SERVICEUSER_ACCESS_CERT`, + `SERVICEUSER_ACCESS_KEY`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name type: object - type: array - type: - description: Type of the user account - type: string - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + project: + description: Project to link the user to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service to link the user to + maxLength: 63 + type: string + required: + - project + - serviceName + type: object + status: + description: ServiceUserStatus defines the observed state of ServiceUser + properties: + conditions: + description: + Conditions represent the latest available observations + of an ServiceUser state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: + description: Type of the user account + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/aiven-operator/values.yaml b/charts/aiven-operator/values.yaml index b63d30c5..3104c7b0 100644 --- a/charts/aiven-operator/values.yaml +++ b/charts/aiven-operator/values.yaml @@ -54,11 +54,13 @@ resources: podAnnotations: {} -podSecurityContext: {} +podSecurityContext: + {} # runAsNonRoot: true # runAsUser: 65532 -securityContext: {} +securityContext: + {} # capabilities: # drop: # - ALL diff --git a/commitlint.config.js b/commitlint.config.js index 50093c1a..2ef25a15 100644 --- a/commitlint.config.js +++ b/commitlint.config.js @@ -1,4 +1,4 @@ module.exports = { - extends: ["@commitlint/config-conventional"], - ignores: [(msg) => /Signed-off-by: dependabot\[bot]/m.test(msg)], + extends: ["@commitlint/config-conventional"], + ignores: [(msg) => /Signed-off-by: dependabot\[bot]/m.test(msg)], }; diff --git a/config/certmanager/certificate.yaml b/config/certmanager/certificate.yaml index 52d86618..2e392bb7 100644 --- a/config/certmanager/certificate.yaml +++ b/config/certmanager/certificate.yaml @@ -12,13 +12,13 @@ spec: apiVersion: cert-manager.io/v1 kind: Certificate metadata: - name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml + name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml namespace: system spec: # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize dnsNames: - - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc - - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local issuerRef: kind: Issuer name: selfsigned-issuer diff --git a/config/certmanager/kustomization.yaml b/config/certmanager/kustomization.yaml index bebea5a5..95f333f3 100644 --- a/config/certmanager/kustomization.yaml +++ b/config/certmanager/kustomization.yaml @@ -1,5 +1,5 @@ resources: -- certificate.yaml + - certificate.yaml configurations: -- kustomizeconfig.yaml + - kustomizeconfig.yaml diff --git a/config/certmanager/kustomizeconfig.yaml b/config/certmanager/kustomizeconfig.yaml index 90d7c313..d58c4f20 100644 --- a/config/certmanager/kustomizeconfig.yaml +++ b/config/certmanager/kustomizeconfig.yaml @@ -1,16 +1,16 @@ -# This configuration is for teaching kustomize how to update name ref and var substitution +# This configuration is for teaching kustomize how to update name ref and var substitution nameReference: -- kind: Issuer - group: cert-manager.io - fieldSpecs: - - kind: Certificate + - kind: Issuer group: cert-manager.io - path: spec/issuerRef/name + fieldSpecs: + - kind: Certificate + group: cert-manager.io + path: spec/issuerRef/name varReference: -- kind: Certificate - group: cert-manager.io - path: spec/commonName -- kind: Certificate - group: cert-manager.io - path: spec/dnsNames + - kind: Certificate + group: cert-manager.io + path: spec/commonName + - kind: Certificate + group: cert-manager.io + path: spec/dnsNames diff --git a/config/crd/bases/aiven.io_cassandras.yaml b/config/crd/bases/aiven.io_cassandras.yaml index b92c2e97..c77cf9c8 100644 --- a/config/crd/bases/aiven.io_cassandras.yaml +++ b/config/crd/bases/aiven.io_cassandras.yaml @@ -15,381 +15,417 @@ spec: singular: cassandra scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Cassandra is the Schema for the cassandras API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CassandraSpec defines the desired state of Cassandra - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CASSANDRA_HOST`, `CASSANDRA_PORT`, `CASSANDRA_USER`, `CASSANDRA_PASSWORD`, - `CASSANDRA_URI`, `CASSANDRA_HOSTS`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Cassandra is the Schema for the cassandras API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: CassandraSpec defines the desired state of Cassandra + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Cassandra specific user configuration options - properties: - additional_backup_regions: - description: Deprecated. Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - backup_hour: - description: The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 - minimum: 0 - type: integer - cassandra: - description: cassandra configuration values - properties: - batch_size_fail_threshold_in_kb: - description: Fail any multiple-partition batch exceeding this - value. 50kb (10x warn threshold) by default. - maximum: 1000000 - minimum: 1 - type: integer - batch_size_warn_threshold_in_kb: - description: Log a warning message on any multiple-partition - batch size exceeding this value.5kb per batch by default.Caution - should be taken on increasing the size of this thresholdas - it can lead to node instability. - maximum: 1000000 - minimum: 1 - type: integer - datacenter: - description: Name of the datacenter to which nodes of this - service belong. Can be set only when creating the service. - maxLength: 128 + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CASSANDRA_HOST`, `CASSANDRA_PORT`, `CASSANDRA_USER`, `CASSANDRA_PASSWORD`, + `CASSANDRA_URI`, `CASSANDRA_HOSTS`" + properties: + annotations: + additionalProperties: type: string - type: object - cassandra_version: - description: Cassandra major version - enum: - - "4" - - "3" - type: string - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network + description: Annotations added to the secret type: object - maxItems: 1024 - type: array - migrate_sstableloader: - description: Sets the service into migration mode enabling the - sstableloader utility to be used to upload Cassandra data files. - Available only on service create. - type: boolean - private_access: - description: Allow access to selected service ports from private - networks - properties: - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - service_to_join_with: - description: When bootstrapping, instead of creating a new Cassandra - cluster try to join an existing one from another service. Can - only be set on service creation. - maxLength: 64 + tags: + additionalProperties: type: string - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Cassandra specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + additional_backup_regions: + description: Deprecated. Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + backup_hour: + description: + The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + backup_minute: + description: + The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + cassandra: + description: cassandra configuration values + properties: + batch_size_fail_threshold_in_kb: + description: + Fail any multiple-partition batch exceeding this + value. 50kb (10x warn threshold) by default. + maximum: 1000000 + minimum: 1 + type: integer + batch_size_warn_threshold_in_kb: + description: + Log a warning message on any multiple-partition + batch size exceeding this value.5kb per batch by default.Caution + should be taken on increasing the size of this thresholdas + it can lead to node instability. + maximum: 1000000 + minimum: 1 + type: integer + datacenter: + description: + Name of the datacenter to which nodes of this + service belong. Can be set only when creating the service. + maxLength: 128 + type: string + type: object + cassandra_version: + description: Cassandra major version enum: - - "True" - - "False" - - Unknown + - "4" + - "3" type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migrate_sstableloader: + description: + Sets the service into migration mode enabling the + sstableloader utility to be used to upload Cassandra data files. + Available only on service create. + type: boolean + private_access: + description: + Allow access to selected service ports from private + networks + properties: + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_to_join_with: + description: + When bootstrapping, instead of creating a new Cassandra + cluster try to join an existing one from another service. Can + only be set on service creation. + maxLength: 64 + type: string + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_clickhouses.yaml b/config/crd/bases/aiven.io_clickhouses.yaml index 6fbd5c4e..631948cd 100644 --- a/config/crd/bases/aiven.io_clickhouses.yaml +++ b/config/crd/bases/aiven.io_clickhouses.yaml @@ -15,360 +15,396 @@ spec: singular: clickhouse scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Clickhouse is the Schema for the clickhouses API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClickhouseSpec defines the desired state of Clickhouse - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Clickhouse is the Schema for the clickhouses API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ClickhouseSpec defines the desired state of Clickhouse + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: OpenSearch specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret type: object - maxItems: 1024 - type: array - private_access: - description: Allow access to selected service ports from private - networks - properties: - clickhouse: - description: Allow clients to connect to clickhouse with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - clickhouse_https: - description: Allow clients to connect to clickhouse_https - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - clickhouse_mysql: - description: Allow clients to connect to clickhouse_mysql - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - clickhouse: - description: Enable clickhouse - type: boolean - clickhouse_https: - description: Enable clickhouse_https - type: boolean - clickhouse_mysql: - description: Enable clickhouse_mysql - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - clickhouse: - description: Allow clients to connect to clickhouse from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - clickhouse_https: - description: Allow clients to connect to clickhouse_https - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - clickhouse_mysql: - description: Allow clients to connect to clickhouse_mysql - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: OpenSearch specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + private_access: + description: + Allow access to selected service ports from private + networks + properties: + clickhouse: + description: + Allow clients to connect to clickhouse with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + clickhouse_https: + description: + Allow clients to connect to clickhouse_https + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + clickhouse_mysql: + description: + Allow clients to connect to clickhouse_mysql + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + clickhouse: + description: Enable clickhouse + type: boolean + clickhouse_https: + description: Enable clickhouse_https + type: boolean + clickhouse_mysql: + description: Enable clickhouse_mysql + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + clickhouse: + description: + Allow clients to connect to clickhouse from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + clickhouse_https: + description: + Allow clients to connect to clickhouse_https + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + clickhouse_mysql: + description: + Allow clients to connect to clickhouse_mysql + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_clickhouseusers.yaml b/config/crd/bases/aiven.io_clickhouseusers.yaml index d28df3a9..87435b42 100644 --- a/config/crd/bases/aiven.io_clickhouseusers.yaml +++ b/config/crd/bases/aiven.io_clickhouseusers.yaml @@ -15,179 +15,191 @@ spec: singular: clickhouseuser scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connInfoSecretTarget.name - name: Connection Information Secret - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ClickhouseUser is the Schema for the clickhouseusers API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClickhouseUserSpec defines the desired state of ClickhouseUser - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CLICKHOUSEUSER_HOST`, `CLICKHOUSEUSER_PORT`, `CLICKHOUSEUSER_USER`, - `CLICKHOUSEUSER_PASSWORD`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - project: - description: Project to link the user to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - serviceName: - description: Service to link the user to - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - project - - serviceName - type: object - status: - description: ClickhouseUserStatus defines the observed state of ClickhouseUser - properties: - conditions: - description: Conditions represent the latest available observations - of an ClickhouseUser state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connInfoSecretTarget.name + name: Connection Information Secret + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ClickhouseUser is the Schema for the clickhouseusers API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ClickhouseUserSpec defines the desired state of ClickhouseUser + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + key: + minLength: 1 type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + name: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + required: + - key + - name + type: object + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CLICKHOUSEUSER_HOST`, `CLICKHOUSEUSER_PORT`, `CLICKHOUSEUSER_USER`, + `CLICKHOUSEUSER_PASSWORD`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name type: object - type: array - uuid: - description: Clickhouse user UUID - type: string - required: - - conditions - - uuid - type: object - type: object - served: true - storage: true - subresources: - status: {} + project: + description: Project to link the user to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + serviceName: + description: Service to link the user to + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - project + - serviceName + type: object + status: + description: ClickhouseUserStatus defines the observed state of ClickhouseUser + properties: + conditions: + description: + Conditions represent the latest available observations + of an ClickhouseUser state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + uuid: + description: Clickhouse user UUID + type: string + required: + - conditions + - uuid + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_connectionpools.yaml b/config/crd/bases/aiven.io_connectionpools.yaml index f8b3d439..8c40c19c 100644 --- a/config/crd/bases/aiven.io_connectionpools.yaml +++ b/config/crd/bases/aiven.io_connectionpools.yaml @@ -15,200 +15,213 @@ spec: singular: connectionpool scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.databaseName - name: Database - type: string - - jsonPath: .spec.username - name: Username - type: string - - jsonPath: .spec.poolSize - name: Pool Size - type: string - - jsonPath: .spec.poolMode - name: Pool Mode - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ConnectionPool is the Schema for the connectionpools API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConnectionPoolSpec defines the desired state of ConnectionPool - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `CONNECTIONPOOL_NAME`, `CONNECTIONPOOL_HOST`, `CONNECTIONPOOL_PORT`, - `CONNECTIONPOOL_DATABASE`, `CONNECTIONPOOL_USER`, `CONNECTIONPOOL_PASSWORD`, - `CONNECTIONPOOL_SSLMODE`, `CONNECTIONPOOL_DATABASE_URI`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - databaseName: - description: Name of the database the pool connects to - maxLength: 40 - type: string - poolMode: - description: Mode the pool operates in (session, transaction, statement) - enum: - - session - - transaction - - statement - type: string - poolSize: - description: Number of connections the pool may create towards the - backend server - type: integer - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service name. - maxLength: 63 - type: string - username: - description: Name of the service user used to connect to the database - maxLength: 64 - type: string - required: - - databaseName - - project - - serviceName - - username - type: object - status: - description: ConnectionPoolStatus defines the observed state of ConnectionPool - properties: - conditions: - description: Conditions represent the latest available observations - of an ConnectionPool state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.databaseName + name: Database + type: string + - jsonPath: .spec.username + name: Username + type: string + - jsonPath: .spec.poolSize + name: Pool Size + type: string + - jsonPath: .spec.poolMode + name: Pool Mode + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ConnectionPool is the Schema for the connectionpools API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ConnectionPoolSpec defines the desired state of ConnectionPool + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + key: + minLength: 1 type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + name: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + required: + - key + - name + type: object + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `CONNECTIONPOOL_NAME`, `CONNECTIONPOOL_HOST`, `CONNECTIONPOOL_PORT`, + `CONNECTIONPOOL_DATABASE`, `CONNECTIONPOOL_USER`, `CONNECTIONPOOL_PASSWORD`, + `CONNECTIONPOOL_SSLMODE`, `CONNECTIONPOOL_DATABASE_URI`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name type: object - type: array - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + databaseName: + description: Name of the database the pool connects to + maxLength: 40 + type: string + poolMode: + description: Mode the pool operates in (session, transaction, statement) + enum: + - session + - transaction + - statement + type: string + poolSize: + description: + Number of connections the pool may create towards the + backend server + type: integer + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service name. + maxLength: 63 + type: string + username: + description: Name of the service user used to connect to the database + maxLength: 64 + type: string + required: + - databaseName + - project + - serviceName + - username + type: object + status: + description: ConnectionPoolStatus defines the observed state of ConnectionPool + properties: + conditions: + description: + Conditions represent the latest available observations + of an ConnectionPool state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_crd-all.gen.yaml b/config/crd/bases/aiven.io_crd-all.gen.yaml index 66371143..3e1985c1 100644 --- a/config/crd/bases/aiven.io_crd-all.gen.yaml +++ b/config/crd/bases/aiven.io_crd-all.gen.yaml @@ -1,4 +1,3 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -16,573 +15,633 @@ spec: singular: opensearch scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: OpenSearch is the Schema for the opensearches API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: OpenSearchSpec defines the desired state of OpenSearch - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: Information regarding secret creation - properties: - name: - description: Name of the Secret resource to be created - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - - never - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - tags: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: OpenSearch is the Schema for the opensearches API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: OpenSearchSpec defines the desired state of OpenSearch + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: OpenSearch specific user configuration options - properties: - custom_domain: - description: Custom domain Serve the web frontend using a custom - CNAME pointing to the Aiven DNS name - maxLength: 255 + connInfoSecretTarget: + description: Information regarding secret creation + properties: + name: + description: Name of the Secret resource to be created + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + - never + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + tags: + additionalProperties: type: string - disable_replication_factor_adjustment: - description: 'Disable replication factor adjustment DEPRECATED: - Disable automatic replication factor adjustment for multi-node - services. By default, Aiven ensures all indexes are replicated - at least to two nodes. Note: Due to potential data loss in case - of losing a service node, this setting can no longer be activated.' - type: boolean - index_patterns: - description: 'Allows you to create glob style patterns and set - a max number of indexes matching this pattern you want to keep. - Creating indexes exceeding this value will cause the oldest - one to get deleted. You could for example create a pattern looking - like ''logs.?'' and then create index logs.1, logs.2 etc, it - will delete logs.1 once you create logs.6. Do note ''logs.?'' - does not apply to logs.10. Note: Setting max_index_count to - 0 will do nothing and the pattern gets ignored.' - items: + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: OpenSearch specific user configuration options + properties: + custom_domain: + description: + Custom domain Serve the web frontend using a custom + CNAME pointing to the Aiven DNS name + maxLength: 255 + type: string + disable_replication_factor_adjustment: + description: + "Disable replication factor adjustment DEPRECATED: + Disable automatic replication factor adjustment for multi-node + services. By default, Aiven ensures all indexes are replicated + at least to two nodes. Note: Due to potential data loss in case + of losing a service node, this setting can no longer be activated." + type: boolean + index_patterns: + description: + "Allows you to create glob style patterns and set + a max number of indexes matching this pattern you want to keep. + Creating indexes exceeding this value will cause the oldest + one to get deleted. You could for example create a pattern looking + like 'logs.?' and then create index logs.1, logs.2 etc, it + will delete logs.1 once you create logs.6. Do note 'logs.?' + does not apply to logs.10. Note: Setting max_index_count to + 0 will do nothing and the pattern gets ignored." + items: + properties: + max_index_count: + description: Maximum number of indexes to keep + format: int64 + minimum: 0 + type: integer + pattern: + description: + Must consist of alpha-numeric characters, dashes, + underscores, dots and glob characters (* and ?) + maxLength: 1024 + type: string + type: object + type: array + index_template: + description: Template settings for all new indexes properties: - max_index_count: - description: Maximum number of indexes to keep + mapping_nested_objects_limit: + description: + index.mapping.nested_objects.limit The maximum + number of nested JSON objects that a single document can + contain across all nested types. This limit helps to prevent + out of memory errors when a document contains too many nested + objects. Default is 10000. format: int64 + maximum: 100000 minimum: 0 type: integer - pattern: - description: Must consist of alpha-numeric characters, dashes, - underscores, dots and glob characters (* and ?) - maxLength: 1024 - type: string + number_of_replicas: + description: + index.number_of_replicas The number of replicas + each primary shard has. + format: int64 + maximum: 29 + minimum: 0 + type: integer + number_of_shards: + description: + index.number_of_shards The number of primary + shards that an index should have. + format: int64 + maximum: 1024 + minimum: 1 + type: integer type: object - type: array - index_template: - description: Template settings for all new indexes - properties: - mapping_nested_objects_limit: - description: index.mapping.nested_objects.limit The maximum - number of nested JSON objects that a single document can - contain across all nested types. This limit helps to prevent - out of memory errors when a document contains too many nested - objects. Default is 10000. - format: int64 - maximum: 100000 - minimum: 0 - type: integer - number_of_replicas: - description: index.number_of_replicas The number of replicas - each primary shard has. - format: int64 - maximum: 29 - minimum: 0 - type: integer - number_of_shards: - description: index.number_of_shards The number of primary - shards that an index should have. - format: int64 - maximum: 1024 - minimum: 1 - type: integer - type: object - ip_filter: - description: 'Glob pattern and number of indexes matching that - pattern to be kept Allows you to create glob style patterns - and set a max number of indexes matching this pattern you want - to keep. Creating indexes exceeding this value will cause the - oldest one to get deleted. You could for example create a pattern - looking like ''logs.?'' and then create index logs.1, logs.2 - etc, it will delete logs.1 once you create logs.6. Do note ''logs.?'' - does not apply to logs.10. Note: Setting max_index_count to - 0 will do nothing and the pattern gets ignored. IP filter Allow - incoming connections from CIDR address block, e.g. ''10.20.0.0/16''' - items: - type: string - type: array - keep_index_refresh_interval: - description: Don't reset index.refresh_interval to the default - value Aiven automation resets index.refresh_interval to default - value for every index to be sure that indices are always visible - to search. If it doesn't fit your case, you can disable this - by setting up this flag to true. - type: boolean - max_index_count: - description: Maximum index count Maximum number of indexes to - keep before deleting the oldest one - format: int64 - minimum: 0 - type: integer - opensearch: - description: OpenSearch settings - properties: - action_auto_create_index_enabled: - description: action.auto_create_index Explicitly allow or - block automatic creation of indices. Defaults to true - type: boolean - action_destructive_requires_name: - description: Require explicit index names when deleting - type: boolean - cluster_max_shards_per_node: - description: cluster.max_shards_per_node Controls the number - of shards allowed in the cluster per data node - format: int64 - maximum: 10000 - minimum: 100 - type: integer - http_max_content_length: - description: http.max_content_length Maximum content length - for HTTP requests to the OpenSearch HTTP API, in bytes. - format: int64 - maximum: 2147483647 - minimum: 1 - type: integer - http_max_header_size: - description: http.max_header_size The max size of allowed - headers, in bytes - format: int64 - maximum: 262144 - minimum: 1024 - type: integer - http_max_initial_line_length: - description: http.max_initial_line_length The max length of - an HTTP URL, in bytes - format: int64 - maximum: 65536 - minimum: 1024 - type: integer - indices_fielddata_cache_size: - description: indices.fielddata.cache.size Relative amount. - Maximum amount of heap memory used for field data cache. - This is an expert setting; decreasing the value too much - will increase overhead of loading field data; too much memory - used for field data cache will decrease amount of heap available - for other operations. - format: int64 - maximum: 100 - minimum: 3 - type: integer - indices_memory_index_buffer_size: - description: indices.memory.index_buffer_size Percentage value. - Default is 10%. Total amount of heap used for indexing buffer, - before writing segments to disk. This is an expert setting. - Too low value will slow down indexing; too high value will - increase indexing performance but causes performance issues - for query performance. - format: int64 - maximum: 40 - minimum: 3 - type: integer - indices_queries_cache_size: - description: indices.queries.cache.size Percentage value. - Default is 10%. Maximum amount of heap used for query cache. - This is an expert setting. Too low value will decrease query - performance and increase performance for other operations; - too high value will cause issues with other OpenSearch functionality. - format: int64 - maximum: 40 - minimum: 3 - type: integer - indices_query_bool_max_clause_count: - description: indices.query.bool.max_clause_count Maximum number - of clauses Lucene BooleanQuery can have. The default value - (1024) is relatively high, and increasing it may cause performance - issues. Investigate other approaches first before increasing - this value. - format: int64 - maximum: 4096 - minimum: 64 - type: integer - reindex_remote_whitelist: - description: reindex_remote_whitelist Whitelisted addresses - for reindexing. Changing this value will cause all OpenSearch - instances to restart. Address (hostname:port or IP:port) - items: - type: string - type: array - search_max_buckets: - description: search.max_buckets Maximum number of aggregation - buckets allowed in a single response. OpenSearch default - value is used when this is not defined. - format: int64 - maximum: 20000 - minimum: 1 - type: integer - thread_pool_analyze_queue_size: - description: analyze thread pool queue size for the thread - pool queue. See documentation for exact details. - format: int64 - maximum: 2000 - minimum: 10 - type: integer - thread_pool_analyze_size: - description: analyze thread pool size for the thread pool. - See documentation for exact details. Do note this may have - maximum value depending on CPU count - value is automatically - lowered if set to higher than maximum value. - format: int64 - maximum: 128 - minimum: 1 - type: integer - thread_pool_force_merge_size: - description: force_merge thread pool size for the thread pool. - See documentation for exact details. Do note this may have - maximum value depending on CPU count - value is automatically - lowered if set to higher than maximum value. - format: int64 - maximum: 128 - minimum: 1 - type: integer - thread_pool_get_queue_size: - description: get thread pool queue size for the thread pool - queue. See documentation for exact details. - format: int64 - maximum: 2000 - minimum: 10 - type: integer - thread_pool_get_size: - description: get thread pool size for the thread pool. See - documentation for exact details. Do note this may have maximum - value depending on CPU count - value is automatically lowered - if set to higher than maximum value. - format: int64 - maximum: 128 - minimum: 1 - type: integer - thread_pool_index_size: - description: index thread pool size for the thread pool. See - documentation for exact details. Do note this may have maximum - value depending on CPU count - value is automatically lowered - if set to higher than maximum value. - format: int64 - maximum: 128 - minimum: 1 - type: integer - thread_pool_search_queue_size: - description: search thread pool queue size for the thread - pool queue. See documentation for exact details. - format: int64 - maximum: 2000 - minimum: 10 - type: integer - thread_pool_search_size: - description: search thread pool size for the thread pool. - See documentation for exact details. Do note this may have - maximum value depending on CPU count - value is automatically - lowered if set to higher than maximum value. - format: int64 - maximum: 128 - minimum: 1 - type: integer - thread_pool_search_throttled_queue_size: - description: search_throttled thread pool queue size for the - thread pool queue. See documentation for exact details. - format: int64 - maximum: 2000 - minimum: 10 - type: integer - thread_pool_search_throttled_size: - description: search_throttled thread pool size for the thread - pool. See documentation for exact details. Do note this - may have maximum value depending on CPU count - value is - automatically lowered if set to higher than maximum value. - format: int64 - maximum: 128 - minimum: 1 - type: integer - thread_pool_write_queue_size: - description: write thread pool queue size for the thread pool - queue. See documentation for exact details. - format: int64 - maximum: 2000 - minimum: 10 - type: integer - thread_pool_write_size: - description: write thread pool size for the thread pool. See - documentation for exact details. Do note this may have maximum - value depending on CPU count - value is automatically lowered - if set to higher than maximum value. - format: int64 - maximum: 128 - minimum: 1 - type: integer - type: object - opensearch_dashboards: - description: OpenSearch Dashboards settings - properties: - enabled: - description: Enable or disable OpenSearch Dashboards - type: boolean - max_old_space_size: - description: 'max_old_space_size Limits the maximum amount - of memory (in MiB) the OpenSearch Dashboards process can - use. This sets the max_old_space_size option of the nodejs - running the OpenSearch Dashboards. Note: the memory reserved - by OpenSearch Dashboards is not available for OpenSearch.' - format: int64 - maximum: 1024 - minimum: 64 - type: integer - opensearch_request_timeout: - description: Timeout in milliseconds for requests made by - OpenSearch Dashboards towards OpenSearch - format: int64 - maximum: 120000 - minimum: 5000 - type: integer - type: object - opensearch_version: - description: OpenSearch major version - type: string - private_access: - description: Allow access to selected service ports from private - networks - properties: - opensearch: - description: Allow clients to connect to opensearch with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - opensearch_dashboards: - description: Allow clients to connect to opensearch_dashboards - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - opensearch: - description: Enable opensearch - type: boolean - opensearch_dashboards: - description: Enable opensearch_dashboards - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - opensearch: - description: Allow clients to connect to opensearch from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - opensearch_dashboards: - description: Allow clients to connect to opensearch_dashboards - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - format: ^[a-zA-Z0-9-_:.]+$ - maxLength: 128 - type: string - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 63 - type: string - static_ips: - description: Static IP addresses Use static public IP addresses - type: boolean - type: object - required: - - authSecretRef - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + ip_filter: + description: + "Glob pattern and number of indexes matching that + pattern to be kept Allows you to create glob style patterns + and set a max number of indexes matching this pattern you want + to keep. Creating indexes exceeding this value will cause the + oldest one to get deleted. You could for example create a pattern + looking like 'logs.?' and then create index logs.1, logs.2 + etc, it will delete logs.1 once you create logs.6. Do note 'logs.?' + does not apply to logs.10. Note: Setting max_index_count to + 0 will do nothing and the pattern gets ignored. IP filter Allow + incoming connections from CIDR address block, e.g. '10.20.0.0/16'" + items: + type: string + type: array + keep_index_refresh_interval: + description: + Don't reset index.refresh_interval to the default + value Aiven automation resets index.refresh_interval to default + value for every index to be sure that indices are always visible + to search. If it doesn't fit your case, you can disable this + by setting up this flag to true. + type: boolean + max_index_count: + description: + Maximum index count Maximum number of indexes to + keep before deleting the oldest one format: int64 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + opensearch: + description: OpenSearch settings + properties: + action_auto_create_index_enabled: + description: + action.auto_create_index Explicitly allow or + block automatic creation of indices. Defaults to true + type: boolean + action_destructive_requires_name: + description: Require explicit index names when deleting + type: boolean + cluster_max_shards_per_node: + description: + cluster.max_shards_per_node Controls the number + of shards allowed in the cluster per data node + format: int64 + maximum: 10000 + minimum: 100 + type: integer + http_max_content_length: + description: + http.max_content_length Maximum content length + for HTTP requests to the OpenSearch HTTP API, in bytes. + format: int64 + maximum: 2147483647 + minimum: 1 + type: integer + http_max_header_size: + description: + http.max_header_size The max size of allowed + headers, in bytes + format: int64 + maximum: 262144 + minimum: 1024 + type: integer + http_max_initial_line_length: + description: + http.max_initial_line_length The max length of + an HTTP URL, in bytes + format: int64 + maximum: 65536 + minimum: 1024 + type: integer + indices_fielddata_cache_size: + description: + indices.fielddata.cache.size Relative amount. + Maximum amount of heap memory used for field data cache. + This is an expert setting; decreasing the value too much + will increase overhead of loading field data; too much memory + used for field data cache will decrease amount of heap available + for other operations. + format: int64 + maximum: 100 + minimum: 3 + type: integer + indices_memory_index_buffer_size: + description: + indices.memory.index_buffer_size Percentage value. + Default is 10%. Total amount of heap used for indexing buffer, + before writing segments to disk. This is an expert setting. + Too low value will slow down indexing; too high value will + increase indexing performance but causes performance issues + for query performance. + format: int64 + maximum: 40 + minimum: 3 + type: integer + indices_queries_cache_size: + description: + indices.queries.cache.size Percentage value. + Default is 10%. Maximum amount of heap used for query cache. + This is an expert setting. Too low value will decrease query + performance and increase performance for other operations; + too high value will cause issues with other OpenSearch functionality. + format: int64 + maximum: 40 + minimum: 3 + type: integer + indices_query_bool_max_clause_count: + description: + indices.query.bool.max_clause_count Maximum number + of clauses Lucene BooleanQuery can have. The default value + (1024) is relatively high, and increasing it may cause performance + issues. Investigate other approaches first before increasing + this value. + format: int64 + maximum: 4096 + minimum: 64 + type: integer + reindex_remote_whitelist: + description: + reindex_remote_whitelist Whitelisted addresses + for reindexing. Changing this value will cause all OpenSearch + instances to restart. Address (hostname:port or IP:port) + items: + type: string + type: array + search_max_buckets: + description: + search.max_buckets Maximum number of aggregation + buckets allowed in a single response. OpenSearch default + value is used when this is not defined. + format: int64 + maximum: 20000 + minimum: 1 + type: integer + thread_pool_analyze_queue_size: + description: + analyze thread pool queue size for the thread + pool queue. See documentation for exact details. + format: int64 + maximum: 2000 + minimum: 10 + type: integer + thread_pool_analyze_size: + description: + analyze thread pool size for the thread pool. + See documentation for exact details. Do note this may have + maximum value depending on CPU count - value is automatically + lowered if set to higher than maximum value. + format: int64 + maximum: 128 + minimum: 1 + type: integer + thread_pool_force_merge_size: + description: + force_merge thread pool size for the thread pool. + See documentation for exact details. Do note this may have + maximum value depending on CPU count - value is automatically + lowered if set to higher than maximum value. + format: int64 + maximum: 128 + minimum: 1 + type: integer + thread_pool_get_queue_size: + description: + get thread pool queue size for the thread pool + queue. See documentation for exact details. + format: int64 + maximum: 2000 + minimum: 10 + type: integer + thread_pool_get_size: + description: + get thread pool size for the thread pool. See + documentation for exact details. Do note this may have maximum + value depending on CPU count - value is automatically lowered + if set to higher than maximum value. + format: int64 + maximum: 128 + minimum: 1 + type: integer + thread_pool_index_size: + description: + index thread pool size for the thread pool. See + documentation for exact details. Do note this may have maximum + value depending on CPU count - value is automatically lowered + if set to higher than maximum value. + format: int64 + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_queue_size: + description: + search thread pool queue size for the thread + pool queue. See documentation for exact details. + format: int64 + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_size: + description: + search thread pool size for the thread pool. + See documentation for exact details. Do note this may have + maximum value depending on CPU count - value is automatically + lowered if set to higher than maximum value. + format: int64 + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_throttled_queue_size: + description: + search_throttled thread pool queue size for the + thread pool queue. See documentation for exact details. + format: int64 + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_throttled_size: + description: + search_throttled thread pool size for the thread + pool. See documentation for exact details. Do note this + may have maximum value depending on CPU count - value is + automatically lowered if set to higher than maximum value. + format: int64 + maximum: 128 + minimum: 1 + type: integer + thread_pool_write_queue_size: + description: + write thread pool queue size for the thread pool + queue. See documentation for exact details. + format: int64 + maximum: 2000 + minimum: 10 + type: integer + thread_pool_write_size: + description: + write thread pool size for the thread pool. See + documentation for exact details. Do note this may have maximum + value depending on CPU count - value is automatically lowered + if set to higher than maximum value. + format: int64 + maximum: 128 + minimum: 1 + type: integer + type: object + opensearch_dashboards: + description: OpenSearch Dashboards settings + properties: + enabled: + description: Enable or disable OpenSearch Dashboards + type: boolean + max_old_space_size: + description: + "max_old_space_size Limits the maximum amount + of memory (in MiB) the OpenSearch Dashboards process can + use. This sets the max_old_space_size option of the nodejs + running the OpenSearch Dashboards. Note: the memory reserved + by OpenSearch Dashboards is not available for OpenSearch." + format: int64 + maximum: 1024 + minimum: 64 + type: integer + opensearch_request_timeout: + description: + Timeout in milliseconds for requests made by + OpenSearch Dashboards towards OpenSearch + format: int64 + maximum: 120000 + minimum: 5000 + type: integer + type: object + opensearch_version: + description: OpenSearch major version + type: string + private_access: + description: + Allow access to selected service ports from private + networks + properties: + opensearch: + description: + Allow clients to connect to opensearch with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + opensearch_dashboards: + description: + Allow clients to connect to opensearch_dashboards + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + opensearch: + description: Enable opensearch + type: boolean + opensearch_dashboards: + description: Enable opensearch_dashboards + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + opensearch: + description: + Allow clients to connect to opensearch from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + opensearch_dashboards: + description: + Allow clients to connect to opensearch_dashboards + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + format: ^[a-zA-Z0-9-_:.]+$ + maxLength: 128 type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 63 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + static_ips: + description: Static IP addresses Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - required: - - conditions - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - authSecretRef + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + required: + - conditions + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -607,172 +666,181 @@ spec: singular: kafkaacl scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.username - name: Username - type: string - - jsonPath: .spec.permission - name: Permission - type: string - - jsonPath: .spec.topic - name: Topic - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaACL is the Schema for the kafkaacls API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaACLSpec defines the desired state of KafkaACL - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - permission: - description: Kafka permission to grant (admin, read, readwrite, write) - enum: - - admin - - read - - readwrite - - write - type: string - project: - description: Project to link the Kafka ACL to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service to link the Kafka ACL to - maxLength: 63 - type: string - topic: - description: Topic name pattern for the ACL entry - type: string - username: - description: Username pattern for the ACL entry - type: string - required: - - authSecretRef - - permission - - project - - serviceName - - topic - - username - type: object - status: - description: KafkaACLStatus defines the observed state of KafkaACL - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaACL state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.username + name: Username + type: string + - jsonPath: .spec.permission + name: Permission + type: string + - jsonPath: .spec.topic + name: Topic + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaACL is the Schema for the kafkaacls API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaACLSpec defines the desired state of KafkaACL + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - id: - description: Kafka ACL ID - type: string - required: - - conditions - - id - type: object - type: object - served: true - storage: true - subresources: - status: {} + permission: + description: Kafka permission to grant (admin, read, readwrite, write) + enum: + - admin + - read + - readwrite + - write + type: string + project: + description: Project to link the Kafka ACL to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service to link the Kafka ACL to + maxLength: 63 + type: string + topic: + description: Topic name pattern for the ACL entry + type: string + username: + description: Username pattern for the ACL entry + type: string + required: + - authSecretRef + - permission + - project + - serviceName + - topic + - username + type: object + status: + description: KafkaACLStatus defines the observed state of KafkaACL + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaACL state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + id: + description: Kafka ACL ID + type: string + required: + - conditions + - id + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -797,217 +865,228 @@ spec: singular: kafkaconnector scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connectorClass - name: Connector Class - type: string - - jsonPath: .status.state - name: State - type: string - - jsonPath: .status.tasksStatus.total - name: Tasks Total - type: integer - - jsonPath: .status.tasksStatus.running - name: Tasks Running - type: integer - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaConnector is the Schema for the kafkaconnectors API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaConnectorSpec defines the desired state of KafkaConnector - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connectorClass: - description: The Java class of the connector. - maxLength: 1024 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service name. - maxLength: 63 - type: string - userConfig: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connectorClass + name: Connector Class + type: string + - jsonPath: .status.state + name: State + type: string + - jsonPath: .status.tasksStatus.total + name: Tasks Total + type: integer + - jsonPath: .status.tasksStatus.running + name: Tasks Running + type: integer + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaConnector is the Schema for the kafkaconnectors API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaConnectorSpec defines the desired state of KafkaConnector + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + connectorClass: + description: The Java class of the connector. + maxLength: 1024 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 type: string - description: The connector specific configuration To build config - values from secret the template function `{{ fromSecret "name" "key" - }}` is provided when interpreting the keys - type: object - required: - - authSecretRef - - connectorClass - - project - - serviceName - - userConfig - type: object - status: - description: KafkaConnectorStatus defines the observed state of KafkaConnector - properties: - conditions: - description: Conditions represent the latest available observations - of an kafka connector state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + serviceName: + description: Service name. + maxLength: 63 + type: string + userConfig: + additionalProperties: + type: string + description: + The connector specific configuration To build config + values from secret the template function `{{ fromSecret "name" "key" + }}` is provided when interpreting the keys + type: object + required: + - authSecretRef + - connectorClass + - project + - serviceName + - userConfig + type: object + status: + description: KafkaConnectorStatus defines the observed state of KafkaConnector + properties: + conditions: + description: + Conditions represent the latest available observations + of an kafka connector state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + pluginStatus: + description: + PluginStatus contains metadata about the configured connector + plugin properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + author: type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + class: type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + docUrl: type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + title: type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + version: type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - author + - class + - docUrl + - title + - type + - version type: object - type: array - pluginStatus: - description: PluginStatus contains metadata about the configured connector - plugin - properties: - author: - type: string - class: - type: string - docUrl: - type: string - title: - type: string - type: - type: string - version: - type: string - required: - - author - - class - - docUrl - - title - - type - - version - type: object - state: - description: Connector state - type: string - tasksStatus: - description: TasksStatus contains metadata about the running tasks - properties: - failed: - type: integer - paused: - type: integer - running: - type: integer - stackTrace: - type: string - total: - type: integer - unassigned: - type: integer - unknown: - type: integer - required: - - total - type: object - required: - - conditions - - pluginStatus - - state - - tasksStatus - type: object - type: object - served: true - storage: true - subresources: - status: {} + state: + description: Connector state + type: string + tasksStatus: + description: TasksStatus contains metadata about the running tasks + properties: + failed: + type: integer + paused: + type: integer + running: + type: integer + stackTrace: + type: string + total: + type: integer + unassigned: + type: integer + unknown: + type: integer + required: + - total + type: object + required: + - conditions + - pluginStatus + - state + - tasksStatus + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -1032,269 +1111,298 @@ spec: singular: kafkaconnect scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaConnect is the Schema for the kafkaconnects API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaConnectSpec defines the desired state of KafkaConnect - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - - never - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - tags: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaConnect is the Schema for the kafkaconnects API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaConnectSpec defines the desired state of KafkaConnect + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: PostgreSQL specific user configuration options - properties: - connector_client_config_override_policy: - description: Defines what client configurations can be overridden - by the connector. Default is None - type: string - consumer_auto_offset_reset: - description: What to do when there is no initial offset in Kafka - or if the current offset does not exist any more on the server. - Default is earliest - type: string - consumer_fetch_max_bytes: - description: Records are fetched in batches by the consumer, and - if the first record batch in the first non-empty partition of - the fetch is larger than this value, the record batch will still - be returned to ensure that the consumer can make progress. As - such, this is not a absolute maximum. - format: int64 - type: integer - consumer_isolation_level: - description: Transaction read isolation level. read_uncommitted - is the default, but read_committed can be used if consume-exactly-once - behavior is desired. + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + - never + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + tags: + additionalProperties: type: string - consumer_max_partition_fetch_bytes: - description: Records are fetched in batches by the consumer.If - the first record batch in the first non-empty partition of the - fetch is larger than this limit, the batch will still be returned - to ensure that the consumer can make progress. - format: int64 - type: integer - consumer_max_poll_interval_ms: - description: The maximum delay in milliseconds between invocations - of poll() when using consumer group management (defaults to - 300000). - format: int64 - type: integer - consumer_max_poll_records: - description: The maximum number of records returned in a single - call to poll() (defaults to 500). - format: int64 - type: integer - offset_flush_interval_ms: - description: The interval at which to try committing offsets for - tasks (defaults to 60000). - format: int64 - type: integer - private_access: - description: Allow access to selected service ports from private - networks - properties: - kafka_connect: - description: Allow clients to connect to kafka_connect with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - producer_max_request_size: - description: This setting will limit the number of record batches - the producer will send in a single request to avoid sending - huge requests. - format: int64 - type: integer - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - kafka_connect: - description: Allow clients to connect to kafka_connect from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - session_timeout_ms: - description: The timeout in milliseconds used to detect failures - when using Kafka’s group management facilities (defaults to - 10000). - format: int64 - type: integer - type: object - required: - - authSecretRef - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: PostgreSQL specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + connector_client_config_override_policy: + description: + Defines what client configurations can be overridden + by the connector. Default is None type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + consumer_auto_offset_reset: + description: + What to do when there is no initial offset in Kafka + or if the current offset does not exist any more on the server. + Default is earliest type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + consumer_fetch_max_bytes: + description: + Records are fetched in batches by the consumer, and + if the first record batch in the first non-empty partition of + the fetch is larger than this value, the record batch will still + be returned to ensure that the consumer can make progress. As + such, this is not a absolute maximum. format: int64 - minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + consumer_isolation_level: + description: + Transaction read isolation level. read_uncommitted + is the default, but read_committed can be used if consume-exactly-once + behavior is desired. type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + consumer_max_partition_fetch_bytes: + description: + Records are fetched in batches by the consumer.If + the first record batch in the first non-empty partition of the + fetch is larger than this limit, the batch will still be returned + to ensure that the consumer can make progress. + format: int64 + type: integer + consumer_max_poll_interval_ms: + description: + The maximum delay in milliseconds between invocations + of poll() when using consumer group management (defaults to + 300000). + format: int64 + type: integer + consumer_max_poll_records: + description: + The maximum number of records returned in a single + call to poll() (defaults to 500). + format: int64 + type: integer + offset_flush_interval_ms: + description: + The interval at which to try committing offsets for + tasks (defaults to 60000). + format: int64 + type: integer + private_access: + description: + Allow access to selected service ports from private + networks + properties: + kafka_connect: + description: + Allow clients to connect to kafka_connect with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + producer_max_request_size: + description: + This setting will limit the number of record batches + the producer will send in a single request to avoid sending + huge requests. + format: int64 + type: integer + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + kafka_connect: + description: + Allow clients to connect to kafka_connect from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + session_timeout_ms: + description: + The timeout in milliseconds used to detect failures + when using Kafka’s group management facilities (defaults to + 10000). + format: int64 + type: integer type: object - type: array - state: - description: Service state - type: string - required: - - conditions - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - authSecretRef + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + required: + - conditions + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -1319,738 +1427,818 @@ spec: singular: kafka scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Kafka is the Schema for the kafkas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaSpec defines the desired state of Kafka - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: Information regarding secret creation - properties: - name: - description: Name of the Secret resource to be created - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - karapace: - description: Switch the service to use Karapace for schema registry - and REST proxy - type: boolean - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - - never - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - tags: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Kafka is the Schema for the kafkas API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaSpec defines the desired state of Kafka + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Kafka specific user configuration options - properties: - ip_filter: - description: IP filter Allow incoming connections from CIDR address - block, e.g. '10.20.0.0/16' - items: + connInfoSecretTarget: + description: Information regarding secret creation + properties: + name: + description: Name of the Secret resource to be created type: string - type: array - kafka: - description: Kafka broker configuration values - properties: - auto_create_topics_enable: - description: auto.create.topics.enable Enable auto creation - of topics - type: boolean - compression_type: - description: compression.type Specify the final compression - type for a given topic. This configuration accepts the standard - compression codecs ('gzip', 'snappy', 'lz4', 'zstd'). It - additionally accepts 'uncompressed' which is equivalent - to no compression; and 'producer' which means retain the - original compression codec set by the producer. - enum: - - gzip - - snappy - - lz4 - - zstd - - uncompressed - - producer - type: string - connections_max_idle_ms: - description: 'connections.max.idle.ms Idle connections timeout: - the server socket processor threads close the connections - that idle for longer than this.' - format: int64 - maximum: 3600000 - minimum: 1000 - type: integer - default_replication_factor: - description: default.replication.factor Replication factor - for autocreated topics - format: int64 - maximum: 10 - minimum: 1 - type: integer - group_max_session_timeout_ms: - description: group.max.session.timeout.ms The maximum allowed - session timeout for registered consumers. Longer timeouts - give consumers more time to process messages in between - heartbeats at the cost of a longer time to detect failures. - format: int64 - maximum: 1800000 - minimum: 0 - type: integer - group_min_session_timeout_ms: - description: group.min.session.timeout.ms The minimum allowed - session timeout for registered consumers. Longer timeouts - give consumers more time to process messages in between - heartbeats at the cost of a longer time to detect failures. - format: int64 - maximum: 60000 - minimum: 0 - type: integer - log_cleaner_delete_retention_ms: - description: log.cleaner.delete.retention.ms How long are - delete records retained? - format: int64 - maximum: 315569260000 - minimum: 0 - type: integer - log_cleaner_max_compaction_lag_ms: - description: log.cleaner.max.compaction.lag.ms The maximum - amount of time message will remain uncompacted. Only applicable - for logs that are being compacted - format: int64 - minimum: 30000 - type: integer - log_cleaner_min_cleanable_ratio: - description: log.cleaner.min.cleanable.ratio Controls log - compactor frequency. Larger value means more frequent compactions - but also more space wasted for logs. Consider setting log.cleaner.max.compaction.lag.ms - to enforce compactions sooner, instead of setting a very - high value for this option. - format: int64 - maximum: 1 - minimum: 0 - type: integer - log_cleaner_min_compaction_lag_ms: - description: log.cleaner.min.compaction.lag.ms The minimum - time a message will remain uncompacted in the log. Only - applicable for logs that are being compacted. - format: int64 - minimum: 0 - type: integer - log_cleanup_policy: - description: log.cleanup.policy The default cleanup policy - for segments beyond the retention window - enum: - - compact - - delete - type: string - log_flush_interval_messages: - description: log.flush.interval.messages The number of messages - accumulated on a log partition before messages are flushed - to disk - format: int64 - minimum: 1 - type: integer - log_flush_interval_ms: - description: log.flush.interval.ms The maximum time in ms - that a message in any topic is kept in memory before flushed - to disk. If not set, the value in log.flush.scheduler.interval.ms - is used - format: int64 - minimum: 0 - type: integer - log_index_interval_bytes: - description: log.index.interval.bytes The interval with which - Kafka adds an entry to the offset index - format: int64 - maximum: 104857600 - minimum: 0 - type: integer - log_index_size_max_bytes: - description: log.index.size.max.bytes The maximum size in - bytes of the offset index - format: int64 - maximum: 104857600 - minimum: 1048576 - type: integer - log_message_downconversion_enable: - description: log.message.downconversion.enable This configuration - controls whether down-conversion of message formats is enabled - to satisfy consume requests. - type: boolean - log_message_timestamp_difference_max_ms: - description: log.message.timestamp.difference.max.ms The maximum - difference allowed between the timestamp when a broker receives - a message and the timestamp specified in the message - format: int64 - minimum: 0 - type: integer - log_message_timestamp_type: - description: log.message.timestamp.type Define whether the - timestamp in the message is message create time or log append - time. - enum: - - CreateTime - - LogAppendTime + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + karapace: + description: + Switch the service to use Karapace for schema registry + and REST proxy + type: boolean + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + - never + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Kafka specific user configuration options + properties: + ip_filter: + description: + IP filter Allow incoming connections from CIDR address + block, e.g. '10.20.0.0/16' + items: type: string - log_preallocate: - description: log.preallocate Should pre allocate file when - create new segment? - type: boolean - log_retention_bytes: - description: log.retention.bytes The maximum size of the log - before deleting messages - format: int64 - type: integer - log_retention_hours: - description: log.retention.hours The number of hours to keep - a log file before deleting it - format: int64 - maximum: 2147483647 - type: integer - log_retention_ms: - description: log.retention.ms The number of milliseconds to - keep a log file before deleting it (in milliseconds), If - not set, the value in log.retention.minutes is used. If - set to -1, no time limit is applied. - format: int64 - type: integer - log_roll_jitter_ms: - description: log.roll.jitter.ms The maximum jitter to subtract - from logRollTimeMillis (in milliseconds). If not set, the - value in log.roll.jitter.hours is used - format: int64 - minimum: 0 - type: integer - log_roll_ms: - description: log.roll.ms The maximum time before a new log - segment is rolled out (in milliseconds). - format: int64 - minimum: 1 - type: integer - log_segment_bytes: - description: log.segment.bytes The maximum size of a single - log file - format: int64 - maximum: 1073741824 - minimum: 10485760 - type: integer - log_segment_delete_delay_ms: - description: log.segment.delete.delay.ms The amount of time - to wait before deleting a file from the filesystem - format: int64 - maximum: 3600000 - minimum: 0 - type: integer - max_connections_per_ip: - description: max.connections.per.ip The maximum number of - connections allowed from each ip address (defaults to 2147483647). - format: int64 - maximum: 2147483647 - minimum: 256 - type: integer - max_incremental_fetch_session_cache_slots: - description: max.incremental.fetch.session.cache.slots The - maximum number of incremental fetch sessions that the broker - will maintain. - format: int64 - maximum: 10000 - minimum: 1000 - type: integer - message_max_bytes: - description: message.max.bytes The maximum size of message - that the server can receive. - format: int64 - maximum: 100001200 - minimum: 0 - type: integer - min_insync_replicas: - description: min.insync.replicas When a producer sets acks - to 'all' (or '-1'), min.insync.replicas specifies the minimum - number of replicas that must acknowledge a write for the - write to be considered successful. - format: int64 - maximum: 7 - minimum: 1 - type: integer - num_partitions: - description: num.partitions Number of partitions for autocreated - topics - format: int64 - maximum: 1000 - minimum: 1 - type: integer - offsets_retention_minutes: - description: offsets.retention.minutes Log retention window - in minutes for offsets topic - format: int64 - maximum: 2147483647 - minimum: 1 - type: integer - producer_purgatory_purge_interval_requests: - description: producer.purgatory.purge.interval.requests The - purge interval (in number of requests) of the producer request - purgatory(defaults to 1000). - format: int64 - maximum: 10000 - minimum: 10 - type: integer - replica_fetch_max_bytes: - description: replica.fetch.max.bytes The number of bytes of - messages to attempt to fetch for each partition (defaults - to 1048576). This is not an absolute maximum, if the first - record batch in the first non-empty partition of the fetch - is larger than this value, the record batch will still be - returned to ensure that progress can be made. - format: int64 - maximum: 104857600 - minimum: 1048576 - type: integer - replica_fetch_response_max_bytes: - description: replica.fetch.response.max.bytes Maximum bytes - expected for the entire fetch response (defaults to 10485760). - Records are fetched in batches, and if the first record - batch in the first non-empty partition of the fetch is larger - than this value, the record batch will still be returned - to ensure that progress can be made. As such, this is not - an absolute maximum. - format: int64 - maximum: 1048576000 - minimum: 10485760 - type: integer - socket_request_max_bytes: - description: socket.request.max.bytes The maximum number of - bytes in a socket request (defaults to 104857600). - format: int64 - maximum: 209715200 - minimum: 10485760 - type: integer - type: object - kafka_authentication_methods: - description: Kafka authentication methods - properties: - certificate: - description: Enable certificate/SSL authentication - type: boolean - sasl: - description: Enable SASL authentication - type: boolean - type: object - kafka_connect: - description: Enable Kafka Connect service - type: boolean - kafka_connect_user_config: - description: Kafka Connect configuration values + type: array + kafka: + description: Kafka broker configuration values + properties: + auto_create_topics_enable: + description: + auto.create.topics.enable Enable auto creation + of topics + type: boolean + compression_type: + description: + compression.type Specify the final compression + type for a given topic. This configuration accepts the standard + compression codecs ('gzip', 'snappy', 'lz4', 'zstd'). It + additionally accepts 'uncompressed' which is equivalent + to no compression; and 'producer' which means retain the + original compression codec set by the producer. + enum: + - gzip + - snappy + - lz4 + - zstd + - uncompressed + - producer + type: string + connections_max_idle_ms: + description: + "connections.max.idle.ms Idle connections timeout: + the server socket processor threads close the connections + that idle for longer than this." + format: int64 + maximum: 3600000 + minimum: 1000 + type: integer + default_replication_factor: + description: + default.replication.factor Replication factor + for autocreated topics + format: int64 + maximum: 10 + minimum: 1 + type: integer + group_max_session_timeout_ms: + description: + group.max.session.timeout.ms The maximum allowed + session timeout for registered consumers. Longer timeouts + give consumers more time to process messages in between + heartbeats at the cost of a longer time to detect failures. + format: int64 + maximum: 1800000 + minimum: 0 + type: integer + group_min_session_timeout_ms: + description: + group.min.session.timeout.ms The minimum allowed + session timeout for registered consumers. Longer timeouts + give consumers more time to process messages in between + heartbeats at the cost of a longer time to detect failures. + format: int64 + maximum: 60000 + minimum: 0 + type: integer + log_cleaner_delete_retention_ms: + description: + log.cleaner.delete.retention.ms How long are + delete records retained? + format: int64 + maximum: 315569260000 + minimum: 0 + type: integer + log_cleaner_max_compaction_lag_ms: + description: + log.cleaner.max.compaction.lag.ms The maximum + amount of time message will remain uncompacted. Only applicable + for logs that are being compacted + format: int64 + minimum: 30000 + type: integer + log_cleaner_min_cleanable_ratio: + description: + log.cleaner.min.cleanable.ratio Controls log + compactor frequency. Larger value means more frequent compactions + but also more space wasted for logs. Consider setting log.cleaner.max.compaction.lag.ms + to enforce compactions sooner, instead of setting a very + high value for this option. + format: int64 + maximum: 1 + minimum: 0 + type: integer + log_cleaner_min_compaction_lag_ms: + description: + log.cleaner.min.compaction.lag.ms The minimum + time a message will remain uncompacted in the log. Only + applicable for logs that are being compacted. + format: int64 + minimum: 0 + type: integer + log_cleanup_policy: + description: + log.cleanup.policy The default cleanup policy + for segments beyond the retention window + enum: + - compact + - delete + type: string + log_flush_interval_messages: + description: + log.flush.interval.messages The number of messages + accumulated on a log partition before messages are flushed + to disk + format: int64 + minimum: 1 + type: integer + log_flush_interval_ms: + description: + log.flush.interval.ms The maximum time in ms + that a message in any topic is kept in memory before flushed + to disk. If not set, the value in log.flush.scheduler.interval.ms + is used + format: int64 + minimum: 0 + type: integer + log_index_interval_bytes: + description: + log.index.interval.bytes The interval with which + Kafka adds an entry to the offset index + format: int64 + maximum: 104857600 + minimum: 0 + type: integer + log_index_size_max_bytes: + description: + log.index.size.max.bytes The maximum size in + bytes of the offset index + format: int64 + maximum: 104857600 + minimum: 1048576 + type: integer + log_message_downconversion_enable: + description: + log.message.downconversion.enable This configuration + controls whether down-conversion of message formats is enabled + to satisfy consume requests. + type: boolean + log_message_timestamp_difference_max_ms: + description: + log.message.timestamp.difference.max.ms The maximum + difference allowed between the timestamp when a broker receives + a message and the timestamp specified in the message + format: int64 + minimum: 0 + type: integer + log_message_timestamp_type: + description: + log.message.timestamp.type Define whether the + timestamp in the message is message create time or log append + time. + enum: + - CreateTime + - LogAppendTime + type: string + log_preallocate: + description: + log.preallocate Should pre allocate file when + create new segment? + type: boolean + log_retention_bytes: + description: + log.retention.bytes The maximum size of the log + before deleting messages + format: int64 + type: integer + log_retention_hours: + description: + log.retention.hours The number of hours to keep + a log file before deleting it + format: int64 + maximum: 2147483647 + type: integer + log_retention_ms: + description: + log.retention.ms The number of milliseconds to + keep a log file before deleting it (in milliseconds), If + not set, the value in log.retention.minutes is used. If + set to -1, no time limit is applied. + format: int64 + type: integer + log_roll_jitter_ms: + description: + log.roll.jitter.ms The maximum jitter to subtract + from logRollTimeMillis (in milliseconds). If not set, the + value in log.roll.jitter.hours is used + format: int64 + minimum: 0 + type: integer + log_roll_ms: + description: + log.roll.ms The maximum time before a new log + segment is rolled out (in milliseconds). + format: int64 + minimum: 1 + type: integer + log_segment_bytes: + description: + log.segment.bytes The maximum size of a single + log file + format: int64 + maximum: 1073741824 + minimum: 10485760 + type: integer + log_segment_delete_delay_ms: + description: + log.segment.delete.delay.ms The amount of time + to wait before deleting a file from the filesystem + format: int64 + maximum: 3600000 + minimum: 0 + type: integer + max_connections_per_ip: + description: + max.connections.per.ip The maximum number of + connections allowed from each ip address (defaults to 2147483647). + format: int64 + maximum: 2147483647 + minimum: 256 + type: integer + max_incremental_fetch_session_cache_slots: + description: + max.incremental.fetch.session.cache.slots The + maximum number of incremental fetch sessions that the broker + will maintain. + format: int64 + maximum: 10000 + minimum: 1000 + type: integer + message_max_bytes: + description: + message.max.bytes The maximum size of message + that the server can receive. + format: int64 + maximum: 100001200 + minimum: 0 + type: integer + min_insync_replicas: + description: + min.insync.replicas When a producer sets acks + to 'all' (or '-1'), min.insync.replicas specifies the minimum + number of replicas that must acknowledge a write for the + write to be considered successful. + format: int64 + maximum: 7 + minimum: 1 + type: integer + num_partitions: + description: + num.partitions Number of partitions for autocreated + topics + format: int64 + maximum: 1000 + minimum: 1 + type: integer + offsets_retention_minutes: + description: + offsets.retention.minutes Log retention window + in minutes for offsets topic + format: int64 + maximum: 2147483647 + minimum: 1 + type: integer + producer_purgatory_purge_interval_requests: + description: + producer.purgatory.purge.interval.requests The + purge interval (in number of requests) of the producer request + purgatory(defaults to 1000). + format: int64 + maximum: 10000 + minimum: 10 + type: integer + replica_fetch_max_bytes: + description: + replica.fetch.max.bytes The number of bytes of + messages to attempt to fetch for each partition (defaults + to 1048576). This is not an absolute maximum, if the first + record batch in the first non-empty partition of the fetch + is larger than this value, the record batch will still be + returned to ensure that progress can be made. + format: int64 + maximum: 104857600 + minimum: 1048576 + type: integer + replica_fetch_response_max_bytes: + description: + replica.fetch.response.max.bytes Maximum bytes + expected for the entire fetch response (defaults to 10485760). + Records are fetched in batches, and if the first record + batch in the first non-empty partition of the fetch is larger + than this value, the record batch will still be returned + to ensure that progress can be made. As such, this is not + an absolute maximum. + format: int64 + maximum: 1048576000 + minimum: 10485760 + type: integer + socket_request_max_bytes: + description: + socket.request.max.bytes The maximum number of + bytes in a socket request (defaults to 104857600). + format: int64 + maximum: 209715200 + minimum: 10485760 + type: integer + type: object + kafka_authentication_methods: + description: Kafka authentication methods + properties: + certificate: + description: Enable certificate/SSL authentication + type: boolean + sasl: + description: Enable SASL authentication + type: boolean + type: object + kafka_connect: + description: Enable Kafka Connect service + type: boolean + kafka_connect_user_config: + description: Kafka Connect configuration values + properties: + connector_client_config_override_policy: + description: + Client config override policy Defines what client + configurations can be overridden by the connector. Default + is None + enum: + - None + - All + type: string + consumer_auto_offset_reset: + description: + Consumer auto offset reset What to do when there + is no initial offset in Kafka or if the current offset does + not exist any more on the server. Default is earliest + enum: + - earliest + - latest + type: string + consumer_fetch_max_bytes: + description: + The maximum amount of data the server should + return for a fetch request Records are fetched in batches + by the consumer, and if the first record batch in the first + non-empty partition of the fetch is larger than this value, + the record batch will still be returned to ensure that the + consumer can make progress. As such, this is not a absolute + maximum. + format: int64 + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_isolation_level: + description: + Consumer isolation level Transaction read isolation + level. read_uncommitted is the default, but read_committed + can be used if consume-exactly-once behavior is desired. + enum: + - read_uncommitted + - read_committed + type: string + consumer_max_partition_fetch_bytes: + description: + The maximum amount of data per-partition the + server will return. Records are fetched in batches by the + consumer.If the first record batch in the first non-empty + partition of the fetch is larger than this limit, the batch + will still be returned to ensure that the consumer can make + progress. + format: int64 + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_max_poll_interval_ms: + description: + The maximum delay between polls when using consumer + group management The maximum delay in milliseconds between + invocations of poll() when using consumer group management + (defaults to 300000). + format: int64 + maximum: 2147483647 + minimum: 1 + type: integer + consumer_max_poll_records: + description: + The maximum number of records returned by a single + poll The maximum number of records returned in a single + call to poll() (defaults to 500). + format: int64 + maximum: 10000 + minimum: 1 + type: integer + offset_flush_interval_ms: + description: + The interval at which to try committing offsets + for tasks The interval at which to try committing offsets + for tasks (defaults to 60000). + format: int64 + maximum: 100000000 + minimum: 1 + type: integer + offset_flush_timeout_ms: + description: + Offset flush timeout Maximum number of milliseconds + to wait for records to flush and partition offset data to + be committed to offset storage before cancelling the process + and restoring the offset data to be committed in a future + attempt (defaults to 5000). + format: int64 + maximum: 2147483647 + minimum: 1 + type: integer + producer_max_request_size: + description: + The maximum size of a request in bytes This setting + will limit the number of record batches the producer will + send in a single request to avoid sending huge requests. + format: int64 + maximum: 10485760 + minimum: 131072 + type: integer + session_timeout_ms: + description: + The timeout used to detect failures when using + Kafka’s group management facilities The timeout in milliseconds + used to detect failures when using Kafka’s group management + facilities (defaults to 10000). + format: int64 + maximum: 2147483647 + minimum: 1 + type: integer + type: object + kafka_rest: + description: Enable Kafka-REST service + type: boolean + kafka_rest_config: + description: Kafka REST configuration + properties: + consumer_enable_auto_commit: + description: + consumer.enable.auto.commit If true the consumer's + offset will be periodically committed to Kafka in the background + type: boolean + consumer_request_max_bytes: + description: + consumer.request.max.bytes Maximum number of + bytes in unencoded message keys and values by a single request + format: int64 + maximum: 671088640 + minimum: 0 + type: integer + consumer_request_timeout_ms: + description: + consumer.request.timeout.ms The maximum total + time to wait for messages for a request if the maximum number + of messages has not yet been reached + enum: + - 1000 + - 15000 + - 30000 + format: int64 + maximum: 30000 + minimum: 1000 + type: integer + custom_domain: + description: + Custom domain Serve the web frontend using a + custom CNAME pointing to the Aiven DNS name + maxLength: 255 + type: string + producer_acks: + description: + producer.acks The number of acknowledgments the + producer requires the leader to have received before considering + a request complete. If set to 'all' or '-1', the leader + will wait for the full set of in-sync replicas to acknowledge + the record. + enum: + - all + - -1 + - 0 + - 1 + type: string + producer_linger_ms: + description: + producer.linger.ms Wait for up to the given delay + to allow batching records together + format: int64 + maximum: 5000 + minimum: 0 + type: integer + public_access: + description: + Allow access to selected service ports from the + public Internet + properties: + kafka: + description: + Allow clients to connect to kafka from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + kafka_connect: + description: + Allow clients to connect to kafka_connect + from the public internet for service nodes that are + in a project VPC or another type of private network + type: boolean + kafka_rest: + description: + Allow clients to connect to kafka_rest from + the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from + the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + schema_registry: + description: + Allow clients to connect to schema_registry + from the public internet for service nodes that are + in a project VPC or another type of private network + type: boolean + type: object + simpleconsumer_pool_size_max: + description: + simpleconsumer.pool.size.max Maximum number of + SimpleConsumers that can be instantiated per broker + format: int64 + maximum: 250 + minimum: 10 + type: integer + type: object + kafka_version: + description: Kafka major version + type: string + private_access: + description: + Allow access to selected service ports from private + networks + properties: + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + schema_registry: + description: Enable Schema-Registry service + type: boolean + schema_registry_config: + description: Schema Registry configuration + properties: + leader_eligibility: + description: + leader_eligibility If true, Karapace / Schema + Registry on the service nodes can participate in leader + election. It might be needed to disable this when the schemas + topic is replicated to a secondary cluster and Karapace + / Schema Registry there must not participate in leader election. + Defaults to 'true'. + type: boolean + topic_name: + description: + topic_name The durable single partition topic + that acts as the durable log for the data. This topic must + be compacted to avoid losing data due to retention policy. + Please note that changing this configuration in an existing + Schema Registry / Karapace setup leads to previous schemas + being inaccessible, data encoded with them potentially unreadable + and schema ID sequence put out of order. It's only possible + to do the switch while Schema Registry / Karapace is disabled. + Defaults to '_schemas'. + maxLength: 249 + type: string + type: object + type: object + required: + - authSecretRef + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" properties: - connector_client_config_override_policy: - description: Client config override policy Defines what client - configurations can be overridden by the connector. Default - is None - enum: - - None - - All - type: string - consumer_auto_offset_reset: - description: Consumer auto offset reset What to do when there - is no initial offset in Kafka or if the current offset does - not exist any more on the server. Default is earliest - enum: - - earliest - - latest + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - consumer_fetch_max_bytes: - description: The maximum amount of data the server should - return for a fetch request Records are fetched in batches - by the consumer, and if the first record batch in the first - non-empty partition of the fetch is larger than this value, - the record batch will still be returned to ensure that the - consumer can make progress. As such, this is not a absolute - maximum. - format: int64 - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_isolation_level: - description: Consumer isolation level Transaction read isolation - level. read_uncommitted is the default, but read_committed - can be used if consume-exactly-once behavior is desired. - enum: - - read_uncommitted - - read_committed + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - consumer_max_partition_fetch_bytes: - description: The maximum amount of data per-partition the - server will return. Records are fetched in batches by the - consumer.If the first record batch in the first non-empty - partition of the fetch is larger than this limit, the batch - will still be returned to ensure that the consumer can make - progress. - format: int64 - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_max_poll_interval_ms: - description: The maximum delay between polls when using consumer - group management The maximum delay in milliseconds between - invocations of poll() when using consumer group management - (defaults to 300000). - format: int64 - maximum: 2147483647 - minimum: 1 - type: integer - consumer_max_poll_records: - description: The maximum number of records returned by a single - poll The maximum number of records returned in a single - call to poll() (defaults to 500). - format: int64 - maximum: 10000 - minimum: 1 - type: integer - offset_flush_interval_ms: - description: The interval at which to try committing offsets - for tasks The interval at which to try committing offsets - for tasks (defaults to 60000). - format: int64 - maximum: 100000000 - minimum: 1 - type: integer - offset_flush_timeout_ms: - description: Offset flush timeout Maximum number of milliseconds - to wait for records to flush and partition offset data to - be committed to offset storage before cancelling the process - and restoring the offset data to be committed in a future - attempt (defaults to 5000). - format: int64 - maximum: 2147483647 - minimum: 1 - type: integer - producer_max_request_size: - description: The maximum size of a request in bytes This setting - will limit the number of record batches the producer will - send in a single request to avoid sending huge requests. - format: int64 - maximum: 10485760 - minimum: 131072 - type: integer - session_timeout_ms: - description: The timeout used to detect failures when using - Kafka’s group management facilities The timeout in milliseconds - used to detect failures when using Kafka’s group management - facilities (defaults to 10000). + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. format: int64 - maximum: 2147483647 - minimum: 1 - type: integer - type: object - kafka_rest: - description: Enable Kafka-REST service - type: boolean - kafka_rest_config: - description: Kafka REST configuration - properties: - consumer_enable_auto_commit: - description: consumer.enable.auto.commit If true the consumer's - offset will be periodically committed to Kafka in the background - type: boolean - consumer_request_max_bytes: - description: consumer.request.max.bytes Maximum number of - bytes in unencoded message keys and values by a single request - format: int64 - maximum: 671088640 minimum: 0 type: integer - consumer_request_timeout_ms: - description: consumer.request.timeout.ms The maximum total - time to wait for messages for a request if the maximum number - of messages has not yet been reached - enum: - - 1000 - - 15000 - - 30000 - format: int64 - maximum: 30000 - minimum: 1000 - type: integer - custom_domain: - description: Custom domain Serve the web frontend using a - custom CNAME pointing to the Aiven DNS name - maxLength: 255 + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - producer_acks: - description: producer.acks The number of acknowledgments the - producer requires the leader to have received before considering - a request complete. If set to 'all' or '-1', the leader - will wait for the full set of in-sync replicas to acknowledge - the record. + status: + description: status of the condition, one of True, False, Unknown. enum: - - all - - -1 - - 0 - - 1 + - "True" + - "False" + - Unknown type: string - producer_linger_ms: - description: producer.linger.ms Wait for up to the given delay - to allow batching records together - format: int64 - maximum: 5000 - minimum: 0 - type: integer - public_access: - description: Allow access to selected service ports from the - public Internet - properties: - kafka: - description: Allow clients to connect to kafka from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - kafka_connect: - description: Allow clients to connect to kafka_connect - from the public internet for service nodes that are - in a project VPC or another type of private network - type: boolean - kafka_rest: - description: Allow clients to connect to kafka_rest from - the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from - the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - schema_registry: - description: Allow clients to connect to schema_registry - from the public internet for service nodes that are - in a project VPC or another type of private network - type: boolean - type: object - simpleconsumer_pool_size_max: - description: simpleconsumer.pool.size.max Maximum number of - SimpleConsumers that can be instantiated per broker - format: int64 - maximum: 250 - minimum: 10 - type: integer - type: object - kafka_version: - description: Kafka major version - type: string - private_access: - description: Allow access to selected service ports from private - networks - properties: - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - schema_registry: - description: Enable Schema-Registry service - type: boolean - schema_registry_config: - description: Schema Registry configuration - properties: - leader_eligibility: - description: leader_eligibility If true, Karapace / Schema - Registry on the service nodes can participate in leader - election. It might be needed to disable this when the schemas - topic is replicated to a secondary cluster and Karapace - / Schema Registry there must not participate in leader election. - Defaults to 'true'. - type: boolean - topic_name: - description: topic_name The durable single partition topic - that acts as the durable log for the data. This topic must - be compacted to avoid losing data due to retention policy. - Please note that changing this configuration in an existing - Schema Registry / Karapace setup leads to previous schemas - being inaccessible, data encoded with them potentially unreadable - and schema ID sequence put out of order. It's only possible - to do the switch while Schema Registry / Karapace is disabled. - Defaults to '_schemas'. - maxLength: 249 + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - type: object - required: - - authSecretRef - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - required: - - conditions - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + required: + - conditions + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -2075,176 +2263,186 @@ spec: singular: kafkaschema scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.subjectName - name: Subject - type: string - - jsonPath: .spec.compatibilityLevel - name: Compatibility Level - type: string - - jsonPath: .status.version - name: Version - type: number - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaSchema is the Schema for the kafkaschemas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaSchemaSpec defines the desired state of KafkaSchema - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - compatibilityLevel: - description: Kafka Schemas compatibility level - enum: - - BACKWARD - - BACKWARD_TRANSITIVE - - FORWARD - - FORWARD_TRANSITIVE - - FULL - - FULL_TRANSITIVE - - NONE - type: string - project: - description: Project to link the Kafka Schema to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - schema: - description: Kafka Schema configuration should be a valid Avro Schema - JSON format - type: string - serviceName: - description: Service to link the Kafka Schema to - maxLength: 63 - type: string - subjectName: - description: Kafka Schema Subject name - maxLength: 63 - type: string - required: - - authSecretRef - - project - - schema - - serviceName - - subjectName - type: object - status: - description: KafkaSchemaStatus defines the observed state of KafkaSchema - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaSchema state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.subjectName + name: Subject + type: string + - jsonPath: .spec.compatibilityLevel + name: Compatibility Level + type: string + - jsonPath: .status.version + name: Version + type: number + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaSchema is the Schema for the kafkaschemas API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaSchemaSpec defines the desired state of KafkaSchema + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - version: - description: Kafka Schema configuration version - type: integer - required: - - conditions - - version - type: object - type: object - served: true - storage: true - subresources: - status: {} + compatibilityLevel: + description: Kafka Schemas compatibility level + enum: + - BACKWARD + - BACKWARD_TRANSITIVE + - FORWARD + - FORWARD_TRANSITIVE + - FULL + - FULL_TRANSITIVE + - NONE + type: string + project: + description: Project to link the Kafka Schema to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + schema: + description: + Kafka Schema configuration should be a valid Avro Schema + JSON format + type: string + serviceName: + description: Service to link the Kafka Schema to + maxLength: 63 + type: string + subjectName: + description: Kafka Schema Subject name + maxLength: 63 + type: string + required: + - authSecretRef + - project + - schema + - serviceName + - subjectName + type: object + status: + description: KafkaSchemaStatus defines the observed state of KafkaSchema + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaSchema state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + version: + description: Kafka Schema configuration version + type: integer + required: + - conditions + - version + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -2269,272 +2467,282 @@ spec: singular: kafkatopic scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.partitions - name: Partitions - type: string - - jsonPath: .spec.replication - name: Replication - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaTopic is the Schema for the kafkatopics API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaTopicSpec defines the desired state of KafkaTopic - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - config: - description: Kafka topic configuration - properties: - cleanup_policy: - description: cleanup.policy value - type: string - compression_type: - description: compression.type value - type: string - delete_retention_ms: - description: delete.retention.ms value - format: int64 - type: integer - file_delete_delay_ms: - description: file.delete.delay.ms value - format: int64 - type: integer - flush_messages: - description: flush.messages value - format: int64 - type: integer - flush_ms: - description: flush.ms value - format: int64 - type: integer - index_interval_bytes: - description: index.interval.bytes value - format: int64 - type: integer - max_compaction_lag_ms: - description: max.compaction.lag.ms value - format: int64 - type: integer - max_message_bytes: - description: max.message.bytes value - format: int64 - type: integer - message_downconversion_enable: - description: message.downconversion.enable value - type: boolean - message_format_version: - description: message.format.version value - type: string - message_timestamp_difference_max_ms: - description: message.timestamp.difference.max.ms value - format: int64 - type: integer - message_timestamp_type: - description: message.timestamp.type value - type: string - min_compaction_lag_ms: - description: min.compaction.lag.ms value - format: int64 - type: integer - min_insync_replicas: - description: min.insync.replicas value - format: int64 - type: integer - preallocate: - description: preallocate value - type: boolean - retention_bytes: - description: retention.bytes value - format: int64 - type: integer - retention_ms: - description: retention.ms value - format: int64 - type: integer - segment_bytes: - description: segment.bytes value - format: int64 - type: integer - segment_index_bytes: - description: segment.index.bytes value - format: int64 - type: integer - segment_jitter_ms: - description: segment.jitter.ms value - format: int64 - type: integer - segment_ms: - description: segment.ms value - format: int64 - type: integer - type: object - partitions: - description: Number of partitions to create in the topic - maximum: 1000000 - minimum: 1 - type: integer - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - replication: - description: Replication factor for the topic - minimum: 2 - type: integer - serviceName: - description: Service name. - maxLength: 63 - type: string - tags: - description: Kafka topic tags - items: + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.partitions + name: Partitions + type: string + - jsonPath: .spec.replication + name: Replication + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaTopic is the Schema for the kafkatopics API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaTopicSpec defines the desired state of KafkaTopic + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: key: - format: ^[a-zA-Z0-9_-]*$ - maxLength: 64 minLength: 1 type: string - value: - format: ^[a-zA-Z0-9_-]*$ - maxLength: 256 + name: + minLength: 1 type: string required: - - key + - key + - name type: object - type: array - termination_protection: - description: It is a Kubernetes side deletion protections, which prevents - the kafka topic from being deleted by Kubernetes. It is recommended - to enable this for any production databases containing critical - data. - type: boolean - required: - - authSecretRef - - partitions - - project - - replication - - serviceName - type: object - status: - description: KafkaTopicStatus defines the observed state of KafkaTopic - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaTopic state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + config: + description: Kafka topic configuration properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + cleanup_policy: + description: cleanup.policy value type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + compression_type: + description: compression.type value type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + delete_retention_ms: + description: delete.retention.ms value format: int64 - minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + file_delete_delay_ms: + description: file.delete.delay.ms value + format: int64 + type: integer + flush_messages: + description: flush.messages value + format: int64 + type: integer + flush_ms: + description: flush.ms value + format: int64 + type: integer + index_interval_bytes: + description: index.interval.bytes value + format: int64 + type: integer + max_compaction_lag_ms: + description: max.compaction.lag.ms value + format: int64 + type: integer + max_message_bytes: + description: max.message.bytes value + format: int64 + type: integer + message_downconversion_enable: + description: message.downconversion.enable value + type: boolean + message_format_version: + description: message.format.version value type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + message_timestamp_difference_max_ms: + description: message.timestamp.difference.max.ms value + format: int64 + type: integer + message_timestamp_type: + description: message.timestamp.type value type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + min_compaction_lag_ms: + description: min.compaction.lag.ms value + format: int64 + type: integer + min_insync_replicas: + description: min.insync.replicas value + format: int64 + type: integer + preallocate: + description: preallocate value + type: boolean + retention_bytes: + description: retention.bytes value + format: int64 + type: integer + retention_ms: + description: retention.ms value + format: int64 + type: integer + segment_bytes: + description: segment.bytes value + format: int64 + type: integer + segment_index_bytes: + description: segment.index.bytes value + format: int64 + type: integer + segment_jitter_ms: + description: segment.jitter.ms value + format: int64 + type: integer + segment_ms: + description: segment.ms value + format: int64 + type: integer type: object - type: array - state: - description: State represents the state of the kafka topic - type: string - required: - - conditions - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + partitions: + description: Number of partitions to create in the topic + maximum: 1000000 + minimum: 1 + type: integer + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + replication: + description: Replication factor for the topic + minimum: 2 + type: integer + serviceName: + description: Service name. + maxLength: 63 + type: string + tags: + description: Kafka topic tags + items: + properties: + key: + format: ^[a-zA-Z0-9_-]*$ + maxLength: 64 + minLength: 1 + type: string + value: + format: ^[a-zA-Z0-9_-]*$ + maxLength: 256 + type: string + required: + - key + type: object + type: array + termination_protection: + description: + It is a Kubernetes side deletion protections, which prevents + the kafka topic from being deleted by Kubernetes. It is recommended + to enable this for any production databases containing critical + data. + type: boolean + required: + - authSecretRef + - partitions + - project + - replication + - serviceName + type: object + status: + description: KafkaTopicStatus defines the observed state of KafkaTopic + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaTopic state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: State represents the state of the kafka topic + type: string + required: + - conditions + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -2559,216 +2767,228 @@ spec: singular: project scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Project is the Schema for the projects API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ProjectSpec defines the desired state of Project - properties: - accountId: - description: Account ID - maxLength: 32 - type: string - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - billingAddress: - description: Billing name and address of the project - maxLength: 1000 - type: string - billingCurrency: - description: Billing currency - enum: - - AUD - - CAD - - CHF - - DKK - - EUR - - GBP - - NOK - - SEK - - USD - type: string - billingEmails: - description: Billing contact emails of the project - items: - type: string - maxItems: 10 - type: array - billingExtraText: - description: Extra text to be included in all project invoices, e.g. - purchase order or cost center number - maxLength: 1000 - type: string - billingGroupId: - description: BillingGroup ID - maxLength: 36 - minLength: 36 - type: string - cardId: - description: Credit card ID; The ID may be either last 4 digits of - the card or the actual ID - maxLength: 64 - type: string - cloud: - description: 'Target cloud, example: aws-eu-central-1' - maxLength: 256 - type: string - connInfoSecretTarget: - description: Information regarding secret creation - properties: - name: - description: Name of the Secret resource to be created - type: string - required: - - name - type: object - copyFromProject: - description: Project name from which to copy settings to the new project - maxLength: 63 - type: string - countryCode: - description: Billing country code of the project - maxLength: 2 - minLength: 2 - type: string - tags: - additionalProperties: - type: string - description: Tags are key-value pairs that allow you to categorize - projects - type: object - technicalEmails: - description: Technical contact emails of the project - items: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Project is the Schema for the projects API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ProjectSpec defines the desired state of Project + properties: + accountId: + description: Account ID + maxLength: 32 type: string - maxItems: 10 - type: array - required: - - authSecretRef - type: object - status: - description: ProjectStatus defines the observed state of Project - properties: - availableCredits: - description: Available credirs - type: string - conditions: - description: Conditions represent the latest available observations - of an Project state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + name: + minLength: 1 type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + required: + - key + - name + type: object + billingAddress: + description: Billing name and address of the project + maxLength: 1000 + type: string + billingCurrency: + description: Billing currency + enum: + - AUD + - CAD + - CHF + - DKK + - EUR + - GBP + - NOK + - SEK + - USD + type: string + billingEmails: + description: Billing contact emails of the project + items: + type: string + maxItems: 10 + type: array + billingExtraText: + description: + Extra text to be included in all project invoices, e.g. + purchase order or cost center number + maxLength: 1000 + type: string + billingGroupId: + description: BillingGroup ID + maxLength: 36 + minLength: 36 + type: string + cardId: + description: + Credit card ID; The ID may be either last 4 digits of + the card or the actual ID + maxLength: 64 + type: string + cloud: + description: "Target cloud, example: aws-eu-central-1" + maxLength: 256 + type: string + connInfoSecretTarget: + description: Information regarding secret creation + properties: + name: + description: Name of the Secret resource to be created type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name type: object - type: array - country: - description: Country name - type: string - estimatedBalance: - description: Estimated balance - type: string - paymentMethod: - description: Payment method name - type: string - vatId: - description: EU VAT Identification Number - maxLength: 64 - type: string - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + copyFromProject: + description: Project name from which to copy settings to the new project + maxLength: 63 + type: string + countryCode: + description: Billing country code of the project + maxLength: 2 + minLength: 2 + type: string + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + projects + type: object + technicalEmails: + description: Technical contact emails of the project + items: + type: string + maxItems: 10 + type: array + required: + - authSecretRef + type: object + status: + description: ProjectStatus defines the observed state of Project + properties: + availableCredits: + description: Available credirs + type: string + conditions: + description: + Conditions represent the latest available observations + of an Project state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + country: + description: Country name + type: string + estimatedBalance: + description: Estimated balance + type: string + paymentMethod: + description: Payment method name + type: string + vatId: + description: EU VAT Identification Number + maxLength: 64 + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -2793,161 +3013,170 @@ spec: singular: projectvpc scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Cloud - type: string - - jsonPath: .spec.networkCidr - name: Network CIDR - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ProjectVPC is the Schema for the projectvpcs API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ProjectVPCSpec defines the desired state of ProjectVPC - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the VPC is in - maxLength: 256 - type: string - networkCidr: - description: Network address range used by the VPC like 192.168.0.0/24 - maxLength: 36 - type: string - project: - description: The project the VPC belongs to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - required: - - authSecretRef - - cloudName - - networkCidr - - project - type: object - status: - description: ProjectVPCStatus defines the observed state of ProjectVPC - properties: - conditions: - description: Conditions represent the latest available observations - of an ProjectVPC state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Cloud + type: string + - jsonPath: .spec.networkCidr + name: Network CIDR + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ProjectVPC is the Schema for the projectvpcs API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ProjectVPCSpec defines the desired state of ProjectVPC + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - id: - description: Project VPC id - type: string - state: - description: State of VPC - type: string - required: - - conditions - - id - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + cloudName: + description: Cloud the VPC is in + maxLength: 256 + type: string + networkCidr: + description: Network address range used by the VPC like 192.168.0.0/24 + maxLength: 36 + type: string + project: + description: The project the VPC belongs to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + required: + - authSecretRef + - cloudName + - networkCidr + - project + type: object + status: + description: ProjectVPCStatus defines the observed state of ProjectVPC + properties: + conditions: + description: + Conditions represent the latest available observations + of an ProjectVPC state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + id: + description: Project VPC id + type: string + state: + description: State of VPC + type: string + required: + - conditions + - id + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" diff --git a/config/crd/bases/aiven.io_databases.yaml b/config/crd/bases/aiven.io_databases.yaml index 8a25500c..eb5e09e0 100644 --- a/config/crd/bases/aiven.io_databases.yaml +++ b/config/crd/bases/aiven.io_databases.yaml @@ -15,153 +15,165 @@ spec: singular: database scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Database is the Schema for the databases API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DatabaseSpec defines the desired state of Database - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - lcCollate: - description: 'Default string sort order (LC_COLLATE) of the database. - Default value: en_US.UTF-8' - maxLength: 128 - type: string - lcCtype: - description: 'Default character classification (LC_CTYPE) of the database. - Default value: en_US.UTF-8' - maxLength: 128 - type: string - project: - description: Project to link the database to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: PostgreSQL service to link the database to - maxLength: 63 - type: string - terminationProtection: - description: It is a Kubernetes side deletion protections, which prevents - the database from being deleted by Kubernetes. It is recommended - to enable this for any production databases containing critical - data. - type: boolean - required: - - project - - serviceName - type: object - status: - description: DatabaseStatus defines the observed state of Database - properties: - conditions: - description: Conditions represent the latest available observations - of an Database state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Database is the Schema for the databases API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: DatabaseSpec defines the desired state of Database + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + lcCollate: + description: + "Default string sort order (LC_COLLATE) of the database. + Default value: en_US.UTF-8" + maxLength: 128 + type: string + lcCtype: + description: + "Default character classification (LC_CTYPE) of the database. + Default value: en_US.UTF-8" + maxLength: 128 + type: string + project: + description: Project to link the database to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: PostgreSQL service to link the database to + maxLength: 63 + type: string + terminationProtection: + description: + It is a Kubernetes side deletion protections, which prevents + the database from being deleted by Kubernetes. It is recommended + to enable this for any production databases containing critical + data. + type: boolean + required: + - project + - serviceName + type: object + status: + description: DatabaseStatus defines the observed state of Database + properties: + conditions: + description: + Conditions represent the latest available observations + of an Database state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_grafanas.yaml b/config/crd/bases/aiven.io_grafanas.yaml index 7a9247f9..17a7362e 100644 --- a/config/crd/bases/aiven.io_grafanas.yaml +++ b/config/crd/bases/aiven.io_grafanas.yaml @@ -15,799 +15,869 @@ spec: singular: grafana scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Grafana is the Schema for the grafanas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: GrafanaSpec defines the desired state of Grafana - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, - `GRAFANA_URI`, `GRAFANA_HOSTS`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Grafana is the Schema for the grafanas API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: GrafanaSpec defines the desired state of Grafana + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Cassandra specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: - type: string - maxItems: 1 - type: array - alerting_enabled: - description: Enable or disable Grafana legacy alerting functionality. - This should not be enabled with unified_alerting_enabled. - type: boolean - alerting_error_or_timeout: - description: Default error or timeout setting for new alerting - rules - enum: - - alerting - - keep_state - type: string - alerting_max_annotations_to_keep: - description: Max number of alert annotations that Grafana stores. - 0 (default) keeps all alert annotations. - maximum: 1000000 - minimum: 0 - type: integer - alerting_nodata_or_nullvalues: - description: Default value for 'no data or null values' for new - alerting rules - enum: - - alerting - - no_data - - keep_state - - ok - type: string - allow_embedding: - description: Allow embedding Grafana dashboards with iframe/frame/object/embed - tags. Disabled by default to limit impact of clickjacking - type: boolean - auth_azuread: - description: Azure AD OAuth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Allowed domains - items: - type: string - maxItems: 50 - type: array - allowed_groups: - description: Require users to belong to one of given groups - items: - type: string - maxItems: 50 - type: array - auth_url: - description: Authorization URL - maxLength: 2048 - type: string - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - token_url: - description: Token URL - maxLength: 2048 - type: string - required: - - auth_url - - client_id - - client_secret - - token_url - type: object - auth_basic_enabled: - description: Enable or disable basic authentication form, used - by Grafana built-in login - type: boolean - auth_generic_oauth: - description: Generic OAuth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Allowed domains - items: - type: string - maxItems: 50 - type: array - allowed_organizations: - description: Require user to be member of one of the listed - organizations - items: - type: string - maxItems: 50 - type: array - api_url: - description: API URL - maxLength: 2048 - type: string - auth_url: - description: Authorization URL - maxLength: 2048 - type: string - auto_login: - description: Allow users to bypass the login screen and automatically - log in - type: boolean - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - name: - description: Name of the OAuth integration - maxLength: 128 - pattern: ^[a-zA-Z0-9_\- ]+$ - type: string - scopes: - description: OAuth scopes - items: - type: string - maxItems: 50 - type: array - token_url: - description: Token URL - maxLength: 2048 - type: string - required: - - api_url - - auth_url - - client_id - - client_secret - - token_url - type: object - auth_github: - description: Github Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_organizations: - description: Require users to belong to one of given organizations - items: - type: string - maxItems: 50 - type: array - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - team_ids: - description: Require users to belong to one of given team - IDs - items: - type: integer - maxItems: 50 - type: array - required: - - client_id - - client_secret - type: object - auth_gitlab: - description: GitLab Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_groups: - description: Require users to belong to one of given groups - items: - type: string - maxItems: 50 - type: array - api_url: - description: API URL. This only needs to be set when using - self hosted GitLab - maxLength: 2048 - type: string - auth_url: - description: Authorization URL. This only needs to be set - when using self hosted GitLab - maxLength: 2048 - type: string - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - token_url: - description: Token URL. This only needs to be set when using - self hosted GitLab - maxLength: 2048 - type: string - required: - - allowed_groups - - client_id - - client_secret - type: object - auth_google: - description: Google Auth integration - properties: - allow_sign_up: - description: Automatically sign-up users on successful sign-in - type: boolean - allowed_domains: - description: Domains allowed to sign-in to this Grafana - items: - type: string - maxItems: 64 - type: array - client_id: - description: Client ID from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - client_secret: - description: Client secret from provider - maxLength: 1024 - pattern: ^[\040-\176]+$ - type: string - required: - - allowed_domains - - client_id - - client_secret - type: object - cookie_samesite: - description: 'Cookie SameSite attribute: ''strict'' prevents sending - cookie for cross-site requests, effectively disabling direct - linking from other sites to Grafana. ''lax'' is the default - value.' - enum: - - lax - - strict - - none - type: string - custom_domain: - description: Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 - type: string - dashboard_previews_enabled: - description: This feature is new in Grafana 9 and is quite resource - intensive. It may cause low-end plans to work more slowly while - the dashboard previews are rendering. - type: boolean - dashboards_min_refresh_interval: - description: Signed sequence of decimal numbers, followed by a - unit suffix (ms, s, m, h, d), e.g. 30s, 1h - maxLength: 16 - pattern: ^[0-9]+(ms|s|m|h|d)$ - type: string - dashboards_versions_to_keep: - description: Dashboard versions to keep per dashboard - maximum: 100 - minimum: 1 - type: integer - dataproxy_send_user_header: - description: Send 'X-Grafana-User' header to data source - type: boolean - dataproxy_timeout: - description: Timeout for data proxy requests in seconds - maximum: 90 - minimum: 15 - type: integer - date_formats: - description: Grafana date format specifications - properties: - default_timezone: - description: Default time zone for user preferences. Value - 'browser' uses browser local time zone. - maxLength: 64 - pattern: (?i)^([a-zA-Z_]+/){1,2}[a-zA-Z_-]+$|^(Etc/)?(UTC|GMT)([+-](\d){1,2})?$|^(Factory)$|^(browser)$ - type: string - full_date: - description: Moment.js style format string for cases where - full date is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_day: - description: Moment.js style format string used when a time - requiring day accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_hour: - description: Moment.js style format string used when a time - requiring hour accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_minute: - description: Moment.js style format string used when a time - requiring minute accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_month: - description: Moment.js style format string used when a time - requiring month accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' - type: string - interval_second: - description: Moment.js style format string used when a time - requiring second accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, + `GRAFANA_URI`, `GRAFANA_HOSTS`" + properties: + annotations: + additionalProperties: type: string - interval_year: - description: Moment.js style format string used when a time - requiring year accuracy is shown - maxLength: 128 - pattern: '^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: - ]?)*)$' + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: type: string - type: object - disable_gravatar: - description: Set to true to disable gravatar. Defaults to false - (gravatar is enabled) - type: boolean - editors_can_admin: - description: Editors can manage folders, teams and dashboards - created by them - type: boolean - external_image_storage: - description: External image store settings + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name + type: string + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - access_key: - description: S3 access key. Requires permissions to the S3 - bucket for the s3:PutObject and s3:PutObjectAcl actions - maxLength: 4096 - pattern: ^[A-Z0-9]+$ - type: string - bucket_url: - description: Bucket URL for S3 - maxLength: 2048 - type: string - provider: - description: Provider type + integrationType: enum: - - s3 + - read_replica type: string - secret_key: - description: S3 secret key - maxLength: 4096 - pattern: ^[A-Za-z0-9/+=]+$ + sourceServiceName: + maxLength: 64 + minLength: 1 type: string required: - - access_key - - bucket_url - - provider - - secret_key + - integrationType + - sourceServiceName type: object - google_analytics_ua_id: - description: Google Analytics ID - maxLength: 64 - pattern: ^(G|UA|YT|MO)-[a-zA-Z0-9-]+$ + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Cassandra specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + alerting_enabled: + description: + Enable or disable Grafana legacy alerting functionality. + This should not be enabled with unified_alerting_enabled. + type: boolean + alerting_error_or_timeout: + description: + Default error or timeout setting for new alerting + rules + enum: + - alerting + - keep_state + type: string + alerting_max_annotations_to_keep: + description: + Max number of alert annotations that Grafana stores. + 0 (default) keeps all alert annotations. + maximum: 1000000 + minimum: 0 + type: integer + alerting_nodata_or_nullvalues: + description: + Default value for 'no data or null values' for new + alerting rules + enum: + - alerting + - no_data + - keep_state + - ok + type: string + allow_embedding: + description: + Allow embedding Grafana dashboards with iframe/frame/object/embed + tags. Disabled by default to limit impact of clickjacking + type: boolean + auth_azuread: + description: Azure AD OAuth integration properties: - description: - description: Description for IP filter list entry + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Allowed domains + items: + type: string + maxItems: 50 + type: array + allowed_groups: + description: Require users to belong to one of given groups + items: + type: string + maxItems: 50 + type: array + auth_url: + description: Authorization URL + maxLength: 2048 + type: string + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider maxLength: 1024 + pattern: ^[\040-\176]+$ type: string - network: - description: CIDR address block - maxLength: 43 + token_url: + description: Token URL + maxLength: 2048 type: string required: - - network + - auth_url + - client_id + - client_secret + - token_url type: object - maxItems: 1024 - type: array - metrics_enabled: - description: Enable Grafana /metrics endpoint - type: boolean - oauth_allow_insecure_email_lookup: - description: Enforce user lookup based on email instead of the - unique ID provided by the IdP - type: boolean - private_access: - description: Allow access to selected service ports from private - networks - properties: - grafana: - description: Allow clients to connect to grafana with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - grafana: - description: Enable grafana - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - grafana: - description: Allow clients to connect to grafana from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ - type: string - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - smtp_server: - description: SMTP server settings + auth_basic_enabled: + description: + Enable or disable basic authentication form, used + by Grafana built-in login + type: boolean + auth_generic_oauth: + description: Generic OAuth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Allowed domains + items: + type: string + maxItems: 50 + type: array + allowed_organizations: + description: + Require user to be member of one of the listed + organizations + items: + type: string + maxItems: 50 + type: array + api_url: + description: API URL + maxLength: 2048 + type: string + auth_url: + description: Authorization URL + maxLength: 2048 + type: string + auto_login: + description: + Allow users to bypass the login screen and automatically + log in + type: boolean + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + name: + description: Name of the OAuth integration + maxLength: 128 + pattern: ^[a-zA-Z0-9_\- ]+$ + type: string + scopes: + description: OAuth scopes + items: + type: string + maxItems: 50 + type: array + token_url: + description: Token URL + maxLength: 2048 + type: string + required: + - api_url + - auth_url + - client_id + - client_secret + - token_url + type: object + auth_github: + description: Github Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_organizations: + description: Require users to belong to one of given organizations + items: + type: string + maxItems: 50 + type: array + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + team_ids: + description: + Require users to belong to one of given team + IDs + items: + type: integer + maxItems: 50 + type: array + required: + - client_id + - client_secret + type: object + auth_gitlab: + description: GitLab Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_groups: + description: Require users to belong to one of given groups + items: + type: string + maxItems: 50 + type: array + api_url: + description: + API URL. This only needs to be set when using + self hosted GitLab + maxLength: 2048 + type: string + auth_url: + description: + Authorization URL. This only needs to be set + when using self hosted GitLab + maxLength: 2048 + type: string + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + token_url: + description: + Token URL. This only needs to be set when using + self hosted GitLab + maxLength: 2048 + type: string + required: + - allowed_groups + - client_id + - client_secret + type: object + auth_google: + description: Google Auth integration + properties: + allow_sign_up: + description: Automatically sign-up users on successful sign-in + type: boolean + allowed_domains: + description: Domains allowed to sign-in to this Grafana + items: + type: string + maxItems: 64 + type: array + client_id: + description: Client ID from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + client_secret: + description: Client secret from provider + maxLength: 1024 + pattern: ^[\040-\176]+$ + type: string + required: + - allowed_domains + - client_id + - client_secret + type: object + cookie_samesite: + description: + "Cookie SameSite attribute: 'strict' prevents sending + cookie for cross-site requests, effectively disabling direct + linking from other sites to Grafana. 'lax' is the default + value." + enum: + - lax + - strict + - none + type: string + custom_domain: + description: + Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + dashboard_previews_enabled: + description: + This feature is new in Grafana 9 and is quite resource + intensive. It may cause low-end plans to work more slowly while + the dashboard previews are rendering. + type: boolean + dashboards_min_refresh_interval: + description: + Signed sequence of decimal numbers, followed by a + unit suffix (ms, s, m, h, d), e.g. 30s, 1h + maxLength: 16 + pattern: ^[0-9]+(ms|s|m|h|d)$ + type: string + dashboards_versions_to_keep: + description: Dashboard versions to keep per dashboard + maximum: 100 + minimum: 1 + type: integer + dataproxy_send_user_header: + description: Send 'X-Grafana-User' header to data source + type: boolean + dataproxy_timeout: + description: Timeout for data proxy requests in seconds + maximum: 90 + minimum: 15 + type: integer + date_formats: + description: Grafana date format specifications + properties: + default_timezone: + description: + Default time zone for user preferences. Value + 'browser' uses browser local time zone. + maxLength: 64 + pattern: (?i)^([a-zA-Z_]+/){1,2}[a-zA-Z_-]+$|^(Etc/)?(UTC|GMT)([+-](\d){1,2})?$|^(Factory)$|^(browser)$ + type: string + full_date: + description: + Moment.js style format string for cases where + full date is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_day: + description: + Moment.js style format string used when a time + requiring day accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_hour: + description: + Moment.js style format string used when a time + requiring hour accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_minute: + description: + Moment.js style format string used when a time + requiring minute accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_month: + description: + Moment.js style format string used when a time + requiring month accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_second: + description: + Moment.js style format string used when a time + requiring second accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + interval_year: + description: + Moment.js style format string used when a time + requiring year accuracy is shown + maxLength: 128 + pattern: + "^(([Hh]mm(ss)?|Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Qo?|N{1,5}|YYYYYY|YYYYY|YYYY|YY|y{2,4}|yo?|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|kk?|mm?|ss?|S{1,9}|x|X|zz?|ZZ?|LTS|LT|LL?L?L?|l{1,4}|[-+/T,;.: + ]?)*)$" + type: string + type: object + disable_gravatar: + description: + Set to true to disable gravatar. Defaults to false + (gravatar is enabled) + type: boolean + editors_can_admin: + description: + Editors can manage folders, teams and dashboards + created by them + type: boolean + external_image_storage: + description: External image store settings + properties: + access_key: + description: + S3 access key. Requires permissions to the S3 + bucket for the s3:PutObject and s3:PutObjectAcl actions + maxLength: 4096 + pattern: ^[A-Z0-9]+$ + type: string + bucket_url: + description: Bucket URL for S3 + maxLength: 2048 + type: string + provider: + description: Provider type + enum: + - s3 + type: string + secret_key: + description: S3 secret key + maxLength: 4096 + pattern: ^[A-Za-z0-9/+=]+$ + type: string + required: + - access_key + - bucket_url + - provider + - secret_key + type: object + google_analytics_ua_id: + description: Google Analytics ID + maxLength: 64 + pattern: ^(G|UA|YT|MO)-[a-zA-Z0-9-]+$ + type: string + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + metrics_enabled: + description: Enable Grafana /metrics endpoint + type: boolean + oauth_allow_insecure_email_lookup: + description: + Enforce user lookup based on email instead of the + unique ID provided by the IdP + type: boolean + private_access: + description: + Allow access to selected service ports from private + networks + properties: + grafana: + description: + Allow clients to connect to grafana with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + grafana: + description: Enable grafana + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + grafana: + description: + Allow clients to connect to grafana from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ + type: string + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + smtp_server: + description: SMTP server settings + properties: + from_address: + description: Address used for sending emails + maxLength: 319 + pattern: ^[A-Za-z0-9_\-\.+\'&]+@(([\da-zA-Z])([_\w-]{,62})\.){,127}(([\da-zA-Z])[_\w-]{,61})?([\da-zA-Z]\.((xn\-\-[a-zA-Z\d]+)|([a-zA-Z\d]{2,})))$ + type: string + from_name: + description: Name used in outgoing emails, defaults to Grafana + maxLength: 128 + pattern: ^[^\x00-\x1F]+$ + type: string + host: + description: Server hostname or IP + maxLength: 255 + type: string + password: + description: Password for SMTP authentication + maxLength: 255 + pattern: ^[^\x00-\x1F]+$ + type: string + port: + description: SMTP server port + maximum: 65535 + minimum: 1 + type: integer + skip_verify: + description: + Skip verifying server certificate. Defaults to + false + type: boolean + starttls_policy: + description: + Either OpportunisticStartTLS, MandatoryStartTLS + or NoStartTLS. Default is OpportunisticStartTLS. + enum: + - OpportunisticStartTLS + - MandatoryStartTLS + - NoStartTLS + type: string + username: + description: Username for SMTP authentication + maxLength: 255 + pattern: ^[^\x00-\x1F]+$ + type: string + required: + - from_address + - host + - port + type: object + static_ips: + description: Use static public IP addresses + type: boolean + unified_alerting_enabled: + description: + Enable or disable Grafana unified alerting functionality. + By default this is enabled and any legacy alerts will be migrated + on upgrade to Grafana 9+. To stay on legacy alerting, set unified_alerting_enabled + to false and alerting_enabled to true. See https://grafana.com/docs/grafana/latest/alerting/set-up/migrating-alerts/ + for more details. + type: boolean + user_auto_assign_org: + description: + Auto-assign new users on signup to main organization. + Defaults to false + type: boolean + user_auto_assign_org_role: + description: Set role for new signups. Defaults to Viewer + enum: + - Viewer + - Admin + - Editor + type: string + viewers_can_edit: + description: + Users with view-only permission can edit but not + save dashboards + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - from_address: - description: Address used for sending emails - maxLength: 319 - pattern: ^[A-Za-z0-9_\-\.+\'&]+@(([\da-zA-Z])([_\w-]{,62})\.){,127}(([\da-zA-Z])[_\w-]{,61})?([\da-zA-Z]\.((xn\-\-[a-zA-Z\d]+)|([a-zA-Z\d]{2,})))$ - type: string - from_name: - description: Name used in outgoing emails, defaults to Grafana - maxLength: 128 - pattern: ^[^\x00-\x1F]+$ - type: string - host: - description: Server hostname or IP - maxLength: 255 + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - password: - description: Password for SMTP authentication - maxLength: 255 - pattern: ^[^\x00-\x1F]+$ + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - port: - description: SMTP server port - maximum: 65535 - minimum: 1 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 type: integer - skip_verify: - description: Skip verifying server certificate. Defaults to - false - type: boolean - starttls_policy: - description: Either OpportunisticStartTLS, MandatoryStartTLS - or NoStartTLS. Default is OpportunisticStartTLS. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. enum: - - OpportunisticStartTLS - - MandatoryStartTLS - - NoStartTLS + - "True" + - "False" + - Unknown type: string - username: - description: Username for SMTP authentication - maxLength: 255 - pattern: ^[^\x00-\x1F]+$ + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - from_address - - host - - port + - lastTransitionTime + - message + - reason + - status + - type type: object - static_ips: - description: Use static public IP addresses - type: boolean - unified_alerting_enabled: - description: Enable or disable Grafana unified alerting functionality. - By default this is enabled and any legacy alerts will be migrated - on upgrade to Grafana 9+. To stay on legacy alerting, set unified_alerting_enabled - to false and alerting_enabled to true. See https://grafana.com/docs/grafana/latest/alerting/set-up/migrating-alerts/ - for more details. - type: boolean - user_auto_assign_org: - description: Auto-assign new users on signup to main organization. - Defaults to false - type: boolean - user_auto_assign_org_role: - description: Set role for new signups. Defaults to Viewer - enum: - - Viewer - - Admin - - Editor - type: string - viewers_can_edit: - description: Users with view-only permission can edit but not - save dashboards - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkaacls.yaml b/config/crd/bases/aiven.io_kafkaacls.yaml index 30e2e2b5..6f031472 100644 --- a/config/crd/bases/aiven.io_kafkaacls.yaml +++ b/config/crd/bases/aiven.io_kafkaacls.yaml @@ -15,167 +15,176 @@ spec: singular: kafkaacl scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.username - name: Username - type: string - - jsonPath: .spec.permission - name: Permission - type: string - - jsonPath: .spec.topic - name: Topic - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaACL is the Schema for the kafkaacls API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaACLSpec defines the desired state of KafkaACL - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - permission: - description: Kafka permission to grant (admin, read, readwrite, write) - enum: - - admin - - read - - readwrite - - write - type: string - project: - description: Project to link the Kafka ACL to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service to link the Kafka ACL to - maxLength: 63 - type: string - topic: - description: Topic name pattern for the ACL entry - type: string - username: - description: Username pattern for the ACL entry - type: string - required: - - permission - - project - - serviceName - - topic - - username - type: object - status: - description: KafkaACLStatus defines the observed state of KafkaACL - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaACL state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.username + name: Username + type: string + - jsonPath: .spec.permission + name: Permission + type: string + - jsonPath: .spec.topic + name: Topic + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaACL is the Schema for the kafkaacls API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaACLSpec defines the desired state of KafkaACL + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - id: - description: Kafka ACL ID - type: string - required: - - conditions - - id - type: object - type: object - served: true - storage: true - subresources: - status: {} + permission: + description: Kafka permission to grant (admin, read, readwrite, write) + enum: + - admin + - read + - readwrite + - write + type: string + project: + description: Project to link the Kafka ACL to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service to link the Kafka ACL to + maxLength: 63 + type: string + topic: + description: Topic name pattern for the ACL entry + type: string + username: + description: Username pattern for the ACL entry + type: string + required: + - permission + - project + - serviceName + - topic + - username + type: object + status: + description: KafkaACLStatus defines the observed state of KafkaACL + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaACL state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + id: + description: Kafka ACL ID + type: string + required: + - conditions + - id + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkaconnectors.yaml b/config/crd/bases/aiven.io_kafkaconnectors.yaml index d7b5b41f..320141aa 100644 --- a/config/crd/bases/aiven.io_kafkaconnectors.yaml +++ b/config/crd/bases/aiven.io_kafkaconnectors.yaml @@ -15,212 +15,223 @@ spec: singular: kafkaconnector scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connectorClass - name: Connector Class - type: string - - jsonPath: .status.state - name: State - type: string - - jsonPath: .status.tasksStatus.total - name: Tasks Total - type: integer - - jsonPath: .status.tasksStatus.running - name: Tasks Running - type: integer - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaConnector is the Schema for the kafkaconnectors API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaConnectorSpec defines the desired state of KafkaConnector - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - connectorClass: - description: The Java class of the connector. - maxLength: 1024 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service name. - maxLength: 63 - type: string - userConfig: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connectorClass + name: Connector Class + type: string + - jsonPath: .status.state + name: State + type: string + - jsonPath: .status.tasksStatus.total + name: Tasks Total + type: integer + - jsonPath: .status.tasksStatus.running + name: Tasks Running + type: integer + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaConnector is the Schema for the kafkaconnectors API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaConnectorSpec defines the desired state of KafkaConnector + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + connectorClass: + description: The Java class of the connector. + maxLength: 1024 type: string - description: The connector specific configuration To build config - values from secret the template function `{{ fromSecret "name" "key" - }}` is provided when interpreting the keys - type: object - required: - - connectorClass - - project - - serviceName - - userConfig - type: object - status: - description: KafkaConnectorStatus defines the observed state of KafkaConnector - properties: - conditions: - description: Conditions represent the latest available observations - of an kafka connector state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service name. + maxLength: 63 + type: string + userConfig: + additionalProperties: + type: string + description: + The connector specific configuration To build config + values from secret the template function `{{ fromSecret "name" "key" + }}` is provided when interpreting the keys + type: object + required: + - connectorClass + - project + - serviceName + - userConfig + type: object + status: + description: KafkaConnectorStatus defines the observed state of KafkaConnector + properties: + conditions: + description: + Conditions represent the latest available observations + of an kafka connector state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + pluginStatus: + description: + PluginStatus contains metadata about the configured connector + plugin properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + author: type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + class: type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + docUrl: type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + title: type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + version: type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - author + - class + - docUrl + - title + - type + - version type: object - type: array - pluginStatus: - description: PluginStatus contains metadata about the configured connector - plugin - properties: - author: - type: string - class: - type: string - docUrl: - type: string - title: - type: string - type: - type: string - version: - type: string - required: - - author - - class - - docUrl - - title - - type - - version - type: object - state: - description: Connector state - type: string - tasksStatus: - description: TasksStatus contains metadata about the running tasks - properties: - failed: - type: integer - paused: - type: integer - running: - type: integer - stackTrace: - type: string - total: - type: integer - unassigned: - type: integer - unknown: - type: integer - required: - - total - type: object - required: - - conditions - - pluginStatus - - state - - tasksStatus - type: object - type: object - served: true - storage: true - subresources: - status: {} + state: + description: Connector state + type: string + tasksStatus: + description: TasksStatus contains metadata about the running tasks + properties: + failed: + type: integer + paused: + type: integer + running: + type: integer + stackTrace: + type: string + total: + type: integer + unassigned: + type: integer + unknown: + type: integer + required: + - total + type: object + required: + - conditions + - pluginStatus + - state + - tasksStatus + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkaconnects.yaml b/config/crd/bases/aiven.io_kafkaconnects.yaml index 2abf81ff..8ff70dac 100644 --- a/config/crd/bases/aiven.io_kafkaconnects.yaml +++ b/config/crd/bases/aiven.io_kafkaconnects.yaml @@ -15,426 +15,468 @@ spec: singular: kafkaconnect scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaConnect is the Schema for the kafkaconnects API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaConnectSpec defines the desired state of KafkaConnect - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaConnect is the Schema for the kafkaconnects API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaConnectSpec defines the desired state of KafkaConnect + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: KafkaConnect specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 type: string - maxItems: 1 - type: array - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + properties: + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName + type: object + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: KafkaConnect specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: description: - description: Description for IP filter list entry - maxLength: 1024 + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + kafka_connect: + description: Kafka Connect configuration values + properties: + connector_client_config_override_policy: + description: + Defines what client configurations can be overridden + by the connector. Default is None + enum: + - None + - All + type: string + consumer_auto_offset_reset: + description: + What to do when there is no initial offset in + Kafka or if the current offset does not exist any more on + the server. Default is earliest + enum: + - earliest + - latest type: string - network: - description: CIDR address block - maxLength: 43 + consumer_fetch_max_bytes: + description: + Records are fetched in batches by the consumer, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that the consumer can make + progress. As such, this is not a absolute maximum. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_isolation_level: + description: + Transaction read isolation level. read_uncommitted + is the default, but read_committed can be used if consume-exactly-once + behavior is desired. + enum: + - read_uncommitted + - read_committed type: string - required: - - network + consumer_max_partition_fetch_bytes: + description: + Records are fetched in batches by the consumer.If + the first record batch in the first non-empty partition + of the fetch is larger than this limit, the batch will still + be returned to ensure that the consumer can make progress. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_max_poll_interval_ms: + description: + The maximum delay in milliseconds between invocations + of poll() when using consumer group management (defaults + to 300000). + maximum: 2147483647 + minimum: 1 + type: integer + consumer_max_poll_records: + description: + The maximum number of records returned in a single + call to poll() (defaults to 500). + maximum: 10000 + minimum: 1 + type: integer + offset_flush_interval_ms: + description: + The interval at which to try committing offsets + for tasks (defaults to 60000). + maximum: 100000000 + minimum: 1 + type: integer + offset_flush_timeout_ms: + description: + Maximum number of milliseconds to wait for records + to flush and partition offset data to be committed to offset + storage before cancelling the process and restoring the + offset data to be committed in a future attempt (defaults + to 5000). + maximum: 2147483647 + minimum: 1 + type: integer + producer_batch_size: + description: + This setting gives the upper bound of the batch + size to be sent. If there are fewer than this many bytes + accumulated for this partition, the producer will 'linger' + for the linger.ms time waiting for more records to show + up. A batch size of zero will disable batching entirely + (defaults to 16384). + maximum: 5242880 + minimum: 0 + type: integer + producer_buffer_memory: + description: + The total bytes of memory the producer can use + to buffer records waiting to be sent to the broker (defaults + to 33554432). + maximum: 134217728 + minimum: 5242880 + type: integer + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: + "This setting gives the upper bound on the delay + for batching: once there is batch.size worth of records + for a partition it will be sent immediately regardless of + this setting, however if there are fewer than this many + bytes accumulated for this partition the producer will 'linger' + for the specified time waiting for more records to show + up. Defaults to 0." + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: + This setting will limit the number of record + batches the producer will send in a single request to avoid + sending huge requests. + maximum: 67108864 + minimum: 131072 + type: integer + scheduled_rebalance_max_delay_ms: + description: + The maximum delay that is scheduled in order + to wait for the return of one or more departed workers before + rebalancing and reassigning their connectors and tasks to + the group. During this period the connectors and tasks of + the departed workers remain unassigned. Defaults to 5 minutes. + maximum: 600000 + minimum: 0 + type: integer + session_timeout_ms: + description: + The timeout in milliseconds used to detect failures + when using Kafka’s group management facilities (defaults + to 10000). + maximum: 2147483647 + minimum: 1 + type: integer + type: object + private_access: + description: + Allow access to selected service ports from private + networks + properties: + kafka_connect: + description: + Allow clients to connect to kafka_connect with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + jolokia: + description: Enable jolokia + type: boolean + kafka_connect: + description: Enable kafka_connect + type: boolean + prometheus: + description: Enable prometheus + type: boolean type: object - maxItems: 1024 - type: array - kafka_connect: - description: Kafka Connect configuration values + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + kafka_connect: + description: + Allow clients to connect to kafka_connect from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - connector_client_config_override_policy: - description: Defines what client configurations can be overridden - by the connector. Default is None - enum: - - None - - All - type: string - consumer_auto_offset_reset: - description: What to do when there is no initial offset in - Kafka or if the current offset does not exist any more on - the server. Default is earliest - enum: - - earliest - - latest + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - consumer_fetch_max_bytes: - description: Records are fetched in batches by the consumer, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that the consumer can make - progress. As such, this is not a absolute maximum. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_isolation_level: - description: Transaction read isolation level. read_uncommitted - is the default, but read_committed can be used if consume-exactly-once - behavior is desired. - enum: - - read_uncommitted - - read_committed + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - consumer_max_partition_fetch_bytes: - description: Records are fetched in batches by the consumer.If - the first record batch in the first non-empty partition - of the fetch is larger than this limit, the batch will still - be returned to ensure that the consumer can make progress. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_max_poll_interval_ms: - description: The maximum delay in milliseconds between invocations - of poll() when using consumer group management (defaults - to 300000). - maximum: 2147483647 - minimum: 1 - type: integer - consumer_max_poll_records: - description: The maximum number of records returned in a single - call to poll() (defaults to 500). - maximum: 10000 - minimum: 1 - type: integer - offset_flush_interval_ms: - description: The interval at which to try committing offsets - for tasks (defaults to 60000). - maximum: 100000000 - minimum: 1 - type: integer - offset_flush_timeout_ms: - description: Maximum number of milliseconds to wait for records - to flush and partition offset data to be committed to offset - storage before cancelling the process and restoring the - offset data to be committed in a future attempt (defaults - to 5000). - maximum: 2147483647 - minimum: 1 - type: integer - producer_batch_size: - description: This setting gives the upper bound of the batch - size to be sent. If there are fewer than this many bytes - accumulated for this partition, the producer will 'linger' - for the linger.ms time waiting for more records to show - up. A batch size of zero will disable batching entirely - (defaults to 16384). - maximum: 5242880 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - producer_buffer_memory: - description: The total bytes of memory the producer can use - to buffer records waiting to be sent to the broker (defaults - to 33554432). - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. enum: - - gzip - - snappy - - lz4 - - zstd - - none + - "True" + - "False" + - Unknown type: string - producer_linger_ms: - description: 'This setting gives the upper bound on the delay - for batching: once there is batch.size worth of records - for a partition it will be sent immediately regardless of - this setting, however if there are fewer than this many - bytes accumulated for this partition the producer will ''linger'' - for the specified time waiting for more records to show - up. Defaults to 0.' - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: This setting will limit the number of record - batches the producer will send in a single request to avoid - sending huge requests. - maximum: 67108864 - minimum: 131072 - type: integer - scheduled_rebalance_max_delay_ms: - description: The maximum delay that is scheduled in order - to wait for the return of one or more departed workers before - rebalancing and reassigning their connectors and tasks to - the group. During this period the connectors and tasks of - the departed workers remain unassigned. Defaults to 5 minutes. - maximum: 600000 - minimum: 0 - type: integer - session_timeout_ms: - description: The timeout in milliseconds used to detect failures - when using Kafka’s group management facilities (defaults - to 10000). - maximum: 2147483647 - minimum: 1 - type: integer - type: object - private_access: - description: Allow access to selected service ports from private - networks - properties: - kafka_connect: - description: Allow clients to connect to kafka_connect with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - jolokia: - description: Enable jolokia - type: boolean - kafka_connect: - description: Enable kafka_connect - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - kafka_connect: - description: Allow clients to connect to kafka_connect from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkas.yaml b/config/crd/bases/aiven.io_kafkas.yaml index d359f376..ea73fcba 100644 --- a/config/crd/bases/aiven.io_kafkas.yaml +++ b/config/crd/bases/aiven.io_kafkas.yaml @@ -15,966 +15,1069 @@ spec: singular: kafka scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Kafka is the Schema for the kafkas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaSpec defines the desired state of Kafka - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `KAFKA_HOST`, `KAFKA_PORT`, `KAFKA_USERNAME`, `KAFKA_PASSWORD`, - `KAFKA_ACCESS_CERT`, `KAFKA_ACCESS_KEY`, `KAFKA_SASL_HOST`, `KAFKA_SASL_PORT`, - `KAFKA_SCHEMA_REGISTRY_HOST`, `KAFKA_SCHEMA_REGISTRY_PORT`, `KAFKA_CONNECT_HOST`, - `KAFKA_CONNECT_PORT`, `KAFKA_REST_HOST`, `KAFKA_REST_PORT`' - properties: - annotations: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Kafka is the Schema for the kafkas API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaSpec defines the desired state of Kafka + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - karapace: - description: Switch the service to use Karapace for schema registry - and REST proxy - type: boolean - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `KAFKA_HOST`, `KAFKA_PORT`, `KAFKA_USERNAME`, `KAFKA_PASSWORD`, + `KAFKA_ACCESS_CERT`, `KAFKA_ACCESS_KEY`, `KAFKA_SASL_HOST`, `KAFKA_SASL_PORT`, + `KAFKA_SCHEMA_REGISTRY_HOST`, `KAFKA_SCHEMA_REGISTRY_PORT`, `KAFKA_CONNECT_HOST`, + `KAFKA_CONNECT_PORT`, `KAFKA_REST_HOST`, `KAFKA_REST_PORT`" properties: - integrationType: - enum: - - read_replica + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - integrationType - - sourceServiceName + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + karapace: + description: + Switch the service to use Karapace for schema registry + and REST proxy + type: boolean + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Kafka specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 type: string - maxItems: 1 - type: array - aiven_kafka_topic_messages: - description: Allow access to read Kafka topic messages in the - Aiven Console and REST API. - type: boolean - custom_domain: - description: Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 - type: string - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - kafka: - description: Kafka broker configuration values + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - auto_create_topics_enable: - description: Enable auto creation of topics - type: boolean - compression_type: - description: Specify the final compression type for a given - topic. This configuration accepts the standard compression - codecs ('gzip', 'snappy', 'lz4', 'zstd'). It additionally - accepts 'uncompressed' which is equivalent to no compression; - and 'producer' which means retain the original compression - codec set by the producer. - enum: - - gzip - - snappy - - lz4 - - zstd - - uncompressed - - producer - type: string - connections_max_idle_ms: - description: 'Idle connections timeout: the server socket - processor threads close the connections that idle for longer - than this.' - maximum: 3600000 - minimum: 1000 - type: integer - default_replication_factor: - description: Replication factor for autocreated topics - maximum: 10 - minimum: 1 - type: integer - group_initial_rebalance_delay_ms: - description: The amount of time, in milliseconds, the group - coordinator will wait for more consumers to join a new group - before performing the first rebalance. A longer delay means - potentially fewer rebalances, but increases the time until - processing begins. The default value for this is 3 seconds. - During development and testing it might be desirable to - set this to 0 in order to not delay test execution time. - maximum: 300000 - minimum: 0 - type: integer - group_max_session_timeout_ms: - description: The maximum allowed session timeout for registered - consumers. Longer timeouts give consumers more time to process - messages in between heartbeats at the cost of a longer time - to detect failures. - maximum: 1800000 - minimum: 0 - type: integer - group_min_session_timeout_ms: - description: The minimum allowed session timeout for registered - consumers. Longer timeouts give consumers more time to process - messages in between heartbeats at the cost of a longer time - to detect failures. - maximum: 60000 - minimum: 0 - type: integer - log_cleaner_delete_retention_ms: - description: How long are delete records retained? - maximum: 315569260000 - minimum: 0 - type: integer - log_cleaner_max_compaction_lag_ms: - description: The maximum amount of time message will remain - uncompacted. Only applicable for logs that are being compacted - minimum: 30000 - type: integer - log_cleaner_min_cleanable_ratio: - description: Controls log compactor frequency. Larger value - means more frequent compactions but also more space wasted - for logs. Consider setting log.cleaner.max.compaction.lag.ms - to enforce compactions sooner, instead of setting a very - high value for this option. - maximum: 0.9 - minimum: 0.2 - type: number - log_cleaner_min_compaction_lag_ms: - description: The minimum time a message will remain uncompacted - in the log. Only applicable for logs that are being compacted. - minimum: 0 - type: integer - log_cleanup_policy: - description: The default cleanup policy for segments beyond - the retention window + integrationType: enum: - - delete - - compact - - compact,delete - type: string - log_flush_interval_messages: - description: The number of messages accumulated on a log partition - before messages are flushed to disk - minimum: 1 - type: integer - log_flush_interval_ms: - description: The maximum time in ms that a message in any - topic is kept in memory before flushed to disk. If not set, - the value in log.flush.scheduler.interval.ms is used - minimum: 0 - type: integer - log_index_interval_bytes: - description: The interval with which Kafka adds an entry to - the offset index - maximum: 104857600 - minimum: 0 - type: integer - log_index_size_max_bytes: - description: The maximum size in bytes of the offset index - maximum: 104857600 - minimum: 1048576 - type: integer - log_local_retention_bytes: - description: The maximum size of local log segments that can - grow for a partition before it gets eligible for deletion. - If set to -2, the value of log.retention.bytes is used. - The effective value should always be less than or equal - to log.retention.bytes value. - minimum: -2 - type: integer - log_local_retention_ms: - description: The number of milliseconds to keep the local - log segments before it gets eligible for deletion. If set - to -2, the value of log.retention.ms is used. The effective - value should always be less than or equal to log.retention.ms - value. - minimum: -2 - type: integer - log_message_downconversion_enable: - description: This configuration controls whether down-conversion - of message formats is enabled to satisfy consume requests. - type: boolean - log_message_timestamp_difference_max_ms: - description: The maximum difference allowed between the timestamp - when a broker receives a message and the timestamp specified - in the message - minimum: 0 - type: integer - log_message_timestamp_type: - description: Define whether the timestamp in the message is - message create time or log append time. - enum: - - CreateTime - - LogAppendTime - type: string - log_preallocate: - description: Should pre allocate file when create new segment? - type: boolean - log_retention_bytes: - description: The maximum size of the log before deleting messages - minimum: -1 - type: integer - log_retention_hours: - description: The number of hours to keep a log file before - deleting it - maximum: 2147483647 - minimum: -1 - type: integer - log_retention_ms: - description: The number of milliseconds to keep a log file - before deleting it (in milliseconds), If not set, the value - in log.retention.minutes is used. If set to -1, no time - limit is applied. - minimum: -1 - type: integer - log_roll_jitter_ms: - description: The maximum jitter to subtract from logRollTimeMillis - (in milliseconds). If not set, the value in log.roll.jitter.hours - is used - minimum: 0 - type: integer - log_roll_ms: - description: The maximum time before a new log segment is - rolled out (in milliseconds). - minimum: 1 - type: integer - log_segment_bytes: - description: The maximum size of a single log file - maximum: 1073741824 - minimum: 10485760 - type: integer - log_segment_delete_delay_ms: - description: The amount of time to wait before deleting a - file from the filesystem - maximum: 3600000 - minimum: 0 - type: integer - max_connections_per_ip: - description: The maximum number of connections allowed from - each ip address (defaults to 2147483647). - maximum: 2147483647 - minimum: 256 - type: integer - max_incremental_fetch_session_cache_slots: - description: The maximum number of incremental fetch sessions - that the broker will maintain. - maximum: 10000 - minimum: 1000 - type: integer - message_max_bytes: - description: The maximum size of message that the server can - receive. - maximum: 100001200 - minimum: 0 - type: integer - min_insync_replicas: - description: When a producer sets acks to 'all' (or '-1'), - min.insync.replicas specifies the minimum number of replicas - that must acknowledge a write for the write to be considered - successful. - maximum: 7 - minimum: 1 - type: integer - num_partitions: - description: Number of partitions for autocreated topics - maximum: 1000 - minimum: 1 - type: integer - offsets_retention_minutes: - description: Log retention window in minutes for offsets topic - maximum: 2147483647 - minimum: 1 - type: integer - producer_purgatory_purge_interval_requests: - description: The purge interval (in number of requests) of - the producer request purgatory(defaults to 1000). - maximum: 10000 - minimum: 10 - type: integer - replica_fetch_max_bytes: - description: The number of bytes of messages to attempt to - fetch for each partition (defaults to 1048576). This is - not an absolute maximum, if the first record batch in the - first non-empty partition of the fetch is larger than this - value, the record batch will still be returned to ensure - that progress can be made. - maximum: 104857600 - minimum: 1048576 - type: integer - replica_fetch_response_max_bytes: - description: Maximum bytes expected for the entire fetch response - (defaults to 10485760). Records are fetched in batches, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that progress can be made. - As such, this is not an absolute maximum. - maximum: 1048576000 - minimum: 10485760 - type: integer - sasl_oauthbearer_expected_audience: - description: The (optional) comma-delimited setting for the - broker to use to verify that the JWT was issued for one - of the expected audiences. - maxLength: 128 - type: string - sasl_oauthbearer_expected_issuer: - description: Optional setting for the broker to use to verify - that the JWT was created by the expected issuer. - maxLength: 128 - type: string - sasl_oauthbearer_jwks_endpoint_url: - description: OIDC JWKS endpoint URL. By setting this the SASL - SSL OAuth2/OIDC authentication is enabled. See also other - options for SASL OAuth2/OIDC. - maxLength: 2048 + - read_replica type: string - sasl_oauthbearer_sub_claim_name: - description: Name of the scope from which to extract the subject - claim from the JWT. Defaults to sub. - maxLength: 128 + sourceServiceName: + maxLength: 64 + minLength: 1 type: string - socket_request_max_bytes: - description: The maximum number of bytes in a socket request - (defaults to 104857600). - maximum: 209715200 - minimum: 10485760 - type: integer - transaction_partition_verification_enable: - description: Enable verification that checks that the partition - has been added to the transaction before writing transactional - records to the partition - type: boolean - transaction_remove_expired_transaction_cleanup_interval_ms: - description: The interval at which to remove transactions - that have expired due to transactional.id.expiration.ms - passing (defaults to 3600000 (1 hour)). - maximum: 3600000 - minimum: 600000 - type: integer - transaction_state_log_segment_bytes: - description: The transaction topic segment bytes should be - kept relatively small in order to facilitate faster log - compaction and cache loads (defaults to 104857600 (100 mebibytes)). - maximum: 2147483647 - minimum: 1048576 - type: integer - type: object - kafka_authentication_methods: - description: Kafka authentication methods - properties: - certificate: - description: Enable certificate/SSL authentication - type: boolean - sasl: - description: Enable SASL authentication - type: boolean + required: + - integrationType + - sourceServiceName type: object - kafka_connect: - description: Enable Kafka Connect service - type: boolean - kafka_connect_config: - description: Kafka Connect configuration values - properties: - connector_client_config_override_policy: - description: Defines what client configurations can be overridden - by the connector. Default is None - enum: - - None - - All - type: string - consumer_auto_offset_reset: - description: What to do when there is no initial offset in - Kafka or if the current offset does not exist any more on - the server. Default is earliest - enum: - - earliest - - latest + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Kafka specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: type: string - consumer_fetch_max_bytes: - description: Records are fetched in batches by the consumer, - and if the first record batch in the first non-empty partition - of the fetch is larger than this value, the record batch - will still be returned to ensure that the consumer can make - progress. As such, this is not a absolute maximum. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_isolation_level: - description: Transaction read isolation level. read_uncommitted - is the default, but read_committed can be used if consume-exactly-once - behavior is desired. - enum: - - read_uncommitted - - read_committed + maxItems: 1 + type: array + aiven_kafka_topic_messages: + description: + Allow access to read Kafka topic messages in the + Aiven Console and REST API. + type: boolean + custom_domain: + description: + Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + kafka: + description: Kafka broker configuration values + properties: + auto_create_topics_enable: + description: Enable auto creation of topics + type: boolean + compression_type: + description: + Specify the final compression type for a given + topic. This configuration accepts the standard compression + codecs ('gzip', 'snappy', 'lz4', 'zstd'). It additionally + accepts 'uncompressed' which is equivalent to no compression; + and 'producer' which means retain the original compression + codec set by the producer. + enum: + - gzip + - snappy + - lz4 + - zstd + - uncompressed + - producer + type: string + connections_max_idle_ms: + description: + "Idle connections timeout: the server socket + processor threads close the connections that idle for longer + than this." + maximum: 3600000 + minimum: 1000 + type: integer + default_replication_factor: + description: Replication factor for autocreated topics + maximum: 10 + minimum: 1 + type: integer + group_initial_rebalance_delay_ms: + description: + The amount of time, in milliseconds, the group + coordinator will wait for more consumers to join a new group + before performing the first rebalance. A longer delay means + potentially fewer rebalances, but increases the time until + processing begins. The default value for this is 3 seconds. + During development and testing it might be desirable to + set this to 0 in order to not delay test execution time. + maximum: 300000 + minimum: 0 + type: integer + group_max_session_timeout_ms: + description: + The maximum allowed session timeout for registered + consumers. Longer timeouts give consumers more time to process + messages in between heartbeats at the cost of a longer time + to detect failures. + maximum: 1800000 + minimum: 0 + type: integer + group_min_session_timeout_ms: + description: + The minimum allowed session timeout for registered + consumers. Longer timeouts give consumers more time to process + messages in between heartbeats at the cost of a longer time + to detect failures. + maximum: 60000 + minimum: 0 + type: integer + log_cleaner_delete_retention_ms: + description: How long are delete records retained? + maximum: 315569260000 + minimum: 0 + type: integer + log_cleaner_max_compaction_lag_ms: + description: + The maximum amount of time message will remain + uncompacted. Only applicable for logs that are being compacted + minimum: 30000 + type: integer + log_cleaner_min_cleanable_ratio: + description: + Controls log compactor frequency. Larger value + means more frequent compactions but also more space wasted + for logs. Consider setting log.cleaner.max.compaction.lag.ms + to enforce compactions sooner, instead of setting a very + high value for this option. + maximum: 0.9 + minimum: 0.2 + type: number + log_cleaner_min_compaction_lag_ms: + description: + The minimum time a message will remain uncompacted + in the log. Only applicable for logs that are being compacted. + minimum: 0 + type: integer + log_cleanup_policy: + description: + The default cleanup policy for segments beyond + the retention window + enum: + - delete + - compact + - compact,delete + type: string + log_flush_interval_messages: + description: + The number of messages accumulated on a log partition + before messages are flushed to disk + minimum: 1 + type: integer + log_flush_interval_ms: + description: + The maximum time in ms that a message in any + topic is kept in memory before flushed to disk. If not set, + the value in log.flush.scheduler.interval.ms is used + minimum: 0 + type: integer + log_index_interval_bytes: + description: + The interval with which Kafka adds an entry to + the offset index + maximum: 104857600 + minimum: 0 + type: integer + log_index_size_max_bytes: + description: The maximum size in bytes of the offset index + maximum: 104857600 + minimum: 1048576 + type: integer + log_local_retention_bytes: + description: + The maximum size of local log segments that can + grow for a partition before it gets eligible for deletion. + If set to -2, the value of log.retention.bytes is used. + The effective value should always be less than or equal + to log.retention.bytes value. + minimum: -2 + type: integer + log_local_retention_ms: + description: + The number of milliseconds to keep the local + log segments before it gets eligible for deletion. If set + to -2, the value of log.retention.ms is used. The effective + value should always be less than or equal to log.retention.ms + value. + minimum: -2 + type: integer + log_message_downconversion_enable: + description: + This configuration controls whether down-conversion + of message formats is enabled to satisfy consume requests. + type: boolean + log_message_timestamp_difference_max_ms: + description: + The maximum difference allowed between the timestamp + when a broker receives a message and the timestamp specified + in the message + minimum: 0 + type: integer + log_message_timestamp_type: + description: + Define whether the timestamp in the message is + message create time or log append time. + enum: + - CreateTime + - LogAppendTime + type: string + log_preallocate: + description: Should pre allocate file when create new segment? + type: boolean + log_retention_bytes: + description: The maximum size of the log before deleting messages + minimum: -1 + type: integer + log_retention_hours: + description: + The number of hours to keep a log file before + deleting it + maximum: 2147483647 + minimum: -1 + type: integer + log_retention_ms: + description: + The number of milliseconds to keep a log file + before deleting it (in milliseconds), If not set, the value + in log.retention.minutes is used. If set to -1, no time + limit is applied. + minimum: -1 + type: integer + log_roll_jitter_ms: + description: + The maximum jitter to subtract from logRollTimeMillis + (in milliseconds). If not set, the value in log.roll.jitter.hours + is used + minimum: 0 + type: integer + log_roll_ms: + description: + The maximum time before a new log segment is + rolled out (in milliseconds). + minimum: 1 + type: integer + log_segment_bytes: + description: The maximum size of a single log file + maximum: 1073741824 + minimum: 10485760 + type: integer + log_segment_delete_delay_ms: + description: + The amount of time to wait before deleting a + file from the filesystem + maximum: 3600000 + minimum: 0 + type: integer + max_connections_per_ip: + description: + The maximum number of connections allowed from + each ip address (defaults to 2147483647). + maximum: 2147483647 + minimum: 256 + type: integer + max_incremental_fetch_session_cache_slots: + description: + The maximum number of incremental fetch sessions + that the broker will maintain. + maximum: 10000 + minimum: 1000 + type: integer + message_max_bytes: + description: + The maximum size of message that the server can + receive. + maximum: 100001200 + minimum: 0 + type: integer + min_insync_replicas: + description: + When a producer sets acks to 'all' (or '-1'), + min.insync.replicas specifies the minimum number of replicas + that must acknowledge a write for the write to be considered + successful. + maximum: 7 + minimum: 1 + type: integer + num_partitions: + description: Number of partitions for autocreated topics + maximum: 1000 + minimum: 1 + type: integer + offsets_retention_minutes: + description: Log retention window in minutes for offsets topic + maximum: 2147483647 + minimum: 1 + type: integer + producer_purgatory_purge_interval_requests: + description: + The purge interval (in number of requests) of + the producer request purgatory(defaults to 1000). + maximum: 10000 + minimum: 10 + type: integer + replica_fetch_max_bytes: + description: + The number of bytes of messages to attempt to + fetch for each partition (defaults to 1048576). This is + not an absolute maximum, if the first record batch in the + first non-empty partition of the fetch is larger than this + value, the record batch will still be returned to ensure + that progress can be made. + maximum: 104857600 + minimum: 1048576 + type: integer + replica_fetch_response_max_bytes: + description: + Maximum bytes expected for the entire fetch response + (defaults to 10485760). Records are fetched in batches, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that progress can be made. + As such, this is not an absolute maximum. + maximum: 1048576000 + minimum: 10485760 + type: integer + sasl_oauthbearer_expected_audience: + description: + The (optional) comma-delimited setting for the + broker to use to verify that the JWT was issued for one + of the expected audiences. + maxLength: 128 + type: string + sasl_oauthbearer_expected_issuer: + description: + Optional setting for the broker to use to verify + that the JWT was created by the expected issuer. + maxLength: 128 + type: string + sasl_oauthbearer_jwks_endpoint_url: + description: + OIDC JWKS endpoint URL. By setting this the SASL + SSL OAuth2/OIDC authentication is enabled. See also other + options for SASL OAuth2/OIDC. + maxLength: 2048 + type: string + sasl_oauthbearer_sub_claim_name: + description: + Name of the scope from which to extract the subject + claim from the JWT. Defaults to sub. + maxLength: 128 + type: string + socket_request_max_bytes: + description: + The maximum number of bytes in a socket request + (defaults to 104857600). + maximum: 209715200 + minimum: 10485760 + type: integer + transaction_partition_verification_enable: + description: + Enable verification that checks that the partition + has been added to the transaction before writing transactional + records to the partition + type: boolean + transaction_remove_expired_transaction_cleanup_interval_ms: + description: + The interval at which to remove transactions + that have expired due to transactional.id.expiration.ms + passing (defaults to 3600000 (1 hour)). + maximum: 3600000 + minimum: 600000 + type: integer + transaction_state_log_segment_bytes: + description: + The transaction topic segment bytes should be + kept relatively small in order to facilitate faster log + compaction and cache loads (defaults to 104857600 (100 mebibytes)). + maximum: 2147483647 + minimum: 1048576 + type: integer + type: object + kafka_authentication_methods: + description: Kafka authentication methods + properties: + certificate: + description: Enable certificate/SSL authentication + type: boolean + sasl: + description: Enable SASL authentication + type: boolean + type: object + kafka_connect: + description: Enable Kafka Connect service + type: boolean + kafka_connect_config: + description: Kafka Connect configuration values + properties: + connector_client_config_override_policy: + description: + Defines what client configurations can be overridden + by the connector. Default is None + enum: + - None + - All + type: string + consumer_auto_offset_reset: + description: + What to do when there is no initial offset in + Kafka or if the current offset does not exist any more on + the server. Default is earliest + enum: + - earliest + - latest + type: string + consumer_fetch_max_bytes: + description: + Records are fetched in batches by the consumer, + and if the first record batch in the first non-empty partition + of the fetch is larger than this value, the record batch + will still be returned to ensure that the consumer can make + progress. As such, this is not a absolute maximum. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_isolation_level: + description: + Transaction read isolation level. read_uncommitted + is the default, but read_committed can be used if consume-exactly-once + behavior is desired. + enum: + - read_uncommitted + - read_committed + type: string + consumer_max_partition_fetch_bytes: + description: + Records are fetched in batches by the consumer.If + the first record batch in the first non-empty partition + of the fetch is larger than this limit, the batch will still + be returned to ensure that the consumer can make progress. + maximum: 104857600 + minimum: 1048576 + type: integer + consumer_max_poll_interval_ms: + description: + The maximum delay in milliseconds between invocations + of poll() when using consumer group management (defaults + to 300000). + maximum: 2147483647 + minimum: 1 + type: integer + consumer_max_poll_records: + description: + The maximum number of records returned in a single + call to poll() (defaults to 500). + maximum: 10000 + minimum: 1 + type: integer + offset_flush_interval_ms: + description: + The interval at which to try committing offsets + for tasks (defaults to 60000). + maximum: 100000000 + minimum: 1 + type: integer + offset_flush_timeout_ms: + description: + Maximum number of milliseconds to wait for records + to flush and partition offset data to be committed to offset + storage before cancelling the process and restoring the + offset data to be committed in a future attempt (defaults + to 5000). + maximum: 2147483647 + minimum: 1 + type: integer + producer_batch_size: + description: + This setting gives the upper bound of the batch + size to be sent. If there are fewer than this many bytes + accumulated for this partition, the producer will 'linger' + for the linger.ms time waiting for more records to show + up. A batch size of zero will disable batching entirely + (defaults to 16384). + maximum: 5242880 + minimum: 0 + type: integer + producer_buffer_memory: + description: + The total bytes of memory the producer can use + to buffer records waiting to be sent to the broker (defaults + to 33554432). + maximum: 134217728 + minimum: 5242880 + type: integer + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: + "This setting gives the upper bound on the delay + for batching: once there is batch.size worth of records + for a partition it will be sent immediately regardless of + this setting, however if there are fewer than this many + bytes accumulated for this partition the producer will 'linger' + for the specified time waiting for more records to show + up. Defaults to 0." + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: + This setting will limit the number of record + batches the producer will send in a single request to avoid + sending huge requests. + maximum: 67108864 + minimum: 131072 + type: integer + scheduled_rebalance_max_delay_ms: + description: + The maximum delay that is scheduled in order + to wait for the return of one or more departed workers before + rebalancing and reassigning their connectors and tasks to + the group. During this period the connectors and tasks of + the departed workers remain unassigned. Defaults to 5 minutes. + maximum: 600000 + minimum: 0 + type: integer + session_timeout_ms: + description: + The timeout in milliseconds used to detect failures + when using Kafka’s group management facilities (defaults + to 10000). + maximum: 2147483647 + minimum: 1 + type: integer + type: object + kafka_rest: + description: Enable Kafka-REST service + type: boolean + kafka_rest_authorization: + description: Enable authorization in Kafka-REST service + type: boolean + kafka_rest_config: + description: Kafka REST configuration + properties: + consumer_enable_auto_commit: + description: + If true the consumer's offset will be periodically + committed to Kafka in the background + type: boolean + consumer_request_max_bytes: + description: + Maximum number of bytes in unencoded message + keys and values by a single request + maximum: 671088640 + minimum: 0 + type: integer + consumer_request_timeout_ms: + description: + The maximum total time to wait for messages for + a request if the maximum number of messages has not yet + been reached + enum: + - 1000 + - 15000 + - 30000 + maximum: 30000 + minimum: 1000 + type: integer + name_strategy_validation: + description: + If true, validate that given schema is registered + under expected subject name by the used name strategy when + producing messages. + type: boolean + producer_acks: + description: + The number of acknowledgments the producer requires + the leader to have received before considering a request + complete. If set to 'all' or '-1', the leader will wait + for the full set of in-sync replicas to acknowledge the + record. + enum: + - all + - "-1" + - "0" + - "1" + type: string + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none + type: string + producer_linger_ms: + description: + Wait for up to the given delay to allow batching + records together + maximum: 5000 + minimum: 0 + type: integer + producer_max_request_size: + description: + The maximum size of a request in bytes. Note + that Kafka broker can also cap the record batch size. + maximum: 2147483647 + minimum: 0 + type: integer + simpleconsumer_pool_size_max: + description: + Maximum number of SimpleConsumers that can be + instantiated per broker + maximum: 250 + minimum: 10 + type: integer + type: object + kafka_version: + description: Kafka major version + enum: + - "3.3" + - "3.1" + - "3.4" + - "3.5" + - "3.6" + type: string + private_access: + description: + Allow access to selected service ports from private + networks + properties: + kafka: + description: + Allow clients to connect to kafka with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + kafka_connect: + description: + Allow clients to connect to kafka_connect with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + kafka_rest: + description: + Allow clients to connect to kafka_rest with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + schema_registry: + description: + Allow clients to connect to schema_registry with + a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + jolokia: + description: Enable jolokia + type: boolean + kafka: + description: Enable kafka + type: boolean + kafka_connect: + description: Enable kafka_connect + type: boolean + kafka_rest: + description: Enable kafka_rest + type: boolean + prometheus: + description: Enable prometheus + type: boolean + schema_registry: + description: Enable schema_registry + type: boolean + type: object + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + kafka: + description: + Allow clients to connect to kafka from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + kafka_connect: + description: + Allow clients to connect to kafka_connect from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + kafka_rest: + description: + Allow clients to connect to kafka_rest from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + schema_registry: + description: + Allow clients to connect to schema_registry from + the public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + schema_registry: + description: Enable Schema-Registry service + type: boolean + schema_registry_config: + description: Schema Registry configuration + properties: + leader_eligibility: + description: + If true, Karapace / Schema Registry on the service + nodes can participate in leader election. It might be needed + to disable this when the schemas topic is replicated to + a secondary cluster and Karapace / Schema Registry there + must not participate in leader election. Defaults to `true`. + type: boolean + topic_name: + description: + The durable single partition topic that acts + as the durable log for the data. This topic must be compacted + to avoid losing data due to retention policy. Please note + that changing this configuration in an existing Schema Registry + / Karapace setup leads to previous schemas being inaccessible, + data encoded with them potentially unreadable and schema + ID sequence put out of order. It's only possible to do the + switch while Schema Registry / Karapace is disabled. Defaults + to `_schemas`. + maxLength: 249 + minLength: 1 + type: string + type: object + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + static_ips: + description: Use static public IP addresses + type: boolean + tiered_storage: + description: Tiered storage configuration + properties: + enabled: + description: Whether to enable the tiered storage functionality + type: boolean + local_cache: + description: Deprecated. Local cache configuration + properties: + size: + description: Deprecated. Local cache size in bytes + maximum: 107374182400 + minimum: 1 + type: integer + type: object + type: object + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - consumer_max_partition_fetch_bytes: - description: Records are fetched in batches by the consumer.If - the first record batch in the first non-empty partition - of the fetch is larger than this limit, the batch will still - be returned to ensure that the consumer can make progress. - maximum: 104857600 - minimum: 1048576 - type: integer - consumer_max_poll_interval_ms: - description: The maximum delay in milliseconds between invocations - of poll() when using consumer group management (defaults - to 300000). - maximum: 2147483647 - minimum: 1 - type: integer - consumer_max_poll_records: - description: The maximum number of records returned in a single - call to poll() (defaults to 500). - maximum: 10000 - minimum: 1 - type: integer - offset_flush_interval_ms: - description: The interval at which to try committing offsets - for tasks (defaults to 60000). - maximum: 100000000 - minimum: 1 - type: integer - offset_flush_timeout_ms: - description: Maximum number of milliseconds to wait for records - to flush and partition offset data to be committed to offset - storage before cancelling the process and restoring the - offset data to be committed in a future attempt (defaults - to 5000). - maximum: 2147483647 - minimum: 1 - type: integer - producer_batch_size: - description: This setting gives the upper bound of the batch - size to be sent. If there are fewer than this many bytes - accumulated for this partition, the producer will 'linger' - for the linger.ms time waiting for more records to show - up. A batch size of zero will disable batching entirely - (defaults to 16384). - maximum: 5242880 - minimum: 0 - type: integer - producer_buffer_memory: - description: The total bytes of memory the producer can use - to buffer records waiting to be sent to the broker (defaults - to 33554432). - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. - enum: - - gzip - - snappy - - lz4 - - zstd - - none + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - producer_linger_ms: - description: 'This setting gives the upper bound on the delay - for batching: once there is batch.size worth of records - for a partition it will be sent immediately regardless of - this setting, however if there are fewer than this many - bytes accumulated for this partition the producer will ''linger'' - for the specified time waiting for more records to show - up. Defaults to 0.' - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: This setting will limit the number of record - batches the producer will send in a single request to avoid - sending huge requests. - maximum: 67108864 - minimum: 131072 - type: integer - scheduled_rebalance_max_delay_ms: - description: The maximum delay that is scheduled in order - to wait for the return of one or more departed workers before - rebalancing and reassigning their connectors and tasks to - the group. During this period the connectors and tasks of - the departed workers remain unassigned. Defaults to 5 minutes. - maximum: 600000 - minimum: 0 - type: integer - session_timeout_ms: - description: The timeout in milliseconds used to detect failures - when using Kafka’s group management facilities (defaults - to 10000). - maximum: 2147483647 - minimum: 1 - type: integer - type: object - kafka_rest: - description: Enable Kafka-REST service - type: boolean - kafka_rest_authorization: - description: Enable authorization in Kafka-REST service - type: boolean - kafka_rest_config: - description: Kafka REST configuration - properties: - consumer_enable_auto_commit: - description: If true the consumer's offset will be periodically - committed to Kafka in the background - type: boolean - consumer_request_max_bytes: - description: Maximum number of bytes in unencoded message - keys and values by a single request - maximum: 671088640 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - consumer_request_timeout_ms: - description: The maximum total time to wait for messages for - a request if the maximum number of messages has not yet - been reached - enum: - - 1000 - - 15000 - - 30000 - maximum: 30000 - minimum: 1000 - type: integer - name_strategy_validation: - description: If true, validate that given schema is registered - under expected subject name by the used name strategy when - producing messages. - type: boolean - producer_acks: - description: The number of acknowledgments the producer requires - the leader to have received before considering a request - complete. If set to 'all' or '-1', the leader will wait - for the full set of in-sync replicas to acknowledge the - record. - enum: - - all - - "-1" - - "0" - - "1" + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. + status: + description: status of the condition, one of True, False, Unknown. enum: - - gzip - - snappy - - lz4 - - zstd - - none + - "True" + - "False" + - Unknown type: string - producer_linger_ms: - description: Wait for up to the given delay to allow batching - records together - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: The maximum size of a request in bytes. Note - that Kafka broker can also cap the record batch size. - maximum: 2147483647 - minimum: 0 - type: integer - simpleconsumer_pool_size_max: - description: Maximum number of SimpleConsumers that can be - instantiated per broker - maximum: 250 - minimum: 10 - type: integer - type: object - kafka_version: - description: Kafka major version - enum: - - "3.3" - - "3.1" - - "3.4" - - "3.5" - - "3.6" - type: string - private_access: - description: Allow access to selected service ports from private - networks - properties: - kafka: - description: Allow clients to connect to kafka with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - kafka_connect: - description: Allow clients to connect to kafka_connect with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - kafka_rest: - description: Allow clients to connect to kafka_rest with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - schema_registry: - description: Allow clients to connect to schema_registry with - a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - jolokia: - description: Enable jolokia - type: boolean - kafka: - description: Enable kafka - type: boolean - kafka_connect: - description: Enable kafka_connect - type: boolean - kafka_rest: - description: Enable kafka_rest - type: boolean - prometheus: - description: Enable prometheus - type: boolean - schema_registry: - description: Enable schema_registry - type: boolean - type: object - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - kafka: - description: Allow clients to connect to kafka from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - kafka_connect: - description: Allow clients to connect to kafka_connect from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - kafka_rest: - description: Allow clients to connect to kafka_rest from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - schema_registry: - description: Allow clients to connect to schema_registry from - the public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - schema_registry: - description: Enable Schema-Registry service - type: boolean - schema_registry_config: - description: Schema Registry configuration - properties: - leader_eligibility: - description: If true, Karapace / Schema Registry on the service - nodes can participate in leader election. It might be needed - to disable this when the schemas topic is replicated to - a secondary cluster and Karapace / Schema Registry there - must not participate in leader election. Defaults to `true`. - type: boolean - topic_name: - description: The durable single partition topic that acts - as the durable log for the data. This topic must be compacted - to avoid losing data due to retention policy. Please note - that changing this configuration in an existing Schema Registry - / Karapace setup leads to previous schemas being inaccessible, - data encoded with them potentially unreadable and schema - ID sequence put out of order. It's only possible to do the - switch while Schema Registry / Karapace is disabled. Defaults - to `_schemas`. - maxLength: 249 - minLength: 1 + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - static_ips: - description: Use static public IP addresses - type: boolean - tiered_storage: - description: Tiered storage configuration - properties: - enabled: - description: Whether to enable the tiered storage functionality - type: boolean - local_cache: - description: Deprecated. Local cache configuration - properties: - size: - description: Deprecated. Local cache size in bytes - maximum: 107374182400 - minimum: 1 - type: integer - type: object - type: object - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkaschemas.yaml b/config/crd/bases/aiven.io_kafkaschemas.yaml index e96a87bc..ffb7aa2e 100644 --- a/config/crd/bases/aiven.io_kafkaschemas.yaml +++ b/config/crd/bases/aiven.io_kafkaschemas.yaml @@ -15,171 +15,181 @@ spec: singular: kafkaschema scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.subjectName - name: Subject - type: string - - jsonPath: .spec.compatibilityLevel - name: Compatibility Level - type: string - - jsonPath: .status.version - name: Version - type: number - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaSchema is the Schema for the kafkaschemas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaSchemaSpec defines the desired state of KafkaSchema - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - compatibilityLevel: - description: Kafka Schemas compatibility level - enum: - - BACKWARD - - BACKWARD_TRANSITIVE - - FORWARD - - FORWARD_TRANSITIVE - - FULL - - FULL_TRANSITIVE - - NONE - type: string - project: - description: Project to link the Kafka Schema to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - schema: - description: Kafka Schema configuration should be a valid Avro Schema - JSON format - type: string - serviceName: - description: Service to link the Kafka Schema to - maxLength: 63 - type: string - subjectName: - description: Kafka Schema Subject name - maxLength: 63 - type: string - required: - - project - - schema - - serviceName - - subjectName - type: object - status: - description: KafkaSchemaStatus defines the observed state of KafkaSchema - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaSchema state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.subjectName + name: Subject + type: string + - jsonPath: .spec.compatibilityLevel + name: Compatibility Level + type: string + - jsonPath: .status.version + name: Version + type: number + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaSchema is the Schema for the kafkaschemas API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaSchemaSpec defines the desired state of KafkaSchema + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - version: - description: Kafka Schema configuration version - type: integer - required: - - conditions - - version - type: object - type: object - served: true - storage: true - subresources: - status: {} + compatibilityLevel: + description: Kafka Schemas compatibility level + enum: + - BACKWARD + - BACKWARD_TRANSITIVE + - FORWARD + - FORWARD_TRANSITIVE + - FULL + - FULL_TRANSITIVE + - NONE + type: string + project: + description: Project to link the Kafka Schema to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + schema: + description: + Kafka Schema configuration should be a valid Avro Schema + JSON format + type: string + serviceName: + description: Service to link the Kafka Schema to + maxLength: 63 + type: string + subjectName: + description: Kafka Schema Subject name + maxLength: 63 + type: string + required: + - project + - schema + - serviceName + - subjectName + type: object + status: + description: KafkaSchemaStatus defines the observed state of KafkaSchema + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaSchema state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + version: + description: Kafka Schema configuration version + type: integer + required: + - conditions + - version + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_kafkatopics.yaml b/config/crd/bases/aiven.io_kafkatopics.yaml index b48be5eb..dbddcef8 100644 --- a/config/crd/bases/aiven.io_kafkatopics.yaml +++ b/config/crd/bases/aiven.io_kafkatopics.yaml @@ -15,280 +15,291 @@ spec: singular: kafkatopic scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.partitions - name: Partitions - type: string - - jsonPath: .spec.replication - name: Replication - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: KafkaTopic is the Schema for the kafkatopics API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KafkaTopicSpec defines the desired state of KafkaTopic - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - config: - description: Kafka topic configuration - properties: - cleanup_policy: - description: cleanup.policy value - type: string - compression_type: - description: compression.type value - type: string - delete_retention_ms: - description: delete.retention.ms value - format: int64 - type: integer - file_delete_delay_ms: - description: file.delete.delay.ms value - format: int64 - type: integer - flush_messages: - description: flush.messages value - format: int64 - type: integer - flush_ms: - description: flush.ms value - format: int64 - type: integer - index_interval_bytes: - description: index.interval.bytes value - format: int64 - type: integer - max_compaction_lag_ms: - description: max.compaction.lag.ms value - format: int64 - type: integer - max_message_bytes: - description: max.message.bytes value - format: int64 - type: integer - message_downconversion_enable: - description: message.downconversion.enable value - type: boolean - message_format_version: - description: message.format.version value - type: string - message_timestamp_difference_max_ms: - description: message.timestamp.difference.max.ms value - format: int64 - type: integer - message_timestamp_type: - description: message.timestamp.type value - type: string - min_cleanable_dirty_ratio: - description: min.cleanable.dirty.ratio value - type: number - min_compaction_lag_ms: - description: min.compaction.lag.ms value - format: int64 - type: integer - min_insync_replicas: - description: min.insync.replicas value - format: int64 - type: integer - preallocate: - description: preallocate value - type: boolean - retention_bytes: - description: retention.bytes value - format: int64 - type: integer - retention_ms: - description: retention.ms value - format: int64 - type: integer - segment_bytes: - description: segment.bytes value - format: int64 - type: integer - segment_index_bytes: - description: segment.index.bytes value - format: int64 - type: integer - segment_jitter_ms: - description: segment.jitter.ms value - format: int64 - type: integer - segment_ms: - description: segment.ms value - format: int64 - type: integer - type: object - partitions: - description: Number of partitions to create in the topic - maximum: 1000000 - minimum: 1 - type: integer - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - replication: - description: Replication factor for the topic - minimum: 2 - type: integer - serviceName: - description: Service name. - maxLength: 63 - type: string - tags: - description: Kafka topic tags - items: + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.partitions + name: Partitions + type: string + - jsonPath: .spec.replication + name: Replication + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: KafkaTopic is the Schema for the kafkatopics API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: KafkaTopicSpec defines the desired state of KafkaTopic + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: key: - format: ^[a-zA-Z0-9_-]*$ - maxLength: 64 minLength: 1 type: string - value: - format: ^[a-zA-Z0-9_-]*$ - maxLength: 256 + name: + minLength: 1 type: string required: - - key + - key + - name type: object - type: array - termination_protection: - description: It is a Kubernetes side deletion protections, which prevents - the kafka topic from being deleted by Kubernetes. It is recommended - to enable this for any production databases containing critical - data. - type: boolean - topicName: - description: Topic name. If provided, is used instead of metadata.name. - This field supports additional characters, has a longer length, - and will replace metadata.name in future releases - maxLength: 249 - minLength: 1 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - partitions - - project - - replication - - serviceName - type: object - status: - description: KafkaTopicStatus defines the observed state of KafkaTopic - properties: - conditions: - description: Conditions represent the latest available observations - of an KafkaTopic state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + config: + description: Kafka topic configuration properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + cleanup_policy: + description: cleanup.policy value type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + compression_type: + description: compression.type value type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + delete_retention_ms: + description: delete.retention.ms value format: int64 - minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + file_delete_delay_ms: + description: file.delete.delay.ms value + format: int64 + type: integer + flush_messages: + description: flush.messages value + format: int64 + type: integer + flush_ms: + description: flush.ms value + format: int64 + type: integer + index_interval_bytes: + description: index.interval.bytes value + format: int64 + type: integer + max_compaction_lag_ms: + description: max.compaction.lag.ms value + format: int64 + type: integer + max_message_bytes: + description: max.message.bytes value + format: int64 + type: integer + message_downconversion_enable: + description: message.downconversion.enable value + type: boolean + message_format_version: + description: message.format.version value type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + message_timestamp_difference_max_ms: + description: message.timestamp.difference.max.ms value + format: int64 + type: integer + message_timestamp_type: + description: message.timestamp.type value type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + min_cleanable_dirty_ratio: + description: min.cleanable.dirty.ratio value + type: number + min_compaction_lag_ms: + description: min.compaction.lag.ms value + format: int64 + type: integer + min_insync_replicas: + description: min.insync.replicas value + format: int64 + type: integer + preallocate: + description: preallocate value + type: boolean + retention_bytes: + description: retention.bytes value + format: int64 + type: integer + retention_ms: + description: retention.ms value + format: int64 + type: integer + segment_bytes: + description: segment.bytes value + format: int64 + type: integer + segment_index_bytes: + description: segment.index.bytes value + format: int64 + type: integer + segment_jitter_ms: + description: segment.jitter.ms value + format: int64 + type: integer + segment_ms: + description: segment.ms value + format: int64 + type: integer type: object - type: array - state: - description: State represents the state of the kafka topic - type: string - required: - - conditions - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + partitions: + description: Number of partitions to create in the topic + maximum: 1000000 + minimum: 1 + type: integer + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + replication: + description: Replication factor for the topic + minimum: 2 + type: integer + serviceName: + description: Service name. + maxLength: 63 + type: string + tags: + description: Kafka topic tags + items: + properties: + key: + format: ^[a-zA-Z0-9_-]*$ + maxLength: 64 + minLength: 1 + type: string + value: + format: ^[a-zA-Z0-9_-]*$ + maxLength: 256 + type: string + required: + - key + type: object + type: array + termination_protection: + description: + It is a Kubernetes side deletion protections, which prevents + the kafka topic from being deleted by Kubernetes. It is recommended + to enable this for any production databases containing critical + data. + type: boolean + topicName: + description: + Topic name. If provided, is used instead of metadata.name. + This field supports additional characters, has a longer length, + and will replace metadata.name in future releases + maxLength: 249 + minLength: 1 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - partitions + - project + - replication + - serviceName + type: object + status: + description: KafkaTopicStatus defines the observed state of KafkaTopic + properties: + conditions: + description: + Conditions represent the latest available observations + of an KafkaTopic state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: State represents the state of the kafka topic + type: string + required: + - conditions + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_mysqls.yaml b/config/crd/bases/aiven.io_mysqls.yaml index 635c30b8..d9232633 100644 --- a/config/crd/bases/aiven.io_mysqls.yaml +++ b/config/crd/bases/aiven.io_mysqls.yaml @@ -15,658 +15,735 @@ spec: singular: mysql scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: MySQL is the Schema for the mysqls API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MySQLSpec defines the desired state of MySQL - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `MYSQL_HOST`, `MYSQL_PORT`, `MYSQL_DATABASE`, `MYSQL_USER`, `MYSQL_PASSWORD`, - `MYSQL_SSL_MODE`, `MYSQL_URI`, `MYSQL_REPLICA_URI`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: MySQL is the Schema for the mysqls API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: MySQLSpec defines the desired state of MySQL + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: MySQL specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `MYSQL_HOST`, `MYSQL_PORT`, `MYSQL_DATABASE`, `MYSQL_USER`, `MYSQL_PASSWORD`, + `MYSQL_SSL_MODE`, `MYSQL_URI`, `MYSQL_REPLICA_URI`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - maxItems: 1 - type: array - admin_password: - description: Custom password for admin user. Defaults to random - string. This must be set only when a new service is being created. - maxLength: 256 - minLength: 8 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - admin_username: - description: Custom username for admin user. This must be set - only when a new service is being created. - maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - x-kubernetes-validations: + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - backup_hour: - description: The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 - minimum: 0 - type: integer - binlog_retention_period: - description: The minimum amount of time in seconds to keep binlog - entries before deletion. This may be extended for services that - require binlog entries for longer than the default for example - if using the MySQL Debezium Kafka connector. - maximum: 86400 - minimum: 600 - type: integer - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) + integrationType: enum: - - dump - - replication - type: string - password: - description: Password for authentication with the server where - to migrate data from - maxLength: 256 + - read_replica type: string - port: - description: Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: The server where to migrate data from is secured - with SSL - type: boolean - username: - description: User name for authentication with the server - where to migrate data from - maxLength: 256 + sourceServiceName: + maxLength: 64 + minLength: 1 type: string required: - - host - - port - type: object - mysql: - description: mysql.conf configuration values - properties: - connect_timeout: - description: The number of seconds that the mysqld server - waits for a connect packet before responding with Bad handshake - maximum: 3600 - minimum: 2 - type: integer - default_time_zone: - description: Default server time zone as an offset from UTC - (from -12:00 to +12:00), a time zone name, or 'SYSTEM' to - use the MySQL server default. - maxLength: 100 - minLength: 2 - type: string - group_concat_max_len: - description: The maximum permitted result length in bytes - for the GROUP_CONCAT() function. - minimum: 4 - type: integer - information_schema_stats_expiry: - description: The time, in seconds, before cached statistics - expire - maximum: 31536000 - minimum: 900 - type: integer - innodb_change_buffer_max_size: - description: Maximum size for the InnoDB change buffer, as - a percentage of the total size of the buffer pool. Default - is 25 - maximum: 50 - minimum: 0 - type: integer - innodb_flush_neighbors: - description: 'Specifies whether flushing a page from the InnoDB - buffer pool also flushes other dirty pages in the same extent - (default is 1): 0 - dirty pages in the same extent are not - flushed, 1 - flush contiguous dirty pages in the same extent, 2 - - flush dirty pages in the same extent' - maximum: 2 - minimum: 0 - type: integer - innodb_ft_min_token_size: - description: Minimum length of words that are stored in an - InnoDB FULLTEXT index. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 16 - minimum: 0 - type: integer - innodb_ft_server_stopword_table: - description: This option is used to specify your own InnoDB - FULLTEXT index stopword list for all InnoDB tables. - maxLength: 1024 - pattern: ^.+/.+$ - type: string - innodb_lock_wait_timeout: - description: The length of time in seconds an InnoDB transaction - waits for a row lock before giving up. Default is 120. - maximum: 3600 - minimum: 1 - type: integer - innodb_log_buffer_size: - description: The size in bytes of the buffer that InnoDB uses - to write to the log files on disk. - maximum: 4294967295 - minimum: 1048576 - type: integer - innodb_online_alter_log_max_size: - description: The upper limit in bytes on the size of the temporary - log files used during online DDL operations for InnoDB tables. - maximum: 1099511627776 - minimum: 65536 - type: integer - innodb_print_all_deadlocks: - description: When enabled, information about all deadlocks - in InnoDB user transactions is recorded in the error log. - Disabled by default. - type: boolean - innodb_read_io_threads: - description: The number of I/O threads for read operations - in InnoDB. Default is 4. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 64 - minimum: 1 - type: integer - innodb_rollback_on_timeout: - description: When enabled a transaction timeout causes InnoDB - to abort and roll back the entire transaction. Changing - this parameter will lead to a restart of the MySQL service. - type: boolean - innodb_thread_concurrency: - description: Defines the maximum number of threads permitted - inside of InnoDB. Default is 0 (infinite concurrency - no - limit) - maximum: 1000 - minimum: 0 - type: integer - innodb_write_io_threads: - description: The number of I/O threads for write operations - in InnoDB. Default is 4. Changing this parameter will lead - to a restart of the MySQL service. - maximum: 64 - minimum: 1 - type: integer - interactive_timeout: - description: The number of seconds the server waits for activity - on an interactive connection before closing it. - maximum: 604800 - minimum: 30 - type: integer - internal_tmp_mem_storage_engine: - description: The storage engine for in-memory internal temporary - tables. - enum: - - TempTable - - MEMORY - type: string - long_query_time: - description: The slow_query_logs work as SQL statements that - take more than long_query_time seconds to execute. Default - is 10s - maximum: 3600 - minimum: 0 - type: number - max_allowed_packet: - description: Size of the largest message in bytes that can - be received by the server. Default is 67108864 (64M) - maximum: 1073741824 - minimum: 102400 - type: integer - max_heap_table_size: - description: Limits the size of internal in-memory tables. - Also set tmp_table_size. Default is 16777216 (16M) - maximum: 1073741824 - minimum: 1048576 - type: integer - net_buffer_length: - description: Start sizes of connection buffer and result buffer. - Default is 16384 (16K). Changing this parameter will lead - to a restart of the MySQL service. - maximum: 1048576 - minimum: 1024 - type: integer - net_read_timeout: - description: The number of seconds to wait for more data from - a connection before aborting the read. - maximum: 3600 - minimum: 1 - type: integer - net_write_timeout: - description: The number of seconds to wait for a block to - be written to a connection before aborting the write. - maximum: 3600 - minimum: 1 - type: integer - slow_query_log: - description: Slow query log enables capturing of slow queries. - Setting slow_query_log to false also truncates the mysql.slow_log - table. Default is off - type: boolean - sort_buffer_size: - description: Sort buffer size in bytes for ORDER BY optimization. - Default is 262144 (256K) - maximum: 1073741824 - minimum: 32768 - type: integer - sql_mode: - description: Global SQL mode. Set to empty to use MySQL server - defaults. When creating a new service and not setting this - field Aiven default SQL mode (strict, SQL standard compliant) - will be assigned. - maxLength: 1024 - pattern: ^[A-Z_]*(,[A-Z_]+)*$ - type: string - sql_require_primary_key: - description: Require primary key to be defined for new tables - or old tables modified with ALTER TABLE and fail if missing. - It is recommended to always have primary keys because various - functionality may break if any large table is missing them. - type: boolean - tmp_table_size: - description: Limits the size of internal in-memory tables. - Also set max_heap_table_size. Default is 16777216 (16M) - maximum: 1073741824 - minimum: 1048576 - type: integer - wait_timeout: - description: The number of seconds the server waits for activity - on a noninteractive connection before closing it. - maximum: 2147483 - minimum: 1 - type: integer + - integrationType + - sourceServiceName type: object - mysql_version: - description: MySQL major version - enum: - - "8" - type: string - private_access: - description: Allow access to selected service ports from private - networks - properties: - mysql: - description: Allow clients to connect to mysql with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - mysqlx: - description: Allow clients to connect to mysqlx with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - mysql: - description: Enable mysql - type: boolean - mysqlx: - description: Enable mysqlx - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - mysql: - description: Allow clients to connect to mysql from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - mysqlx: - description: Allow clients to connect to mysqlx from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_target_time: - description: Recovery target time when forking a service. This - has effect only when a new service is being created. - maxLength: 32 + tags: + additionalProperties: type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: MySQL specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + admin_password: + description: + Custom password for admin user. Defaults to random + string. This must be set only when a new service is being created. + maxLength: 256 + minLength: 8 + pattern: ^[a-zA-Z0-9-_]+$ type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + admin_username: + description: + Custom username for admin user. This must be set + only when a new service is being created. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + backup_hour: + description: + The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + backup_minute: + description: + The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + binlog_retention_period: + description: + The minimum amount of time in seconds to keep binlog + entries before deletion. This may be extended for services that + require binlog entries for longer than the default for example + if using the MySQL Debezium Kafka connector. + maximum: 86400 + minimum: 600 + type: integer + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server + properties: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: + Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: + Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: + The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) + enum: + - dump + - replication + type: string + password: + description: + Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: + Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: + The server where to migrate data from is secured + with SSL + type: boolean + username: + description: + User name for authentication with the server + where to migrate data from + maxLength: 256 + type: string + required: + - host + - port + type: object + mysql: + description: mysql.conf configuration values + properties: + connect_timeout: + description: + The number of seconds that the mysqld server + waits for a connect packet before responding with Bad handshake + maximum: 3600 + minimum: 2 + type: integer + default_time_zone: + description: + Default server time zone as an offset from UTC + (from -12:00 to +12:00), a time zone name, or 'SYSTEM' to + use the MySQL server default. + maxLength: 100 + minLength: 2 + type: string + group_concat_max_len: + description: + The maximum permitted result length in bytes + for the GROUP_CONCAT() function. + minimum: 4 + type: integer + information_schema_stats_expiry: + description: + The time, in seconds, before cached statistics + expire + maximum: 31536000 + minimum: 900 + type: integer + innodb_change_buffer_max_size: + description: + Maximum size for the InnoDB change buffer, as + a percentage of the total size of the buffer pool. Default + is 25 + maximum: 50 + minimum: 0 + type: integer + innodb_flush_neighbors: + description: + "Specifies whether flushing a page from the InnoDB + buffer pool also flushes other dirty pages in the same extent + (default is 1): 0 - dirty pages in the same extent are not + flushed, 1 - flush contiguous dirty pages in the same extent, 2 + - flush dirty pages in the same extent" + maximum: 2 + minimum: 0 + type: integer + innodb_ft_min_token_size: + description: + Minimum length of words that are stored in an + InnoDB FULLTEXT index. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 16 + minimum: 0 + type: integer + innodb_ft_server_stopword_table: + description: + This option is used to specify your own InnoDB + FULLTEXT index stopword list for all InnoDB tables. + maxLength: 1024 + pattern: ^.+/.+$ + type: string + innodb_lock_wait_timeout: + description: + The length of time in seconds an InnoDB transaction + waits for a row lock before giving up. Default is 120. + maximum: 3600 + minimum: 1 + type: integer + innodb_log_buffer_size: + description: + The size in bytes of the buffer that InnoDB uses + to write to the log files on disk. + maximum: 4294967295 + minimum: 1048576 + type: integer + innodb_online_alter_log_max_size: + description: + The upper limit in bytes on the size of the temporary + log files used during online DDL operations for InnoDB tables. + maximum: 1099511627776 + minimum: 65536 + type: integer + innodb_print_all_deadlocks: + description: + When enabled, information about all deadlocks + in InnoDB user transactions is recorded in the error log. + Disabled by default. + type: boolean + innodb_read_io_threads: + description: + The number of I/O threads for read operations + in InnoDB. Default is 4. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 64 + minimum: 1 + type: integer + innodb_rollback_on_timeout: + description: + When enabled a transaction timeout causes InnoDB + to abort and roll back the entire transaction. Changing + this parameter will lead to a restart of the MySQL service. + type: boolean + innodb_thread_concurrency: + description: + Defines the maximum number of threads permitted + inside of InnoDB. Default is 0 (infinite concurrency - no + limit) + maximum: 1000 + minimum: 0 + type: integer + innodb_write_io_threads: + description: + The number of I/O threads for write operations + in InnoDB. Default is 4. Changing this parameter will lead + to a restart of the MySQL service. + maximum: 64 + minimum: 1 + type: integer + interactive_timeout: + description: + The number of seconds the server waits for activity + on an interactive connection before closing it. + maximum: 604800 + minimum: 30 + type: integer + internal_tmp_mem_storage_engine: + description: + The storage engine for in-memory internal temporary + tables. + enum: + - TempTable + - MEMORY + type: string + long_query_time: + description: + The slow_query_logs work as SQL statements that + take more than long_query_time seconds to execute. Default + is 10s + maximum: 3600 + minimum: 0 + type: number + max_allowed_packet: + description: + Size of the largest message in bytes that can + be received by the server. Default is 67108864 (64M) + maximum: 1073741824 + minimum: 102400 + type: integer + max_heap_table_size: + description: + Limits the size of internal in-memory tables. + Also set tmp_table_size. Default is 16777216 (16M) + maximum: 1073741824 + minimum: 1048576 + type: integer + net_buffer_length: + description: + Start sizes of connection buffer and result buffer. + Default is 16384 (16K). Changing this parameter will lead + to a restart of the MySQL service. + maximum: 1048576 + minimum: 1024 + type: integer + net_read_timeout: + description: + The number of seconds to wait for more data from + a connection before aborting the read. + maximum: 3600 + minimum: 1 + type: integer + net_write_timeout: + description: + The number of seconds to wait for a block to + be written to a connection before aborting the write. + maximum: 3600 + minimum: 1 + type: integer + slow_query_log: + description: + Slow query log enables capturing of slow queries. + Setting slow_query_log to false also truncates the mysql.slow_log + table. Default is off + type: boolean + sort_buffer_size: + description: + Sort buffer size in bytes for ORDER BY optimization. + Default is 262144 (256K) + maximum: 1073741824 + minimum: 32768 + type: integer + sql_mode: + description: + Global SQL mode. Set to empty to use MySQL server + defaults. When creating a new service and not setting this + field Aiven default SQL mode (strict, SQL standard compliant) + will be assigned. + maxLength: 1024 + pattern: ^[A-Z_]*(,[A-Z_]+)*$ + type: string + sql_require_primary_key: + description: + Require primary key to be defined for new tables + or old tables modified with ALTER TABLE and fail if missing. + It is recommended to always have primary keys because various + functionality may break if any large table is missing them. + type: boolean + tmp_table_size: + description: + Limits the size of internal in-memory tables. + Also set max_heap_table_size. Default is 16777216 (16M) + maximum: 1073741824 + minimum: 1048576 + type: integer + wait_timeout: + description: + The number of seconds the server waits for activity + on a noninteractive connection before closing it. + maximum: 2147483 + minimum: 1 + type: integer + type: object + mysql_version: + description: MySQL major version enum: - - "True" - - "False" - - Unknown + - "8" type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + private_access: + description: + Allow access to selected service ports from private + networks + properties: + mysql: + description: + Allow clients to connect to mysql with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + mysqlx: + description: + Allow clients to connect to mysqlx with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + mysql: + description: Enable mysql + type: boolean + mysqlx: + description: Enable mysqlx + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + mysql: + description: + Allow clients to connect to mysql from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + mysqlx: + description: + Allow clients to connect to mysqlx from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_target_time: + description: + Recovery target time when forking a service. This + has effect only when a new service is being created. + maxLength: 32 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_opensearches.yaml b/config/crd/bases/aiven.io_opensearches.yaml index 7fa9b0ac..8a403e83 100644 --- a/config/crd/bases/aiven.io_opensearches.yaml +++ b/config/crd/bases/aiven.io_opensearches.yaml @@ -15,946 +15,1048 @@ spec: singular: opensearch scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: OpenSearch is the Schema for the opensearches API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: OpenSearchSpec defines the desired state of OpenSearch - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`' - properties: - annotations: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: OpenSearch is the Schema for the opensearches API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: OpenSearchSpec defines the desired state of OpenSearch + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`" properties: - integrationType: - enum: - - read_replica + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - integrationType - - sourceServiceName + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: OpenSearch specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 type: string - maxItems: 1 - type: array - custom_domain: - description: Serve the web frontend using a custom CNAME pointing - to the Aiven DNS name - maxLength: 255 + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + properties: + integrationType: + enum: + - read_replica + type: string + sourceServiceName: + maxLength: 64 + minLength: 1 + type: string + required: + - integrationType + - sourceServiceName + type: object + maxItems: 1 + type: array + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + tags: + additionalProperties: type: string - disable_replication_factor_adjustment: - description: 'DEPRECATED: Disable automatic replication factor - adjustment for multi-node services. By default, Aiven ensures - all indexes are replicated at least to two nodes. Note: Due - to potential data loss in case of losing a service node, this - setting can no longer be activated.' - type: boolean - index_patterns: - description: Index patterns - items: - description: 'Allows you to create glob style patterns and set - a max number of indexes matching this pattern you want to - keep. Creating indexes exceeding this value will cause the - oldest one to get deleted. You could for example create a - pattern looking like ''logs.?'' and then create index logs.1, - logs.2 etc, it will delete logs.1 once you create logs.6. - Do note ''logs.?'' does not apply to logs.10. Note: Setting - max_index_count to 0 will do nothing and the pattern gets - ignored.' + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: OpenSearch specific user configuration options + properties: + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + custom_domain: + description: + Serve the web frontend using a custom CNAME pointing + to the Aiven DNS name + maxLength: 255 + type: string + disable_replication_factor_adjustment: + description: + "DEPRECATED: Disable automatic replication factor + adjustment for multi-node services. By default, Aiven ensures + all indexes are replicated at least to two nodes. Note: Due + to potential data loss in case of losing a service node, this + setting can no longer be activated." + type: boolean + index_patterns: + description: Index patterns + items: + description: + "Allows you to create glob style patterns and set + a max number of indexes matching this pattern you want to + keep. Creating indexes exceeding this value will cause the + oldest one to get deleted. You could for example create a + pattern looking like 'logs.?' and then create index logs.1, + logs.2 etc, it will delete logs.1 once you create logs.6. + Do note 'logs.?' does not apply to logs.10. Note: Setting + max_index_count to 0 will do nothing and the pattern gets + ignored." + properties: + max_index_count: + description: Maximum number of indexes to keep + minimum: 0 + type: integer + pattern: + description: fnmatch pattern + maxLength: 1024 + pattern: ^[A-Za-z0-9-_.*?]+$ + type: string + sorting_algorithm: + description: Deletion sorting algorithm + enum: + - alphabetical + - creation_date + type: string + required: + - max_index_count + - pattern + type: object + maxItems: 512 + type: array + index_template: + description: Template settings for all new indexes properties: - max_index_count: - description: Maximum number of indexes to keep + mapping_nested_objects_limit: + description: + The maximum number of nested JSON objects that + a single document can contain across all nested types. This + limit helps to prevent out of memory errors when a document + contains too many nested objects. Default is 10000. + maximum: 100000 + minimum: 0 + type: integer + number_of_replicas: + description: The number of replicas each primary shard has. + maximum: 29 minimum: 0 type: integer - pattern: - description: fnmatch pattern + number_of_shards: + description: + The number of primary shards that an index should + have. + maximum: 1024 + minimum: 1 + type: integer + type: object + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + keep_index_refresh_interval: + description: + Aiven automation resets index.refresh_interval to + default value for every index to be sure that indices are always + visible to search. If it doesn't fit your case, you can disable + this by setting up this flag to true. + type: boolean + max_index_count: + description: "DEPRECATED: use index_patterns instead" + minimum: 0 + type: integer + openid: + description: OpenSearch OpenID Connect Configuration + properties: + client_id: + description: + The ID of the OpenID Connect client configured + in your IdP. Required. + maxLength: 1024 + minLength: 1 + type: string + client_secret: + description: + The client secret of the OpenID Connect client + configured in your IdP. Required. + maxLength: 1024 + minLength: 1 + type: string + connect_url: + description: + The URL of your IdP where the Security plugin + can find the OpenID Connect metadata/configuration settings. + maxLength: 2048 + type: string + enabled: + description: + Enables or disables OpenID Connect authentication + for OpenSearch. When enabled, users can authenticate using + OpenID Connect with an Identity Provider. + type: boolean + header: + description: + HTTP header name of the JWT token. Optional. + Default is Authorization. + maxLength: 1024 + minLength: 1 + type: string + jwt_header: + description: + "The HTTP header that stores the token. Typically + the Authorization header with the Bearer schema: Authorization: + Bearer . Optional. Default is Authorization." + maxLength: 1024 + minLength: 1 + type: string + jwt_url_parameter: + description: + If the token is not transmitted in the HTTP header, + but as an URL parameter, define the name of the parameter + here. Optional. + maxLength: 1024 + minLength: 1 + type: string + refresh_rate_limit_count: + description: + The maximum number of unknown key IDs in the + time frame. Default is 10. Optional. + minimum: 10 + type: integer + refresh_rate_limit_time_window_ms: + description: + The time frame to use when checking the maximum + number of unknown key IDs, in milliseconds. Optional.Default + is 10000 (10 seconds). + minimum: 10000 + type: integer + roles_key: + description: + The key in the JSON payload that stores the user’s + roles. The value of this key must be a comma-separated list + of roles. Required only if you want to use roles in the + JWT + maxLength: 1024 + minLength: 1 + type: string + scope: + description: + The scope of the identity token issued by the + IdP. Optional. Default is openid profile email address phone. maxLength: 1024 - pattern: ^[A-Za-z0-9-_.*?]+$ + minLength: 1 type: string - sorting_algorithm: - description: Deletion sorting algorithm - enum: - - alphabetical - - creation_date + subject_key: + description: + The key in the JSON payload that stores the user’s + name. If not defined, the subject registered claim is used. + Most IdP providers use the preferred_username claim. Optional. + maxLength: 1024 + minLength: 1 type: string required: - - max_index_count - - pattern + - client_id + - client_secret + - connect_url + - enabled type: object - maxItems: 512 - type: array - index_template: - description: Template settings for all new indexes - properties: - mapping_nested_objects_limit: - description: The maximum number of nested JSON objects that - a single document can contain across all nested types. This - limit helps to prevent out of memory errors when a document - contains too many nested objects. Default is 10000. - maximum: 100000 - minimum: 0 - type: integer - number_of_replicas: - description: The number of replicas each primary shard has. - maximum: 29 - minimum: 0 - type: integer - number_of_shards: - description: The number of primary shards that an index should - have. - maximum: 1024 - minimum: 1 - type: integer - type: object - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field + opensearch: + description: OpenSearch settings properties: - description: - description: Description for IP filter list entry + action_auto_create_index_enabled: + description: + Explicitly allow or block automatic creation + of indices. Defaults to true + type: boolean + action_destructive_requires_name: + description: Require explicit index names when deleting + type: boolean + auth_failure_listeners: + description: Opensearch Security Plugin Settings + properties: + internal_authentication_backend_limiting: + properties: + allowed_tries: + description: + The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 0 + type: integer + authentication_backend: + description: internal_authentication_backend_limiting.authentication_backend + enum: + - internal + maxLength: 1024 + type: string + block_expiry_seconds: + description: + The duration of time that login remains + blocked after a failed login + maximum: 2147483647 + minimum: 0 + type: integer + max_blocked_clients: + description: internal_authentication_backend_limiting.max_blocked_clients + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: + The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: + The window of time in which the value + for `allowed_tries` is enforced + maximum: 2147483647 + minimum: 0 + type: integer + type: + description: internal_authentication_backend_limiting.type + enum: + - username + maxLength: 1024 + type: string + type: object + ip_rate_limiting: + description: IP address rate limiting settings + properties: + allowed_tries: + description: + The number of login attempts allowed + before login is blocked + maximum: 2147483647 + minimum: 1 + type: integer + block_expiry_seconds: + description: + The duration of time that login remains + blocked after a failed login + maximum: 36000 + minimum: 1 + type: integer + max_blocked_clients: + description: The maximum number of blocked IP addresses + maximum: 2147483647 + minimum: 0 + type: integer + max_tracked_clients: + description: + The maximum number of tracked IP addresses + that have failed login + maximum: 2147483647 + minimum: 0 + type: integer + time_window_seconds: + description: + The window of time in which the value + for `allowed_tries` is enforced + maximum: 36000 + minimum: 1 + type: integer + type: + description: The type of rate limiting + enum: + - ip + maxLength: 1024 + type: string + type: object + type: object + cluster_max_shards_per_node: + description: + Controls the number of shards allowed in the + cluster per data node + maximum: 10000 + minimum: 100 + type: integer + cluster_routing_allocation_node_concurrent_recoveries: + description: + How many concurrent incoming/outgoing shard recoveries + (normally replicas) are allowed to happen on a node. Defaults + to 2. + maximum: 16 + minimum: 2 + type: integer + email_sender_name: + description: + Sender name placeholder to be used in Opensearch + Dashboards and Opensearch keystore + maxLength: 40 + pattern: ^[a-zA-Z0-9-_]+$ + type: string + email_sender_password: + description: + Sender password for Opensearch alerts to authenticate + with SMTP server + maxLength: 1024 + pattern: ^[^\x00-\x1F]+$ + type: string + email_sender_username: + description: Sender username for Opensearch alerts + maxLength: 320 + pattern: ^[^\x00-\x1F]+$ + type: string + enable_security_audit: + description: Enable/Disable security audit + type: boolean + http_max_content_length: + description: + Maximum content length for HTTP requests to the + OpenSearch HTTP API, in bytes. + maximum: 2147483647 + minimum: 1 + type: integer + http_max_header_size: + description: The max size of allowed headers, in bytes + maximum: 262144 + minimum: 1024 + type: integer + http_max_initial_line_length: + description: The max length of an HTTP URL, in bytes + maximum: 65536 + minimum: 1024 + type: integer + indices_fielddata_cache_size: + description: + Relative amount. Maximum amount of heap memory + used for field data cache. This is an expert setting; decreasing + the value too much will increase overhead of loading field + data; too much memory used for field data cache will decrease + amount of heap available for other operations. + maximum: 100 + minimum: 3 + type: integer + indices_memory_index_buffer_size: + description: + Percentage value. Default is 10%. Total amount + of heap used for indexing buffer, before writing segments + to disk. This is an expert setting. Too low value will slow + down indexing; too high value will increase indexing performance + but causes performance issues for query performance. + maximum: 40 + minimum: 3 + type: integer + indices_memory_max_index_buffer_size: + description: + Absolute value. Default is unbound. Doesn't work + without indices.memory.index_buffer_size. Maximum amount + of heap used for query cache, an absolute indices.memory.index_buffer_size + maximum hard limit. + maximum: 2048 + minimum: 3 + type: integer + indices_memory_min_index_buffer_size: + description: + Absolute value. Default is 48mb. Doesn't work + without indices.memory.index_buffer_size. Minimum amount + of heap used for query cache, an absolute indices.memory.index_buffer_size + minimal hard limit. + maximum: 2048 + minimum: 3 + type: integer + indices_queries_cache_size: + description: + Percentage value. Default is 10%. Maximum amount + of heap used for query cache. This is an expert setting. + Too low value will decrease query performance and increase + performance for other operations; too high value will cause + issues with other OpenSearch functionality. + maximum: 40 + minimum: 3 + type: integer + indices_query_bool_max_clause_count: + description: + Maximum number of clauses Lucene BooleanQuery + can have. The default value (1024) is relatively high, and + increasing it may cause performance issues. Investigate + other approaches first before increasing this value. + maximum: 4096 + minimum: 64 + type: integer + indices_recovery_max_bytes_per_sec: + description: + Limits total inbound and outbound recovery traffic + for each node. Applies to both peer recoveries as well as + snapshot recoveries (i.e., restores from a snapshot). Defaults + to 40mb + maximum: 400 + minimum: 40 + type: integer + indices_recovery_max_concurrent_file_chunks: + description: + Number of file chunks sent in parallel for each + recovery. Defaults to 2. + maximum: 5 + minimum: 2 + type: integer + ism_enabled: + description: Specifies whether ISM is enabled or not + type: boolean + ism_history_enabled: + description: + Specifies whether audit history is enabled or + not. The logs from ISM are automatically indexed to a logs + document. + type: boolean + ism_history_max_age: + description: + The maximum age before rolling over the audit + history index in hours + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_max_docs: + description: + The maximum number of documents before rolling + over the audit history index. + minimum: 1 + type: integer + ism_history_rollover_check_period: + description: + The time between rollover checks for the audit + history index in hours. + maximum: 2147483647 + minimum: 1 + type: integer + ism_history_rollover_retention_period: + description: How long audit history indices are kept in days. + maximum: 2147483647 + minimum: 1 + type: integer + override_main_response_version: + description: + Compatibility mode sets OpenSearch to report + its version as 7.10 so clients continue to work. Default + is false + type: boolean + reindex_remote_whitelist: + description: + Whitelisted addresses for reindexing. Changing + this value will cause all OpenSearch instances to restart. + items: + type: string + maxItems: 32 + type: array + script_max_compilations_rate: + description: + Script compilation circuit breaker limits the + number of inline script compilations within a period of + time. Default is use-context + maxLength: 1024 + type: string + search_max_buckets: + description: + Maximum number of aggregation buckets allowed + in a single response. OpenSearch default value is used when + this is not defined. + maximum: 1000000 + minimum: 1 + type: integer + thread_pool_analyze_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_analyze_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_force_merge_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_get_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_get_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_search_throttled_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_search_throttled_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + thread_pool_write_queue_size: + description: + Size for the thread pool queue. See documentation + for exact details. + maximum: 2000 + minimum: 10 + type: integer + thread_pool_write_size: + description: + Size for the thread pool. See documentation for + exact details. Do note this may have maximum value depending + on CPU count - value is automatically lowered if set to + higher than maximum value. + maximum: 128 + minimum: 1 + type: integer + type: object + opensearch_dashboards: + description: OpenSearch Dashboards settings + properties: + enabled: + description: Enable or disable OpenSearch Dashboards + type: boolean + max_old_space_size: + description: + "Limits the maximum amount of memory (in MiB) + the OpenSearch Dashboards process can use. This sets the + max_old_space_size option of the nodejs running the OpenSearch + Dashboards. Note: the memory reserved by OpenSearch Dashboards + is not available for OpenSearch." + maximum: 2048 + minimum: 64 + type: integer + opensearch_request_timeout: + description: + Timeout in milliseconds for requests made by + OpenSearch Dashboards towards OpenSearch + maximum: 120000 + minimum: 5000 + type: integer + type: object + opensearch_version: + description: OpenSearch major version + enum: + - "1" + - "2" + type: string + private_access: + description: + Allow access to selected service ports from private + networks + properties: + opensearch: + description: + Allow clients to connect to opensearch with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + opensearch_dashboards: + description: + Allow clients to connect to opensearch_dashboards + with a DNS name that always resolves to the service's private + IP addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + opensearch: + description: Enable opensearch + type: boolean + opensearch_dashboards: + description: Enable opensearch_dashboards + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + opensearch: + description: + Allow clients to connect to opensearch from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + opensearch_dashboards: + description: + Allow clients to connect to opensearch_dashboards + from the public internet for service nodes that are in a + project VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ + type: string + saml: + description: OpenSearch SAML configuration + properties: + enabled: + description: + Enables or disables SAML-based authentication + for OpenSearch. When enabled, users can authenticate using + SAML with an Identity Provider. + type: boolean + idp_entity_id: + description: + The unique identifier for the Identity Provider + (IdP) entity that is used for SAML authentication. This + value is typically provided by the IdP. maxLength: 1024 + minLength: 1 type: string - network: - description: CIDR address block - maxLength: 43 + idp_metadata_url: + description: + The URL of the SAML metadata for the Identity + Provider (IdP). This is used to configure SAML-based authentication + with the IdP. + maxLength: 2048 + minLength: 1 + type: string + idp_pemtrustedcas_content: + description: + This parameter specifies the PEM-encoded root + certificate authority (CA) content for the SAML identity + provider (IdP) server verification. The root CA content + is used to verify the SSL/TLS certificate presented by the + server. + maxLength: 16384 + type: string + roles_key: + description: + Optional. Specifies the attribute in the SAML + response where role information is stored, if available. + Role attributes are not required for SAML authentication, + but can be included in SAML assertions by most Identity + Providers (IdPs) to determine user access levels or permissions. + maxLength: 256 + minLength: 1 + type: string + sp_entity_id: + description: + The unique identifier for the Service Provider + (SP) entity that is used for SAML authentication. This value + is typically provided by the SP. + maxLength: 1024 + minLength: 1 + type: string + subject_key: + description: + Optional. Specifies the attribute in the SAML + response where the subject identifier is stored. If not + configured, the NameID attribute is used by default. + maxLength: 256 + minLength: 1 type: string required: - - network + - enabled + - idp_entity_id + - idp_metadata_url + - sp_entity_id type: object - maxItems: 1024 - type: array - keep_index_refresh_interval: - description: Aiven automation resets index.refresh_interval to - default value for every index to be sure that indices are always - visible to search. If it doesn't fit your case, you can disable - this by setting up this flag to true. - type: boolean - max_index_count: - description: 'DEPRECATED: use index_patterns instead' - minimum: 0 - type: integer - openid: - description: OpenSearch OpenID Connect Configuration - properties: - client_id: - description: The ID of the OpenID Connect client configured - in your IdP. Required. - maxLength: 1024 - minLength: 1 - type: string - client_secret: - description: The client secret of the OpenID Connect client - configured in your IdP. Required. - maxLength: 1024 - minLength: 1 - type: string - connect_url: - description: The URL of your IdP where the Security plugin - can find the OpenID Connect metadata/configuration settings. - maxLength: 2048 - type: string - enabled: - description: Enables or disables OpenID Connect authentication - for OpenSearch. When enabled, users can authenticate using - OpenID Connect with an Identity Provider. - type: boolean - header: - description: HTTP header name of the JWT token. Optional. - Default is Authorization. - maxLength: 1024 - minLength: 1 - type: string - jwt_header: - description: 'The HTTP header that stores the token. Typically - the Authorization header with the Bearer schema: Authorization: - Bearer . Optional. Default is Authorization.' - maxLength: 1024 - minLength: 1 - type: string - jwt_url_parameter: - description: If the token is not transmitted in the HTTP header, - but as an URL parameter, define the name of the parameter - here. Optional. - maxLength: 1024 - minLength: 1 - type: string - refresh_rate_limit_count: - description: The maximum number of unknown key IDs in the - time frame. Default is 10. Optional. - minimum: 10 - type: integer - refresh_rate_limit_time_window_ms: - description: The time frame to use when checking the maximum - number of unknown key IDs, in milliseconds. Optional.Default - is 10000 (10 seconds). - minimum: 10000 - type: integer - roles_key: - description: The key in the JSON payload that stores the user’s - roles. The value of this key must be a comma-separated list - of roles. Required only if you want to use roles in the - JWT - maxLength: 1024 - minLength: 1 - type: string - scope: - description: The scope of the identity token issued by the - IdP. Optional. Default is openid profile email address phone. - maxLength: 1024 - minLength: 1 - type: string - subject_key: - description: The key in the JSON payload that stores the user’s - name. If not defined, the subject registered claim is used. - Most IdP providers use the preferred_username claim. Optional. - maxLength: 1024 - minLength: 1 - type: string - required: - - client_id - - client_secret - - connect_url - - enabled - type: object - opensearch: - description: OpenSearch settings + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean + type: object + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - action_auto_create_index_enabled: - description: Explicitly allow or block automatic creation - of indices. Defaults to true - type: boolean - action_destructive_requires_name: - description: Require explicit index names when deleting - type: boolean - auth_failure_listeners: - description: Opensearch Security Plugin Settings - properties: - internal_authentication_backend_limiting: - properties: - allowed_tries: - description: The number of login attempts allowed - before login is blocked - maximum: 2147483647 - minimum: 0 - type: integer - authentication_backend: - description: internal_authentication_backend_limiting.authentication_backend - enum: - - internal - maxLength: 1024 - type: string - block_expiry_seconds: - description: The duration of time that login remains - blocked after a failed login - maximum: 2147483647 - minimum: 0 - type: integer - max_blocked_clients: - description: internal_authentication_backend_limiting.max_blocked_clients - maximum: 2147483647 - minimum: 0 - type: integer - max_tracked_clients: - description: The maximum number of tracked IP addresses - that have failed login - maximum: 2147483647 - minimum: 0 - type: integer - time_window_seconds: - description: The window of time in which the value - for `allowed_tries` is enforced - maximum: 2147483647 - minimum: 0 - type: integer - type: - description: internal_authentication_backend_limiting.type - enum: - - username - maxLength: 1024 - type: string - type: object - ip_rate_limiting: - description: IP address rate limiting settings - properties: - allowed_tries: - description: The number of login attempts allowed - before login is blocked - maximum: 2147483647 - minimum: 1 - type: integer - block_expiry_seconds: - description: The duration of time that login remains - blocked after a failed login - maximum: 36000 - minimum: 1 - type: integer - max_blocked_clients: - description: The maximum number of blocked IP addresses - maximum: 2147483647 - minimum: 0 - type: integer - max_tracked_clients: - description: The maximum number of tracked IP addresses - that have failed login - maximum: 2147483647 - minimum: 0 - type: integer - time_window_seconds: - description: The window of time in which the value - for `allowed_tries` is enforced - maximum: 36000 - minimum: 1 - type: integer - type: - description: The type of rate limiting - enum: - - ip - maxLength: 1024 - type: string - type: object - type: object - cluster_max_shards_per_node: - description: Controls the number of shards allowed in the - cluster per data node - maximum: 10000 - minimum: 100 - type: integer - cluster_routing_allocation_node_concurrent_recoveries: - description: How many concurrent incoming/outgoing shard recoveries - (normally replicas) are allowed to happen on a node. Defaults - to 2. - maximum: 16 - minimum: 2 - type: integer - email_sender_name: - description: Sender name placeholder to be used in Opensearch - Dashboards and Opensearch keystore - maxLength: 40 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - email_sender_password: - description: Sender password for Opensearch alerts to authenticate - with SMTP server - maxLength: 1024 - pattern: ^[^\x00-\x1F]+$ - type: string - email_sender_username: - description: Sender username for Opensearch alerts - maxLength: 320 - pattern: ^[^\x00-\x1F]+$ + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - enable_security_audit: - description: Enable/Disable security audit - type: boolean - http_max_content_length: - description: Maximum content length for HTTP requests to the - OpenSearch HTTP API, in bytes. - maximum: 2147483647 - minimum: 1 - type: integer - http_max_header_size: - description: The max size of allowed headers, in bytes - maximum: 262144 - minimum: 1024 - type: integer - http_max_initial_line_length: - description: The max length of an HTTP URL, in bytes - maximum: 65536 - minimum: 1024 - type: integer - indices_fielddata_cache_size: - description: Relative amount. Maximum amount of heap memory - used for field data cache. This is an expert setting; decreasing - the value too much will increase overhead of loading field - data; too much memory used for field data cache will decrease - amount of heap available for other operations. - maximum: 100 - minimum: 3 - type: integer - indices_memory_index_buffer_size: - description: Percentage value. Default is 10%. Total amount - of heap used for indexing buffer, before writing segments - to disk. This is an expert setting. Too low value will slow - down indexing; too high value will increase indexing performance - but causes performance issues for query performance. - maximum: 40 - minimum: 3 - type: integer - indices_memory_max_index_buffer_size: - description: Absolute value. Default is unbound. Doesn't work - without indices.memory.index_buffer_size. Maximum amount - of heap used for query cache, an absolute indices.memory.index_buffer_size - maximum hard limit. - maximum: 2048 - minimum: 3 - type: integer - indices_memory_min_index_buffer_size: - description: Absolute value. Default is 48mb. Doesn't work - without indices.memory.index_buffer_size. Minimum amount - of heap used for query cache, an absolute indices.memory.index_buffer_size - minimal hard limit. - maximum: 2048 - minimum: 3 - type: integer - indices_queries_cache_size: - description: Percentage value. Default is 10%. Maximum amount - of heap used for query cache. This is an expert setting. - Too low value will decrease query performance and increase - performance for other operations; too high value will cause - issues with other OpenSearch functionality. - maximum: 40 - minimum: 3 - type: integer - indices_query_bool_max_clause_count: - description: Maximum number of clauses Lucene BooleanQuery - can have. The default value (1024) is relatively high, and - increasing it may cause performance issues. Investigate - other approaches first before increasing this value. - maximum: 4096 - minimum: 64 - type: integer - indices_recovery_max_bytes_per_sec: - description: Limits total inbound and outbound recovery traffic - for each node. Applies to both peer recoveries as well as - snapshot recoveries (i.e., restores from a snapshot). Defaults - to 40mb - maximum: 400 - minimum: 40 - type: integer - indices_recovery_max_concurrent_file_chunks: - description: Number of file chunks sent in parallel for each - recovery. Defaults to 2. - maximum: 5 - minimum: 2 - type: integer - ism_enabled: - description: Specifies whether ISM is enabled or not - type: boolean - ism_history_enabled: - description: Specifies whether audit history is enabled or - not. The logs from ISM are automatically indexed to a logs - document. - type: boolean - ism_history_max_age: - description: The maximum age before rolling over the audit - history index in hours - maximum: 2147483647 - minimum: 1 - type: integer - ism_history_max_docs: - description: The maximum number of documents before rolling - over the audit history index. - minimum: 1 - type: integer - ism_history_rollover_check_period: - description: The time between rollover checks for the audit - history index in hours. - maximum: 2147483647 - minimum: 1 - type: integer - ism_history_rollover_retention_period: - description: How long audit history indices are kept in days. - maximum: 2147483647 - minimum: 1 - type: integer - override_main_response_version: - description: Compatibility mode sets OpenSearch to report - its version as 7.10 so clients continue to work. Default - is false - type: boolean - reindex_remote_whitelist: - description: Whitelisted addresses for reindexing. Changing - this value will cause all OpenSearch instances to restart. - items: - type: string - maxItems: 32 - type: array - script_max_compilations_rate: - description: Script compilation circuit breaker limits the - number of inline script compilations within a period of - time. Default is use-context - maxLength: 1024 + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - search_max_buckets: - description: Maximum number of aggregation buckets allowed - in a single response. OpenSearch default value is used when - this is not defined. - maximum: 1000000 - minimum: 1 - type: integer - thread_pool_analyze_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_analyze_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_force_merge_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_get_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_get_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_search_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_search_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_search_throttled_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_search_throttled_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - thread_pool_write_queue_size: - description: Size for the thread pool queue. See documentation - for exact details. - maximum: 2000 - minimum: 10 - type: integer - thread_pool_write_size: - description: Size for the thread pool. See documentation for - exact details. Do note this may have maximum value depending - on CPU count - value is automatically lowered if set to - higher than maximum value. - maximum: 128 - minimum: 1 - type: integer - type: object - opensearch_dashboards: - description: OpenSearch Dashboards settings - properties: - enabled: - description: Enable or disable OpenSearch Dashboards - type: boolean - max_old_space_size: - description: 'Limits the maximum amount of memory (in MiB) - the OpenSearch Dashboards process can use. This sets the - max_old_space_size option of the nodejs running the OpenSearch - Dashboards. Note: the memory reserved by OpenSearch Dashboards - is not available for OpenSearch.' - maximum: 2048 - minimum: 64 - type: integer - opensearch_request_timeout: - description: Timeout in milliseconds for requests made by - OpenSearch Dashboards towards OpenSearch - maximum: 120000 - minimum: 5000 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 type: integer - type: object - opensearch_version: - description: OpenSearch major version - enum: - - "1" - - "2" - type: string - private_access: - description: Allow access to selected service ports from private - networks - properties: - opensearch: - description: Allow clients to connect to opensearch with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - opensearch_dashboards: - description: Allow clients to connect to opensearch_dashboards - with a DNS name that always resolves to the service's private - IP addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - opensearch: - description: Enable opensearch - type: boolean - opensearch_dashboards: - description: Enable opensearch_dashboards - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - opensearch: - description: Allow clients to connect to opensearch from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - opensearch_dashboards: - description: Allow clients to connect to opensearch_dashboards - from the public internet for service nodes that are in a - project VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ - type: string - saml: - description: OpenSearch SAML configuration - properties: - enabled: - description: Enables or disables SAML-based authentication - for OpenSearch. When enabled, users can authenticate using - SAML with an Identity Provider. - type: boolean - idp_entity_id: - description: The unique identifier for the Identity Provider - (IdP) entity that is used for SAML authentication. This - value is typically provided by the IdP. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - idp_metadata_url: - description: The URL of the SAML metadata for the Identity - Provider (IdP). This is used to configure SAML-based authentication - with the IdP. - maxLength: 2048 - minLength: 1 - type: string - idp_pemtrustedcas_content: - description: This parameter specifies the PEM-encoded root - certificate authority (CA) content for the SAML identity - provider (IdP) server verification. The root CA content - is used to verify the SSL/TLS certificate presented by the - server. - maxLength: 16384 - type: string - roles_key: - description: Optional. Specifies the attribute in the SAML - response where role information is stored, if available. - Role attributes are not required for SAML authentication, - but can be included in SAML assertions by most Identity - Providers (IdPs) to determine user access levels or permissions. - maxLength: 256 - minLength: 1 - type: string - sp_entity_id: - description: The unique identifier for the Service Provider - (SP) entity that is used for SAML authentication. This value - is typically provided by the SP. - maxLength: 1024 - minLength: 1 + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown type: string - subject_key: - description: Optional. Specifies the attribute in the SAML - response where the subject identifier is stored. If not - configured, the NameID attribute is used by default. - maxLength: 256 - minLength: 1 + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - enabled - - idp_entity_id - - idp_metadata_url - - sp_entity_id + - lastTransitionTime + - message + - reason + - status + - type type: object - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_postgresqls.yaml b/config/crd/bases/aiven.io_postgresqls.yaml index d22d4d69..75804c65 100644 --- a/config/crd/bases/aiven.io_postgresqls.yaml +++ b/config/crd/bases/aiven.io_postgresqls.yaml @@ -15,951 +15,1056 @@ spec: singular: postgresql scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Region - type: string - - jsonPath: .spec.plan - name: Plan - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: PostgreSQL is the Schema for the postgresql API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: PostgreSQLSpec defines the desired state of postgres instance - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `POSTGRESQL_HOST`, `POSTGRESQL_PORT`, `POSTGRESQL_DATABASE`, `POSTGRESQL_USER`, - `POSTGRESQL_PASSWORD`, `POSTGRESQL_SSLMODE`, `POSTGRESQL_DATABASE_URI`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Region + type: string + - jsonPath: .spec.plan + name: Plan + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: PostgreSQL is the Schema for the postgresql API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: PostgreSQLSpec defines the desired state of postgres instance + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - integrationType: - enum: - - read_replica + key: + minLength: 1 type: string - sourceServiceName: - maxLength: 64 + name: minLength: 1 type: string required: - - integrationType - - sourceServiceName + - key + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + cloudName: + description: Cloud the service runs in. + maxLength: 256 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: PostgreSQL specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `POSTGRESQL_HOST`, `POSTGRESQL_PORT`, `POSTGRESQL_DATABASE`, `POSTGRESQL_USER`, + `POSTGRESQL_PASSWORD`, `POSTGRESQL_SSLMODE`, `POSTGRESQL_DATABASE_URI`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - maxItems: 1 - type: array - admin_password: - description: Custom password for admin user. Defaults to random - string. This must be set only when a new service is being created. - maxLength: 256 - minLength: 8 - pattern: ^[a-zA-Z0-9-_]+$ - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - admin_username: - description: Custom username for admin user. This must be set - only when a new service is being created. - maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - x-kubernetes-validations: + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + type: string + required: + - name + type: object + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 + type: string + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - backup_hour: - description: The hour of day (in UTC) when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 23 - minimum: 0 - type: integer - backup_minute: - description: The minute of an hour when backup for the service - is started. New backup is only started if previous backup has - already completed. - maximum: 59 - minimum: 0 - type: integer - enable_ipv6: - description: Register AAAA DNS records for the service, and allow - IPv6 packets to service ports - type: boolean - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server - properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) - enum: - - dump - - replication - type: string - password: - description: Password for authentication with the server where - to migrate data from - maxLength: 256 - type: string - port: - description: Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: The server where to migrate data from is secured - with SSL - type: boolean - username: - description: User name for authentication with the server - where to migrate data from - maxLength: 256 - type: string - required: - - host - - port - type: object - pg: - description: postgresql.conf configuration values + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 + type: string + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - autovacuum_analyze_scale_factor: - description: Specifies a fraction of the table size to add - to autovacuum_analyze_threshold when deciding whether to - trigger an ANALYZE. The default is 0.2 (20% of table size) - maximum: 1 - minimum: 0 - type: number - autovacuum_analyze_threshold: - description: Specifies the minimum number of inserted, updated - or deleted tuples needed to trigger an ANALYZE in any one - table. The default is 50 tuples. - maximum: 2147483647 - minimum: 0 - type: integer - autovacuum_freeze_max_age: - description: Specifies the maximum age (in transactions) that - a table's pg_class.relfrozenxid field can attain before - a VACUUM operation is forced to prevent transaction ID wraparound - within the table. Note that the system will launch autovacuum - processes to prevent wraparound even when autovacuum is - otherwise disabled. This parameter will cause the server - to be restarted. - maximum: 1500000000 - minimum: 200000000 - type: integer - autovacuum_max_workers: - description: Specifies the maximum number of autovacuum processes - (other than the autovacuum launcher) that may be running - at any one time. The default is three. This parameter can - only be set at server start. - maximum: 20 - minimum: 1 - type: integer - autovacuum_naptime: - description: Specifies the minimum delay between autovacuum - runs on any given database. The delay is measured in seconds, - and the default is one minute - maximum: 86400 - minimum: 1 - type: integer - autovacuum_vacuum_cost_delay: - description: Specifies the cost delay value that will be used - in automatic VACUUM operations. If -1 is specified, the - regular vacuum_cost_delay value will be used. The default - value is 20 milliseconds - maximum: 100 - minimum: -1 - type: integer - autovacuum_vacuum_cost_limit: - description: Specifies the cost limit value that will be used - in automatic VACUUM operations. If -1 is specified (which - is the default), the regular vacuum_cost_limit value will - be used. - maximum: 10000 - minimum: -1 - type: integer - autovacuum_vacuum_scale_factor: - description: Specifies a fraction of the table size to add - to autovacuum_vacuum_threshold when deciding whether to - trigger a VACUUM. The default is 0.2 (20% of table size) - maximum: 1 - minimum: 0 - type: number - autovacuum_vacuum_threshold: - description: Specifies the minimum number of updated or deleted - tuples needed to trigger a VACUUM in any one table. The - default is 50 tuples - maximum: 2147483647 - minimum: 0 - type: integer - bgwriter_delay: - description: Specifies the delay between activity rounds for - the background writer in milliseconds. Default is 200. - maximum: 10000 - minimum: 10 - type: integer - bgwriter_flush_after: - description: Whenever more than bgwriter_flush_after bytes - have been written by the background writer, attempt to force - the OS to issue these writes to the underlying storage. - Specified in kilobytes, default is 512. Setting of 0 disables - forced writeback. - maximum: 2048 - minimum: 0 - type: integer - bgwriter_lru_maxpages: - description: In each round, no more than this many buffers - will be written by the background writer. Setting this to - zero disables background writing. Default is 100. - maximum: 1073741823 - minimum: 0 - type: integer - bgwriter_lru_multiplier: - description: The average recent need for new buffers is multiplied - by bgwriter_lru_multiplier to arrive at an estimate of the - number that will be needed during the next round, (up to - bgwriter_lru_maxpages). 1.0 represents a “just in time” - policy of writing exactly the number of buffers predicted - to be needed. Larger values provide some cushion against - spikes in demand, while smaller values intentionally leave - writes to be done by server processes. The default is 2.0. - maximum: 10 - minimum: 0 - type: number - deadlock_timeout: - description: This is the amount of time, in milliseconds, - to wait on a lock before checking to see if there is a deadlock - condition. - maximum: 1800000 - minimum: 500 - type: integer - default_toast_compression: - description: Specifies the default TOAST compression method - for values of compressible columns (the default is lz4). - enum: - - lz4 - - pglz - type: string - idle_in_transaction_session_timeout: - description: Time out sessions with open transactions after - this number of milliseconds - maximum: 604800000 - minimum: 0 - type: integer - jit: - description: Controls system-wide use of Just-in-Time Compilation - (JIT). - type: boolean - log_autovacuum_min_duration: - description: Causes each action executed by autovacuum to - be logged if it ran for at least the specified number of - milliseconds. Setting this to zero logs all autovacuum actions. - Minus-one (the default) disables logging autovacuum actions. - maximum: 2147483647 - minimum: -1 - type: integer - log_error_verbosity: - description: Controls the amount of detail written in the - server log for each message that is logged. - enum: - - TERSE - - DEFAULT - - VERBOSE - type: string - log_line_prefix: - description: Choose from one of the available log-formats. - These can support popular log analyzers like pgbadger, pganalyze - etc. + integrationType: enum: - - '''pid=%p,user=%u,db=%d,app=%a,client=%h ''' - - '''%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h ''' - - '''%m [%p] %q[user=%u,db=%d,app=%a] ''' + - read_replica type: string - log_min_duration_statement: - description: Log statements that take more than this number - of milliseconds to run, -1 disables - maximum: 86400000 - minimum: -1 - type: integer - log_temp_files: - description: Log statements for each temporary file created - larger than this number of kilobytes, -1 disables - maximum: 2147483647 - minimum: -1 - type: integer - max_files_per_process: - description: PostgreSQL maximum number of files that can be - open per process - maximum: 4096 - minimum: 1000 - type: integer - max_locks_per_transaction: - description: PostgreSQL maximum locks per transaction - maximum: 6400 - minimum: 64 - type: integer - max_logical_replication_workers: - description: PostgreSQL maximum logical replication workers - (taken from the pool of max_parallel_workers) - maximum: 64 - minimum: 4 - type: integer - max_parallel_workers: - description: Sets the maximum number of workers that the system - can support for parallel queries - maximum: 96 - minimum: 0 - type: integer - max_parallel_workers_per_gather: - description: Sets the maximum number of workers that can be - started by a single Gather or Gather Merge node - maximum: 96 - minimum: 0 - type: integer - max_pred_locks_per_transaction: - description: PostgreSQL maximum predicate locks per transaction - maximum: 5120 - minimum: 64 - type: integer - max_prepared_transactions: - description: PostgreSQL maximum prepared transactions - maximum: 10000 - minimum: 0 - type: integer - max_replication_slots: - description: PostgreSQL maximum replication slots - maximum: 64 - minimum: 8 - type: integer - max_slot_wal_keep_size: - description: PostgreSQL maximum WAL size (MB) reserved for - replication slots. Default is -1 (unlimited). wal_keep_size - minimum WAL size setting takes precedence over this. - maximum: 2147483647 - minimum: -1 - type: integer - max_stack_depth: - description: Maximum depth of the stack in bytes - maximum: 6291456 - minimum: 2097152 - type: integer - max_standby_archive_delay: - description: Max standby archive delay in milliseconds - maximum: 43200000 - minimum: 1 - type: integer - max_standby_streaming_delay: - description: Max standby streaming delay in milliseconds - maximum: 43200000 - minimum: 1 - type: integer - max_wal_senders: - description: PostgreSQL maximum WAL senders - maximum: 64 - minimum: 20 - type: integer - max_worker_processes: - description: Sets the maximum number of background processes - that the system can support - maximum: 96 - minimum: 8 - type: integer - pg_partman_bgw.interval: - description: Sets the time interval to run pg_partman's scheduled - tasks - maximum: 604800 - minimum: 3600 - type: integer - pg_partman_bgw.role: - description: Controls which role to use for pg_partman's scheduled - background tasks. + sourceServiceName: maxLength: 64 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ - type: string - pg_stat_monitor.pgsm_enable_query_plan: - description: Enables or disables query plan monitoring - type: boolean - pg_stat_monitor.pgsm_max_buckets: - description: Sets the maximum number of buckets - maximum: 10 - minimum: 1 - type: integer - pg_stat_statements.track: - description: Controls which statements are counted. Specify - top to track top-level statements (those issued directly - by clients), all to also track nested statements (such as - statements invoked within functions), or none to disable - statement statistics collection. The default value is top. - enum: - - all - - top - - none - type: string - temp_file_limit: - description: PostgreSQL temporary file limit in KiB, -1 for - unlimited - maximum: 2147483647 - minimum: -1 - type: integer - timezone: - description: PostgreSQL service timezone - maxLength: 64 - type: string - track_activity_query_size: - description: Specifies the number of bytes reserved to track - the currently executing command for each active session. - maximum: 10240 - minimum: 1024 - type: integer - track_commit_timestamp: - description: Record commit time of transactions. - enum: - - "off" - - "on" - type: string - track_functions: - description: Enables tracking of function call counts and - time used. - enum: - - all - - pl - - none - type: string - track_io_timing: - description: Enables timing of database I/O calls. This parameter - is off by default, because it will repeatedly query the - operating system for the current time, which may cause significant - overhead on some platforms. - enum: - - "off" - - "on" - type: string - wal_sender_timeout: - description: Terminate replication connections that are inactive - for longer than this amount of time, in milliseconds. Setting - this value to zero disables the timeout. - type: integer - wal_writer_delay: - description: WAL flush interval in milliseconds. Note that - setting this value to lower than the default 200ms may negatively - impact performance - maximum: 200 - minimum: 10 - type: integer - type: object - pg_qualstats: - description: Deprecated. System-wide settings for the pg_qualstats - extension - properties: - enabled: - description: Deprecated. Enable / Disable pg_qualstats - type: boolean - min_err_estimate_num: - description: Deprecated. Error estimation num threshold to - save quals - minimum: 0 - type: integer - min_err_estimate_ratio: - description: Deprecated. Error estimation ratio threshold - to save quals - minimum: 0 - type: integer - track_constants: - description: Deprecated. Enable / Disable pg_qualstats constants - tracking - type: boolean - track_pg_catalog: - description: Deprecated. Track quals on system catalogs too. - type: boolean - type: object - pg_read_replica: - description: Should the service which is being forked be a read - replica (deprecated, use read_replica service integration instead). - type: boolean - pg_service_to_fork_from: - description: Name of the PG Service from which to fork (deprecated, - use service_to_fork_from). This has effect only when a new service - is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - pg_stat_monitor_enable: - description: Enable the pg_stat_monitor extension. Enabling this - extension will cause the cluster to be restarted.When this extension - is enabled, pg_stat_statements results for utility commands - are unreliable - type: boolean - pg_version: - description: PostgreSQL major version - enum: - - "11" - - "12" - - "13" - - "14" - - "15" - type: string - pgbouncer: - description: PGBouncer connection pooling settings - properties: - autodb_idle_timeout: - description: If the automatically created database pools have - been unused this many seconds, they are freed. If 0 then - timeout is disabled. [seconds] - maximum: 86400 - minimum: 0 - type: integer - autodb_max_db_connections: - description: Do not allow more than this many server connections - per database (regardless of user). Setting it to 0 means - unlimited. - maximum: 2147483647 - minimum: 0 - type: integer - autodb_pool_mode: - description: PGBouncer pool mode - enum: - - session - - transaction - - statement + minLength: 1 type: string - autodb_pool_size: - description: If non-zero then create automatically a pool - of that size per user when a pool doesn't exist. - maximum: 10000 - minimum: 0 - type: integer - ignore_startup_parameters: - description: List of parameters to ignore when given in startup - packet - items: - type: string - maxItems: 32 - type: array - min_pool_size: - description: Add more server connections to pool if below - this number. Improves behavior when usual load comes suddenly - back after period of total inactivity. The value is effectively - capped at the pool size. - maximum: 10000 - minimum: 0 - type: integer - server_idle_timeout: - description: If a server connection has been idle more than - this many seconds it will be dropped. If 0 then timeout - is disabled. [seconds] - maximum: 86400 - minimum: 0 - type: integer - server_lifetime: - description: The pooler will close an unused server connection - that has been connected longer than this. [seconds] - maximum: 86400 - minimum: 60 - type: integer - server_reset_query_always: - description: Run server_reset_query (DISCARD ALL) in all pooling - modes - type: boolean - type: object - pglookout: - description: System-wide settings for pglookout. - properties: - max_failover_replication_time_lag: - description: Number of seconds of master unavailability before - triggering database failover to standby - minimum: 10 - type: integer - type: object - private_access: - description: Allow access to selected service ports from private - networks - properties: - pg: - description: Allow clients to connect to pg with a DNS name - that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - pgbouncer: - description: Allow clients to connect to pgbouncer with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - pg: - description: Enable pg - type: boolean - pgbouncer: - description: Enable pgbouncer - type: boolean - prometheus: - description: Enable prometheus - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - pg: - description: Allow clients to connect to pg from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - pgbouncer: - description: Allow clients to connect to pgbouncer from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean + required: + - integrationType + - sourceServiceName type: object - recovery_target_time: - description: Recovery target time when forking a service. This - has effect only when a new service is being created. - maxLength: 32 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 + tags: + additionalProperties: type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - shared_buffers_percentage: - description: Percentage of total RAM that the database server - uses for shared memory buffers. Valid range is 20-60 (float), - which corresponds to 20% - 60%. This setting adjusts the shared_buffers - configuration value. - maximum: 60 - minimum: 20 - type: number - static_ips: - description: Use static public IP addresses - type: boolean - synchronous_replication: - description: Synchronous replication type. Note that the service - plan also needs to support synchronous replication. - enum: - - quorum - - "off" - type: string - timescaledb: - description: System-wide settings for the timescaledb extension - properties: - max_background_workers: - description: The number of background workers for timescaledb - operations. You should configure this setting to the sum - of your number of databases and the total number of concurrent - background workers you want running at any given point in - time. - maximum: 4096 - minimum: 1 - type: integer - type: object - variant: - description: Variant of the PostgreSQL service, may affect the - features that are exposed by default - enum: - - aiven - - timescale - type: string - work_mem: - description: Sets the maximum amount of memory to be used by a - query operation (such as a sort or hash table) before writing - to temporary disk files, in MB. Default is 1MB + 0.075% of total - RAM (up to 32MB). - maximum: 1024 - minimum: 1 - type: integer - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: PostgreSQL specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + admin_password: + description: + Custom password for admin user. Defaults to random + string. This must be set only when a new service is being created. + maxLength: 256 + minLength: 8 + pattern: ^[a-zA-Z0-9-_]+$ type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + admin_username: + description: + Custom username for admin user. This must be set + only when a new service is being created. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + backup_hour: + description: + The hour of day (in UTC) when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 23 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + backup_minute: + description: + The minute of an hour when backup for the service + is started. New backup is only started if previous backup has + already completed. + maximum: 59 + minimum: 0 + type: integer + enable_ipv6: + description: + Register AAAA DNS records for the service, and allow + IPv6 packets to service ports + type: boolean + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server + properties: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: + Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: + Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: + The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) + enum: + - dump + - replication + type: string + password: + description: + Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: + Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: + The server where to migrate data from is secured + with SSL + type: boolean + username: + description: + User name for authentication with the server + where to migrate data from + maxLength: 256 + type: string + required: + - host + - port + type: object + pg: + description: postgresql.conf configuration values + properties: + autovacuum_analyze_scale_factor: + description: + Specifies a fraction of the table size to add + to autovacuum_analyze_threshold when deciding whether to + trigger an ANALYZE. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_analyze_threshold: + description: + Specifies the minimum number of inserted, updated + or deleted tuples needed to trigger an ANALYZE in any one + table. The default is 50 tuples. + maximum: 2147483647 + minimum: 0 + type: integer + autovacuum_freeze_max_age: + description: + Specifies the maximum age (in transactions) that + a table's pg_class.relfrozenxid field can attain before + a VACUUM operation is forced to prevent transaction ID wraparound + within the table. Note that the system will launch autovacuum + processes to prevent wraparound even when autovacuum is + otherwise disabled. This parameter will cause the server + to be restarted. + maximum: 1500000000 + minimum: 200000000 + type: integer + autovacuum_max_workers: + description: + Specifies the maximum number of autovacuum processes + (other than the autovacuum launcher) that may be running + at any one time. The default is three. This parameter can + only be set at server start. + maximum: 20 + minimum: 1 + type: integer + autovacuum_naptime: + description: + Specifies the minimum delay between autovacuum + runs on any given database. The delay is measured in seconds, + and the default is one minute + maximum: 86400 + minimum: 1 + type: integer + autovacuum_vacuum_cost_delay: + description: + Specifies the cost delay value that will be used + in automatic VACUUM operations. If -1 is specified, the + regular vacuum_cost_delay value will be used. The default + value is 20 milliseconds + maximum: 100 + minimum: -1 + type: integer + autovacuum_vacuum_cost_limit: + description: + Specifies the cost limit value that will be used + in automatic VACUUM operations. If -1 is specified (which + is the default), the regular vacuum_cost_limit value will + be used. + maximum: 10000 + minimum: -1 + type: integer + autovacuum_vacuum_scale_factor: + description: + Specifies a fraction of the table size to add + to autovacuum_vacuum_threshold when deciding whether to + trigger a VACUUM. The default is 0.2 (20% of table size) + maximum: 1 + minimum: 0 + type: number + autovacuum_vacuum_threshold: + description: + Specifies the minimum number of updated or deleted + tuples needed to trigger a VACUUM in any one table. The + default is 50 tuples + maximum: 2147483647 + minimum: 0 + type: integer + bgwriter_delay: + description: + Specifies the delay between activity rounds for + the background writer in milliseconds. Default is 200. + maximum: 10000 + minimum: 10 + type: integer + bgwriter_flush_after: + description: + Whenever more than bgwriter_flush_after bytes + have been written by the background writer, attempt to force + the OS to issue these writes to the underlying storage. + Specified in kilobytes, default is 512. Setting of 0 disables + forced writeback. + maximum: 2048 + minimum: 0 + type: integer + bgwriter_lru_maxpages: + description: + In each round, no more than this many buffers + will be written by the background writer. Setting this to + zero disables background writing. Default is 100. + maximum: 1073741823 + minimum: 0 + type: integer + bgwriter_lru_multiplier: + description: + The average recent need for new buffers is multiplied + by bgwriter_lru_multiplier to arrive at an estimate of the + number that will be needed during the next round, (up to + bgwriter_lru_maxpages). 1.0 represents a “just in time” + policy of writing exactly the number of buffers predicted + to be needed. Larger values provide some cushion against + spikes in demand, while smaller values intentionally leave + writes to be done by server processes. The default is 2.0. + maximum: 10 + minimum: 0 + type: number + deadlock_timeout: + description: + This is the amount of time, in milliseconds, + to wait on a lock before checking to see if there is a deadlock + condition. + maximum: 1800000 + minimum: 500 + type: integer + default_toast_compression: + description: + Specifies the default TOAST compression method + for values of compressible columns (the default is lz4). + enum: + - lz4 + - pglz + type: string + idle_in_transaction_session_timeout: + description: + Time out sessions with open transactions after + this number of milliseconds + maximum: 604800000 + minimum: 0 + type: integer + jit: + description: + Controls system-wide use of Just-in-Time Compilation + (JIT). + type: boolean + log_autovacuum_min_duration: + description: + Causes each action executed by autovacuum to + be logged if it ran for at least the specified number of + milliseconds. Setting this to zero logs all autovacuum actions. + Minus-one (the default) disables logging autovacuum actions. + maximum: 2147483647 + minimum: -1 + type: integer + log_error_verbosity: + description: + Controls the amount of detail written in the + server log for each message that is logged. + enum: + - TERSE + - DEFAULT + - VERBOSE + type: string + log_line_prefix: + description: + Choose from one of the available log-formats. + These can support popular log analyzers like pgbadger, pganalyze + etc. + enum: + - "'pid=%p,user=%u,db=%d,app=%a,client=%h '" + - "'%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h '" + - "'%m [%p] %q[user=%u,db=%d,app=%a] '" + type: string + log_min_duration_statement: + description: + Log statements that take more than this number + of milliseconds to run, -1 disables + maximum: 86400000 + minimum: -1 + type: integer + log_temp_files: + description: + Log statements for each temporary file created + larger than this number of kilobytes, -1 disables + maximum: 2147483647 + minimum: -1 + type: integer + max_files_per_process: + description: + PostgreSQL maximum number of files that can be + open per process + maximum: 4096 + minimum: 1000 + type: integer + max_locks_per_transaction: + description: PostgreSQL maximum locks per transaction + maximum: 6400 + minimum: 64 + type: integer + max_logical_replication_workers: + description: + PostgreSQL maximum logical replication workers + (taken from the pool of max_parallel_workers) + maximum: 64 + minimum: 4 + type: integer + max_parallel_workers: + description: + Sets the maximum number of workers that the system + can support for parallel queries + maximum: 96 + minimum: 0 + type: integer + max_parallel_workers_per_gather: + description: + Sets the maximum number of workers that can be + started by a single Gather or Gather Merge node + maximum: 96 + minimum: 0 + type: integer + max_pred_locks_per_transaction: + description: PostgreSQL maximum predicate locks per transaction + maximum: 5120 + minimum: 64 + type: integer + max_prepared_transactions: + description: PostgreSQL maximum prepared transactions + maximum: 10000 + minimum: 0 + type: integer + max_replication_slots: + description: PostgreSQL maximum replication slots + maximum: 64 + minimum: 8 + type: integer + max_slot_wal_keep_size: + description: + PostgreSQL maximum WAL size (MB) reserved for + replication slots. Default is -1 (unlimited). wal_keep_size + minimum WAL size setting takes precedence over this. + maximum: 2147483647 + minimum: -1 + type: integer + max_stack_depth: + description: Maximum depth of the stack in bytes + maximum: 6291456 + minimum: 2097152 + type: integer + max_standby_archive_delay: + description: Max standby archive delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_standby_streaming_delay: + description: Max standby streaming delay in milliseconds + maximum: 43200000 + minimum: 1 + type: integer + max_wal_senders: + description: PostgreSQL maximum WAL senders + maximum: 64 + minimum: 20 + type: integer + max_worker_processes: + description: + Sets the maximum number of background processes + that the system can support + maximum: 96 + minimum: 8 + type: integer + pg_partman_bgw.interval: + description: + Sets the time interval to run pg_partman's scheduled + tasks + maximum: 604800 + minimum: 3600 + type: integer + pg_partman_bgw.role: + description: + Controls which role to use for pg_partman's scheduled + background tasks. + maxLength: 64 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ + type: string + pg_stat_monitor.pgsm_enable_query_plan: + description: Enables or disables query plan monitoring + type: boolean + pg_stat_monitor.pgsm_max_buckets: + description: Sets the maximum number of buckets + maximum: 10 + minimum: 1 + type: integer + pg_stat_statements.track: + description: + Controls which statements are counted. Specify + top to track top-level statements (those issued directly + by clients), all to also track nested statements (such as + statements invoked within functions), or none to disable + statement statistics collection. The default value is top. + enum: + - all + - top + - none + type: string + temp_file_limit: + description: + PostgreSQL temporary file limit in KiB, -1 for + unlimited + maximum: 2147483647 + minimum: -1 + type: integer + timezone: + description: PostgreSQL service timezone + maxLength: 64 + type: string + track_activity_query_size: + description: + Specifies the number of bytes reserved to track + the currently executing command for each active session. + maximum: 10240 + minimum: 1024 + type: integer + track_commit_timestamp: + description: Record commit time of transactions. + enum: + - "off" + - "on" + type: string + track_functions: + description: + Enables tracking of function call counts and + time used. + enum: + - all + - pl + - none + type: string + track_io_timing: + description: + Enables timing of database I/O calls. This parameter + is off by default, because it will repeatedly query the + operating system for the current time, which may cause significant + overhead on some platforms. + enum: + - "off" + - "on" + type: string + wal_sender_timeout: + description: + Terminate replication connections that are inactive + for longer than this amount of time, in milliseconds. Setting + this value to zero disables the timeout. + type: integer + wal_writer_delay: + description: + WAL flush interval in milliseconds. Note that + setting this value to lower than the default 200ms may negatively + impact performance + maximum: 200 + minimum: 10 + type: integer + type: object + pg_qualstats: + description: + Deprecated. System-wide settings for the pg_qualstats + extension + properties: + enabled: + description: Deprecated. Enable / Disable pg_qualstats + type: boolean + min_err_estimate_num: + description: + Deprecated. Error estimation num threshold to + save quals + minimum: 0 + type: integer + min_err_estimate_ratio: + description: + Deprecated. Error estimation ratio threshold + to save quals + minimum: 0 + type: integer + track_constants: + description: + Deprecated. Enable / Disable pg_qualstats constants + tracking + type: boolean + track_pg_catalog: + description: Deprecated. Track quals on system catalogs too. + type: boolean + type: object + pg_read_replica: + description: + Should the service which is being forked be a read + replica (deprecated, use read_replica service integration instead). + type: boolean + pg_service_to_fork_from: + description: + Name of the PG Service from which to fork (deprecated, + use service_to_fork_from). This has effect only when a new service + is being created. + maxLength: 64 type: string - status: - description: status of the condition, one of True, False, Unknown. + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + pg_stat_monitor_enable: + description: + Enable the pg_stat_monitor extension. Enabling this + extension will cause the cluster to be restarted.When this extension + is enabled, pg_stat_statements results for utility commands + are unreliable + type: boolean + pg_version: + description: PostgreSQL major version enum: - - "True" - - "False" - - Unknown + - "11" + - "12" + - "13" + - "14" + - "15" type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + pgbouncer: + description: PGBouncer connection pooling settings + properties: + autodb_idle_timeout: + description: + If the automatically created database pools have + been unused this many seconds, they are freed. If 0 then + timeout is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + autodb_max_db_connections: + description: + Do not allow more than this many server connections + per database (regardless of user). Setting it to 0 means + unlimited. + maximum: 2147483647 + minimum: 0 + type: integer + autodb_pool_mode: + description: PGBouncer pool mode + enum: + - session + - transaction + - statement + type: string + autodb_pool_size: + description: + If non-zero then create automatically a pool + of that size per user when a pool doesn't exist. + maximum: 10000 + minimum: 0 + type: integer + ignore_startup_parameters: + description: + List of parameters to ignore when given in startup + packet + items: + type: string + maxItems: 32 + type: array + min_pool_size: + description: + Add more server connections to pool if below + this number. Improves behavior when usual load comes suddenly + back after period of total inactivity. The value is effectively + capped at the pool size. + maximum: 10000 + minimum: 0 + type: integer + server_idle_timeout: + description: + If a server connection has been idle more than + this many seconds it will be dropped. If 0 then timeout + is disabled. [seconds] + maximum: 86400 + minimum: 0 + type: integer + server_lifetime: + description: + The pooler will close an unused server connection + that has been connected longer than this. [seconds] + maximum: 86400 + minimum: 60 + type: integer + server_reset_query_always: + description: + Run server_reset_query (DISCARD ALL) in all pooling + modes + type: boolean + type: object + pglookout: + description: System-wide settings for pglookout. + properties: + max_failover_replication_time_lag: + description: + Number of seconds of master unavailability before + triggering database failover to standby + minimum: 10 + type: integer + type: object + private_access: + description: + Allow access to selected service ports from private + networks + properties: + pg: + description: + Allow clients to connect to pg with a DNS name + that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + pgbouncer: + description: + Allow clients to connect to pgbouncer with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + pg: + description: Enable pg + type: boolean + pgbouncer: + description: Enable pgbouncer + type: boolean + prometheus: + description: Enable prometheus + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + pg: + description: + Allow clients to connect to pg from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + pgbouncer: + description: + Allow clients to connect to pgbouncer from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + type: object + recovery_target_time: + description: + Recovery target time when forking a service. This + has effect only when a new service is being created. + maxLength: 32 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + shared_buffers_percentage: + description: + Percentage of total RAM that the database server + uses for shared memory buffers. Valid range is 20-60 (float), + which corresponds to 20% - 60%. This setting adjusts the shared_buffers + configuration value. + maximum: 60 + minimum: 20 + type: number + static_ips: + description: Use static public IP addresses + type: boolean + synchronous_replication: + description: + Synchronous replication type. Note that the service + plan also needs to support synchronous replication. + enum: + - quorum + - "off" + type: string + timescaledb: + description: System-wide settings for the timescaledb extension + properties: + max_background_workers: + description: + The number of background workers for timescaledb + operations. You should configure this setting to the sum + of your number of databases and the total number of concurrent + background workers you want running at any given point in + time. + maximum: 4096 + minimum: 1 + type: integer + type: object + variant: + description: + Variant of the PostgreSQL service, may affect the + features that are exposed by default + enum: + - aiven + - timescale + type: string + work_mem: + description: + Sets the maximum amount of memory to be used by a + query operation (such as a sort or hash table) before writing + to temporary disk files, in MB. Default is 1MB + 0.075% of total + RAM (up to 32MB). + maximum: 1024 + minimum: 1 + type: integer type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_projects.yaml b/config/crd/bases/aiven.io_projects.yaml index 0bf1f9fc..5256e9c1 100644 --- a/config/crd/bases/aiven.io_projects.yaml +++ b/config/crd/bases/aiven.io_projects.yaml @@ -15,229 +15,244 @@ spec: singular: project scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Project is the Schema for the projects API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ProjectSpec defines the desired state of Project - properties: - accountId: - description: Account ID - maxLength: 32 - type: string - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - billingAddress: - description: Billing name and address of the project - maxLength: 1000 - type: string - billingCurrency: - description: Billing currency - enum: - - AUD - - CAD - - CHF - - DKK - - EUR - - GBP - - NOK - - SEK - - USD - type: string - billingEmails: - description: Billing contact emails of the project - items: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Project is the Schema for the projects API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ProjectSpec defines the desired state of Project + properties: + accountId: + description: Account ID + maxLength: 32 type: string - maxItems: 10 - type: array - billingExtraText: - description: Extra text to be included in all project invoices, e.g. - purchase order or cost center number - maxLength: 1000 - type: string - billingGroupId: - description: BillingGroup ID - maxLength: 36 - minLength: 36 - type: string - cardId: - description: Credit card ID; The ID may be either last 4 digits of - the card or the actual ID - maxLength: 64 - type: string - cloud: - description: 'Target cloud, example: aws-eu-central-1' - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `PROJECT_CA_CERT`' - properties: - annotations: - additionalProperties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. + required: + - key + - name + type: object + billingAddress: + description: Billing name and address of the project + maxLength: 1000 + type: string + billingCurrency: + description: Billing currency + enum: + - AUD + - CAD + - CHF + - DKK + - EUR + - GBP + - NOK + - SEK + - USD + type: string + billingEmails: + description: Billing contact emails of the project + items: type: string - required: - - name - type: object - copyFromProject: - description: Project name from which to copy settings to the new project - maxLength: 63 - type: string - countryCode: - description: Billing country code of the project - maxLength: 2 - minLength: 2 - type: string - tags: - additionalProperties: + maxItems: 10 + type: array + billingExtraText: + description: + Extra text to be included in all project invoices, e.g. + purchase order or cost center number + maxLength: 1000 type: string - description: Tags are key-value pairs that allow you to categorize - projects - type: object - technicalEmails: - description: Technical contact emails of the project - items: + billingGroupId: + description: BillingGroup ID + maxLength: 36 + minLength: 36 type: string - maxItems: 10 - type: array - type: object - status: - description: ProjectStatus defines the observed state of Project - properties: - availableCredits: - description: Available credirs - type: string - conditions: - description: Conditions represent the latest available observations - of an Project state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + cardId: + description: + Credit card ID; The ID may be either last 4 digits of + the card or the actual ID + maxLength: 64 + type: string + cloud: + description: "Target cloud, example: aws-eu-central-1" + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `PROJECT_CA_CERT`" properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name + type: object + copyFromProject: + description: Project name from which to copy settings to the new project + maxLength: 63 + type: string + countryCode: + description: Billing country code of the project + maxLength: 2 + minLength: 2 + type: string + tags: + additionalProperties: + type: string + description: + Tags are key-value pairs that allow you to categorize + projects type: object - type: array - country: - description: Country name - type: string - estimatedBalance: - description: Estimated balance - type: string - paymentMethod: - description: Payment method name - type: string - vatId: - description: EU VAT Identification Number - maxLength: 64 - type: string - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + technicalEmails: + description: Technical contact emails of the project + items: + type: string + maxItems: 10 + type: array + type: object + status: + description: ProjectStatus defines the observed state of Project + properties: + availableCredits: + description: Available credirs + type: string + conditions: + description: + Conditions represent the latest available observations + of an Project state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + country: + description: Country name + type: string + estimatedBalance: + description: Estimated balance + type: string + paymentMethod: + description: Payment method name + type: string + vatId: + description: EU VAT Identification Number + maxLength: 64 + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_projectvpcs.yaml b/config/crd/bases/aiven.io_projectvpcs.yaml index 720040e8..f6b08d0a 100644 --- a/config/crd/bases/aiven.io_projectvpcs.yaml +++ b/config/crd/bases/aiven.io_projectvpcs.yaml @@ -15,165 +15,174 @@ spec: singular: projectvpc scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.cloudName - name: Cloud - type: string - - jsonPath: .spec.networkCidr - name: Network CIDR - type: string - - jsonPath: .status.state - name: State - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ProjectVPC is the Schema for the projectvpcs API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ProjectVPCSpec defines the desired state of ProjectVPC - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the VPC is in - maxLength: 256 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - networkCidr: - description: Network address range used by the VPC like 192.168.0.0/24 - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - project: - description: The project the VPC belongs to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - cloudName - - networkCidr - - project - type: object - status: - description: ProjectVPCStatus defines the observed state of ProjectVPC - properties: - conditions: - description: Conditions represent the latest available observations - of an ProjectVPC state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.cloudName + name: Cloud + type: string + - jsonPath: .spec.networkCidr + name: Network CIDR + type: string + - jsonPath: .status.state + name: State + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ProjectVPC is the Schema for the projectvpcs API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ProjectVPCSpec defines the desired state of ProjectVPC + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + key: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + name: + minLength: 1 type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - key + - name type: object - type: array - id: - description: Project VPC id - type: string - state: - description: State of VPC - type: string - required: - - conditions - - id - - state - type: object - type: object - served: true - storage: true - subresources: - status: {} + cloudName: + description: Cloud the VPC is in + maxLength: 256 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + networkCidr: + description: Network address range used by the VPC like 192.168.0.0/24 + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + project: + description: The project the VPC belongs to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - cloudName + - networkCidr + - project + type: object + status: + description: ProjectVPCStatus defines the observed state of ProjectVPC + properties: + conditions: + description: + Conditions represent the latest available observations + of an ProjectVPC state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + id: + description: Project VPC id + type: string + state: + description: State of VPC + type: string + required: + - conditions + - id + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_redis.yaml b/config/crd/bases/aiven.io_redis.yaml index 2b665d1c..bd6c988d 100644 --- a/config/crd/bases/aiven.io_redis.yaml +++ b/config/crd/bases/aiven.io_redis.yaml @@ -15,464 +15,509 @@ spec: singular: redis scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Redis is the Schema for the redis API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RedisSpec defines the desired state of Redis - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - cloudName: - description: Cloud the service runs in. - maxLength: 256 - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `REDIS_HOST`, `REDIS_PORT`, `REDIS_USER`, `REDIS_PASSWORD`' - properties: - annotations: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Redis is the Schema for the redis API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: RedisSpec defines the desired state of Redis + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: + name: + minLength: 1 type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - disk_space: - description: The disk space of the service, possible values depend - on the service type, the cloud provider and the project. Reducing - will result in the service re-balancing. - format: ^[1-9][0-9]*(GiB|G)* - type: string - maintenanceWindowDow: - description: Day of week when maintenance operations should be performed. - One monday, tuesday, wednesday, etc. - enum: - - monday - - tuesday - - wednesday - - thursday - - friday - - saturday - - sunday - type: string - maintenanceWindowTime: - description: Time of day when maintenance operations should be performed. - UTC time in HH:mm:ss format. - maxLength: 8 - type: string - plan: - description: Subscription plan. - maxLength: 128 - type: string - project: - description: Target project. - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - projectVPCRef: - description: ProjectVPCRef reference to ProjectVPC resource to use - its ID as ProjectVPCID automatically - properties: - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - required: - - name - type: object - projectVpcId: - description: Identifier of the VPC the service should be in, if any. - maxLength: 36 - type: string - serviceIntegrations: - description: Service integrations to specify when creating a service. - Not applied after initial service creation - items: - description: Service integrations to specify when creating a service. - Not applied after initial service creation + required: + - key + - name + type: object + cloudName: + description: Cloud the service runs in. + maxLength: 256 + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `REDIS_HOST`, `REDIS_PORT`, `REDIS_USER`, `REDIS_PASSWORD`" properties: - integrationType: - enum: - - read_replica + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - sourceServiceName: - maxLength: 64 - minLength: 1 + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - integrationType - - sourceServiceName + - name type: object - maxItems: 1 - type: array - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - tags: - additionalProperties: + disk_space: + description: + The disk space of the service, possible values depend + on the service type, the cloud provider and the project. Reducing + will result in the service re-balancing. + format: ^[1-9][0-9]*(GiB|G)* + type: string + maintenanceWindowDow: + description: + Day of week when maintenance operations should be performed. + One monday, tuesday, wednesday, etc. + enum: + - monday + - tuesday + - wednesday + - thursday + - friday + - saturday + - sunday + type: string + maintenanceWindowTime: + description: + Time of day when maintenance operations should be performed. + UTC time in HH:mm:ss format. + maxLength: 8 type: string - description: Tags are key-value pairs that allow you to categorize - services. - type: object - terminationProtection: - description: Prevent service from being deleted. It is recommended - to have this enabled for all services. - type: boolean - userConfig: - description: Redis specific user configuration options - properties: - additional_backup_regions: - description: Additional Cloud Regions for Backup Replication - items: + plan: + description: Subscription plan. + maxLength: 128 + type: string + project: + description: Target project. + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + projectVPCRef: + description: + ProjectVPCRef reference to ProjectVPC resource to use + its ID as ProjectVPCID automatically + properties: + name: + minLength: 1 type: string - maxItems: 1 - type: array - ip_filter: - description: Allow incoming connections from CIDR address block, - e.g. '10.20.0.0/16' - items: - description: CIDR address block, either as a string, or in a - dict with an optional description field - properties: - description: - description: Description for IP filter list entry - maxLength: 1024 - type: string - network: - description: CIDR address block - maxLength: 43 - type: string - required: - - network - type: object - maxItems: 1024 - type: array - migration: - description: Migrate data from existing server + namespace: + minLength: 1 + type: string + required: + - name + type: object + projectVpcId: + description: Identifier of the VPC the service should be in, if any. + maxLength: 36 + type: string + serviceIntegrations: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation + items: + description: + Service integrations to specify when creating a service. + Not applied after initial service creation properties: - dbname: - description: Database name for bootstrapping the initial connection - maxLength: 63 - type: string - host: - description: Hostname or IP address of the server where to - migrate data from - maxLength: 255 - type: string - ignore_dbs: - description: Comma-separated list of databases, which should - be ignored during migration (supported by MySQL and PostgreSQL - only at the moment) - maxLength: 2048 - type: string - method: - description: The migration method to be used (currently supported - only by Redis, Dragonfly, MySQL and PostgreSQL service types) + integrationType: enum: - - dump - - replication + - read_replica type: string - password: - description: Password for authentication with the server where - to migrate data from - maxLength: 256 - type: string - port: - description: Port number of the server where to migrate data - from - maximum: 65535 - minimum: 1 - type: integer - ssl: - description: The server where to migrate data from is secured - with SSL - type: boolean - username: - description: User name for authentication with the server - where to migrate data from - maxLength: 256 + sourceServiceName: + maxLength: 64 + minLength: 1 type: string required: - - host - - port + - integrationType + - sourceServiceName type: object - private_access: - description: Allow access to selected service ports from private - networks - properties: - prometheus: - description: Allow clients to connect to prometheus with a - DNS name that always resolves to the service's private IP - addresses. Only available in certain network locations - type: boolean - redis: - description: Allow clients to connect to redis with a DNS - name that always resolves to the service's private IP addresses. - Only available in certain network locations - type: boolean - type: object - privatelink_access: - description: Allow access to selected service components through - Privatelink - properties: - prometheus: - description: Enable prometheus - type: boolean - redis: - description: Enable redis - type: boolean - type: object - project_to_fork_from: - description: Name of another project to fork a service from. This - has effect only when a new service is being created. - maxLength: 63 - type: string - x-kubernetes-validations: + maxItems: 1 + type: array + x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - public_access: - description: Allow access to selected service ports from the public - Internet - properties: - prometheus: - description: Allow clients to connect to prometheus from the - public internet for service nodes that are in a project - VPC or another type of private network - type: boolean - redis: - description: Allow clients to connect to redis from the public - internet for service nodes that are in a project VPC or - another type of private network - type: boolean - type: object - recovery_basebackup_name: - description: Name of the basebackup to restore in forked service - maxLength: 128 - pattern: ^[a-zA-Z0-9-_:.]+$ + tags: + additionalProperties: type: string - redis_acl_channels_default: - description: Determines default pub/sub channels' ACL for new - users if ACL is not supplied. When this option is not defined, - all_channels is assumed to keep backward compatibility. This - option doesn't affect Redis configuration acl-pubsub-default. - enum: - - allchannels - - resetchannels - type: string - redis_io_threads: - description: Set Redis IO thread count. Changing this will cause - a restart of the Redis service. - maximum: 32 - minimum: 1 - type: integer - redis_lfu_decay_time: - description: LFU maxmemory-policy counter decay time in minutes - maximum: 120 - minimum: 1 - type: integer - redis_lfu_log_factor: - description: Counter logarithm factor for volatile-lfu and allkeys-lfu - maxmemory-policies - maximum: 100 - minimum: 0 - type: integer - redis_maxmemory_policy: - description: Redis maxmemory-policy - enum: - - noeviction - - allkeys-lru - - volatile-lru - - allkeys-random - - volatile-random - - volatile-ttl - - volatile-lfu - - allkeys-lfu - type: string - redis_notify_keyspace_events: - description: Set notify-keyspace-events option - maxLength: 32 - pattern: ^[KEg\$lshzxeA]*$ - type: string - redis_number_of_databases: - description: Set number of Redis databases. Changing this will - cause a restart of the Redis service. - maximum: 128 - minimum: 1 - type: integer - redis_persistence: - description: When persistence is 'rdb', Redis does RDB dumps each - 10 minutes if any key is changed. Also RDB dumps are done according - to backup schedule for backup purposes. When persistence is - 'off', no RDB dumps and backups are done, so data can be lost - at any moment if service is restarted for any reason, or if - service is powered off. Also service can't be forked. - enum: - - "off" - - rdb - type: string - redis_pubsub_client_output_buffer_limit: - description: Set output buffer limit for pub / sub clients in - MB. The value is the hard limit, the soft limit is 1/4 of the - hard limit. When setting the limit, be mindful of the available - memory in the selected service plan. - maximum: 512 - minimum: 32 - type: integer - redis_ssl: - description: Require SSL to access Redis - type: boolean - redis_timeout: - description: Redis idle connection timeout in seconds - maximum: 31536000 - minimum: 0 - type: integer - service_log: - description: Store logs for the service so that they are available - in the HTTP API and console. - type: boolean - service_to_fork_from: - description: Name of another service to fork from. This has effect - only when a new service is being created. - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - static_ips: - description: Use static public IP addresses - type: boolean - type: object - required: - - plan - - project - type: object - status: - description: ServiceStatus defines the observed state of service - properties: - conditions: - description: Conditions represent the latest available observations - of a service state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: + Tags are key-value pairs that allow you to categorize + services. + type: object + terminationProtection: + description: + Prevent service from being deleted. It is recommended + to have this enabled for all services. + type: boolean + userConfig: + description: Redis specific user configuration options properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + additional_backup_regions: + description: Additional Cloud Regions for Backup Replication + items: + type: string + maxItems: 1 + type: array + ip_filter: + description: + Allow incoming connections from CIDR address block, + e.g. '10.20.0.0/16' + items: + description: + CIDR address block, either as a string, or in a + dict with an optional description field + properties: + description: + description: Description for IP filter list entry + maxLength: 1024 + type: string + network: + description: CIDR address block + maxLength: 43 + type: string + required: + - network + type: object + maxItems: 1024 + type: array + migration: + description: Migrate data from existing server + properties: + dbname: + description: Database name for bootstrapping the initial connection + maxLength: 63 + type: string + host: + description: + Hostname or IP address of the server where to + migrate data from + maxLength: 255 + type: string + ignore_dbs: + description: + Comma-separated list of databases, which should + be ignored during migration (supported by MySQL and PostgreSQL + only at the moment) + maxLength: 2048 + type: string + method: + description: + The migration method to be used (currently supported + only by Redis, Dragonfly, MySQL and PostgreSQL service types) + enum: + - dump + - replication + type: string + password: + description: + Password for authentication with the server where + to migrate data from + maxLength: 256 + type: string + port: + description: + Port number of the server where to migrate data + from + maximum: 65535 + minimum: 1 + type: integer + ssl: + description: + The server where to migrate data from is secured + with SSL + type: boolean + username: + description: + User name for authentication with the server + where to migrate data from + maxLength: 256 + type: string + required: + - host + - port + type: object + private_access: + description: + Allow access to selected service ports from private + networks + properties: + prometheus: + description: + Allow clients to connect to prometheus with a + DNS name that always resolves to the service's private IP + addresses. Only available in certain network locations + type: boolean + redis: + description: + Allow clients to connect to redis with a DNS + name that always resolves to the service's private IP addresses. + Only available in certain network locations + type: boolean + type: object + privatelink_access: + description: + Allow access to selected service components through + Privatelink + properties: + prometheus: + description: Enable prometheus + type: boolean + redis: + description: Enable redis + type: boolean + type: object + project_to_fork_from: + description: + Name of another project to fork a service from. This + has effect only when a new service is being created. + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + public_access: + description: + Allow access to selected service ports from the public + Internet + properties: + prometheus: + description: + Allow clients to connect to prometheus from the + public internet for service nodes that are in a project + VPC or another type of private network + type: boolean + redis: + description: + Allow clients to connect to redis from the public + internet for service nodes that are in a project VPC or + another type of private network + type: boolean + type: object + recovery_basebackup_name: + description: Name of the basebackup to restore in forked service + maxLength: 128 + pattern: ^[a-zA-Z0-9-_:.]+$ type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + redis_acl_channels_default: + description: + Determines default pub/sub channels' ACL for new + users if ACL is not supplied. When this option is not defined, + all_channels is assumed to keep backward compatibility. This + option doesn't affect Redis configuration acl-pubsub-default. + enum: + - allchannels + - resetchannels type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 + redis_io_threads: + description: + Set Redis IO thread count. Changing this will cause + a restart of the Redis service. + maximum: 32 + minimum: 1 + type: integer + redis_lfu_decay_time: + description: LFU maxmemory-policy counter decay time in minutes + maximum: 120 + minimum: 1 + type: integer + redis_lfu_log_factor: + description: + Counter logarithm factor for volatile-lfu and allkeys-lfu + maxmemory-policies + maximum: 100 minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + redis_maxmemory_policy: + description: Redis maxmemory-policy + enum: + - noeviction + - allkeys-lru + - volatile-lru + - allkeys-random + - volatile-random + - volatile-ttl + - volatile-lfu + - allkeys-lfu type: string - status: - description: status of the condition, one of True, False, Unknown. + redis_notify_keyspace_events: + description: Set notify-keyspace-events option + maxLength: 32 + pattern: ^[KEg\$lshzxeA]*$ + type: string + redis_number_of_databases: + description: + Set number of Redis databases. Changing this will + cause a restart of the Redis service. + maximum: 128 + minimum: 1 + type: integer + redis_persistence: + description: + When persistence is 'rdb', Redis does RDB dumps each + 10 minutes if any key is changed. Also RDB dumps are done according + to backup schedule for backup purposes. When persistence is + 'off', no RDB dumps and backups are done, so data can be lost + at any moment if service is restarted for any reason, or if + service is powered off. Also service can't be forked. enum: - - "True" - - "False" - - Unknown + - "off" + - rdb type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + redis_pubsub_client_output_buffer_limit: + description: + Set output buffer limit for pub / sub clients in + MB. The value is the hard limit, the soft limit is 1/4 of the + hard limit. When setting the limit, be mindful of the available + memory in the selected service plan. + maximum: 512 + minimum: 32 + type: integer + redis_ssl: + description: Require SSL to access Redis + type: boolean + redis_timeout: + description: Redis idle connection timeout in seconds + maximum: 31536000 + minimum: 0 + type: integer + service_log: + description: + Store logs for the service so that they are available + in the HTTP API and console. + type: boolean + service_to_fork_from: + description: + Name of another service to fork from. This has effect + only when a new service is being created. + maxLength: 64 type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + static_ips: + description: Use static public IP addresses + type: boolean type: object - type: array - state: - description: Service state - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - plan + - project + type: object + status: + description: ServiceStatus defines the observed state of service + properties: + conditions: + description: + Conditions represent the latest available observations + of a service state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + state: + description: Service state + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_serviceintegrations.yaml b/config/crd/bases/aiven.io_serviceintegrations.yaml index 7ba61edd..7ddcb94b 100644 --- a/config/crd/bases/aiven.io_serviceintegrations.yaml +++ b/config/crd/bases/aiven.io_serviceintegrations.yaml @@ -15,748 +15,790 @@ spec: singular: serviceintegration scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.integrationType - name: Type - type: string - - jsonPath: .spec.sourceServiceName - name: Source Service Name - type: string - - jsonPath: .spec.destinationServiceName - name: Destination Service Name - type: string - - jsonPath: .spec.sourceEndpointId - name: Source Endpoint ID - type: string - - jsonPath: .spec.destinationEndpointId - name: Destination Endpoint ID - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ServiceIntegration is the Schema for the serviceintegrations - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceIntegrationSpec defines the desired state of ServiceIntegration - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - clickhouseKafka: - description: Clickhouse Kafka configuration values - properties: - tables: - description: Tables to create - items: - description: Table to create + - additionalPrinterColumns: + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.integrationType + name: Type + type: string + - jsonPath: .spec.sourceServiceName + name: Source Service Name + type: string + - jsonPath: .spec.destinationServiceName + name: Destination Service Name + type: string + - jsonPath: .spec.sourceEndpointId + name: Source Endpoint ID + type: string + - jsonPath: .spec.destinationEndpointId + name: Destination Endpoint ID + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: + ServiceIntegration is the Schema for the serviceintegrations + API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ServiceIntegrationSpec defines the desired state of ServiceIntegration + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret + properties: + key: + minLength: 1 + type: string + name: + minLength: 1 + type: string + required: + - key + - name + type: object + clickhouseKafka: + description: Clickhouse Kafka configuration values + properties: + tables: + description: Tables to create + items: + description: Table to create + properties: + auto_offset_reset: + description: + Action to take when there is no initial offset + in offset store or the desired offset is out of range + enum: + - smallest + - earliest + - beginning + - largest + - latest + - end + type: string + columns: + description: Table columns + items: + description: Table column + properties: + name: + description: Column name + maxLength: 40 + minLength: 1 + type: string + type: + description: Column type + maxLength: 1000 + minLength: 1 + type: string + required: + - name + - type + type: object + maxItems: 100 + type: array + data_format: + description: Message data format + enum: + - Avro + - CSV + - JSONAsString + - JSONCompactEachRow + - JSONCompactStringsEachRow + - JSONEachRow + - JSONStringsEachRow + - MsgPack + - TSKV + - TSV + - TabSeparated + - RawBLOB + - AvroConfluent + type: string + date_time_input_format: + description: Method to read DateTime from text input formats + enum: + - basic + - best_effort + - best_effort_us + type: string + group_name: + description: Kafka consumers group + maxLength: 249 + minLength: 1 + type: string + handle_error_mode: + description: How to handle errors for Kafka engine + enum: + - default + - stream + type: string + max_block_size: + description: + Number of row collected by poll(s) for flushing + data from Kafka + maximum: 1000000000 + minimum: 0 + type: integer + max_rows_per_message: + description: + The maximum number of rows produced in one + kafka message for row-based formats + maximum: 1000000000 + minimum: 1 + type: integer + name: + description: Name of the table + maxLength: 40 + minLength: 1 + type: string + num_consumers: + description: The number of consumers per table per replica + maximum: 10 + minimum: 1 + type: integer + poll_max_batch_size: + description: + Maximum amount of messages to be polled in + a single Kafka poll + maximum: 1000000000 + minimum: 0 + type: integer + skip_broken_messages: + description: + Skip at least this number of broken messages + from Kafka topic per block + maximum: 1000000000 + minimum: 0 + type: integer + topics: + description: Kafka topics + items: + description: Kafka topic + properties: + name: + description: Name of the topic + maxLength: 249 + minLength: 1 + type: string + required: + - name + type: object + maxItems: 100 + type: array + required: + - columns + - data_format + - group_name + - name + - topics + type: object + maxItems: 100 + type: array + type: object + clickhousePostgresql: + description: Clickhouse PostgreSQL configuration values + properties: + databases: + description: Databases to expose + items: + description: Database to expose + properties: + database: + description: PostgreSQL database to expose + maxLength: 63 + minLength: 1 + type: string + schema: + description: PostgreSQL schema to expose + maxLength: 63 + minLength: 1 + type: string + type: object + maxItems: 10 + type: array + type: object + datadog: + description: Datadog specific user configuration options + properties: + datadog_dbm_enabled: + description: Enable Datadog Database Monitoring + type: boolean + datadog_tags: + description: Custom tags provided by user + items: + description: Datadog tag defined by user + properties: + comment: + description: Optional tag explanation + maxLength: 1024 + type: string + tag: + description: + "Tag format and usage are described here: https://docs.datadoghq.com/getting_started/tagging. + Tags with prefix 'aiven-' are reserved for Aiven." + maxLength: 200 + minLength: 1 + type: string + required: + - tag + type: object + maxItems: 32 + type: array + exclude_consumer_groups: + description: List of custom metrics + items: + type: string + maxItems: 1024 + type: array + exclude_topics: + description: List of topics to exclude + items: + type: string + maxItems: 1024 + type: array + include_consumer_groups: + description: List of custom metrics + items: + type: string + maxItems: 1024 + type: array + include_topics: + description: List of topics to include + items: + type: string + maxItems: 1024 + type: array + kafka_custom_metrics: + description: List of custom metrics + items: + type: string + maxItems: 1024 + type: array + max_jmx_metrics: + description: Maximum number of JMX metrics to send + maximum: 100000 + minimum: 10 + type: integer + opensearch: + description: Datadog Opensearch Options properties: - auto_offset_reset: - description: Action to take when there is no initial offset - in offset store or the desired offset is out of range - enum: - - smallest - - earliest - - beginning - - largest - - latest - - end - type: string - columns: - description: Table columns - items: - description: Table column - properties: - name: - description: Column name - maxLength: 40 - minLength: 1 - type: string - type: - description: Column type - maxLength: 1000 - minLength: 1 - type: string - required: - - name - - type - type: object - maxItems: 100 - type: array - data_format: - description: Message data format - enum: - - Avro - - CSV - - JSONAsString - - JSONCompactEachRow - - JSONCompactStringsEachRow - - JSONEachRow - - JSONStringsEachRow - - MsgPack - - TSKV - - TSV - - TabSeparated - - RawBLOB - - AvroConfluent + index_stats_enabled: + description: Enable Datadog Opensearch Index Monitoring + type: boolean + pending_task_stats_enabled: + description: Enable Datadog Opensearch Pending Task Monitoring + type: boolean + pshard_stats_enabled: + description: Enable Datadog Opensearch Primary Shard Monitoring + type: boolean + type: object + redis: + description: Datadog Redis Options + properties: + command_stats_enabled: + description: Enable command_stats option in the agent's configuration + type: boolean + type: object + type: object + destinationEndpointId: + description: Destination endpoint for the integration (if any) + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + destinationProjectName: + description: Destination project for the integration (if any) + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + destinationServiceName: + description: Destination service for the integration (if any) + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + externalAWSCloudwatchMetrics: + description: + External AWS CloudWatch Metrics integration Logs configuration + values + properties: + dropped_metrics: + description: + Metrics to not send to AWS CloudWatch (takes precedence + over extra_metrics) + items: + description: Metric name and subfield + properties: + field: + description: Identifier of a value in the metric + maxLength: 1000 + type: string + metric: + description: Identifier of the metric + maxLength: 1000 + type: string + required: + - field + - metric + type: object + maxItems: 1024 + type: array + extra_metrics: + description: + Metrics to allow through to AWS CloudWatch (in addition + to default metrics) + items: + description: Metric name and subfield + properties: + field: + description: Identifier of a value in the metric + maxLength: 1000 + type: string + metric: + description: Identifier of the metric + maxLength: 1000 + type: string + required: + - field + - metric + type: object + maxItems: 1024 + type: array + type: object + integrationType: + description: + Type of the service integration accepted by Aiven API. + Some values may not be supported by the operator + enum: + - alertmanager + - autoscaler + - caching + - cassandra_cross_service_cluster + - clickhouse_kafka + - clickhouse_postgresql + - dashboard + - datadog + - datasource + - external_aws_cloudwatch_logs + - external_aws_cloudwatch_metrics + - external_elasticsearch_logs + - external_google_cloud_logging + - external_opensearch_logs + - flink + - flink_external_kafka + - internal_connectivity + - jolokia + - kafka_connect + - kafka_logs + - kafka_mirrormaker + - logs + - m3aggregator + - m3coordinator + - metrics + - opensearch_cross_cluster_replication + - opensearch_cross_cluster_search + - prometheus + - read_replica + - rsyslog + - schema_registry_proxy + - stresstester + - thanosquery + - thanosstore + - vmalert + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + kafkaConnect: + description: Kafka Connect service configuration values + properties: + kafka_connect: + description: Kafka Connect service configuration values + properties: + config_storage_topic: + description: + The name of the topic where connector and task + configuration data are stored.This must be the same for + all workers with the same group_id. + maxLength: 249 type: string - date_time_input_format: - description: Method to read DateTime from text input formats - enum: - - basic - - best_effort - - best_effort_us + group_id: + description: + A unique string that identifies the Connect cluster + group this worker belongs to. + maxLength: 249 type: string - group_name: - description: Kafka consumers group + offset_storage_topic: + description: + The name of the topic where connector and task + configuration offsets are stored.This must be the same for + all workers with the same group_id. maxLength: 249 - minLength: 1 type: string - handle_error_mode: - description: How to handle errors for Kafka engine - enum: - - default - - stream + status_storage_topic: + description: + The name of the topic where connector and task + configuration status updates are stored.This must be the + same for all workers with the same group_id. + maxLength: 249 type: string - max_block_size: - description: Number of row collected by poll(s) for flushing - data from Kafka - maximum: 1000000000 + type: object + type: object + kafkaLogs: + description: Kafka logs configuration values + properties: + kafka_topic: + description: Topic name + maxLength: 249 + minLength: 1 + type: string + selected_log_fields: + description: + The list of logging fields that will be sent to the + integration logging service. The MESSAGE and timestamp fields + are always sent. + items: + type: string + maxItems: 5 + type: array + required: + - kafka_topic + type: object + kafkaMirrormaker: + description: Kafka MirrorMaker configuration values + properties: + cluster_alias: + description: + "The alias under which the Kafka cluster is known + to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, + '.', '_', and '-'." + maxLength: 128 + pattern: ^[a-zA-Z0-9_.-]+$ + type: string + kafka_mirrormaker: + description: Kafka MirrorMaker configuration values + properties: + consumer_fetch_min_bytes: + description: + The minimum amount of data the server should + return for a fetch request + maximum: 5242880 + minimum: 1 + type: integer + producer_batch_size: + description: + The batch size in bytes producer will attempt + to collect before publishing to broker. + maximum: 5242880 minimum: 0 type: integer - max_rows_per_message: - description: The maximum number of rows produced in one - kafka message for row-based formats - maximum: 1000000000 - minimum: 1 + producer_buffer_memory: + description: + The amount of bytes producer can use for buffering + data before publishing to broker. + maximum: 134217728 + minimum: 5242880 type: integer - name: - description: Name of the table - maxLength: 40 - minLength: 1 + producer_compression_type: + description: + Specify the default compression type for producers. + This configuration accepts the standard compression codecs + ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts + 'none' which is the default and equivalent to no compression. + enum: + - gzip + - snappy + - lz4 + - zstd + - none type: string - num_consumers: - description: The number of consumers per table per replica - maximum: 10 - minimum: 1 - type: integer - poll_max_batch_size: - description: Maximum amount of messages to be polled in - a single Kafka poll - maximum: 1000000000 + producer_linger_ms: + description: + The linger time (ms) for waiting new data to + arrive for publishing. + maximum: 5000 minimum: 0 type: integer - skip_broken_messages: - description: Skip at least this number of broken messages - from Kafka topic per block - maximum: 1000000000 + producer_max_request_size: + description: The maximum request size in bytes. + maximum: 268435456 minimum: 0 type: integer - topics: - description: Kafka topics - items: - description: Kafka topic - properties: - name: - description: Name of the topic - maxLength: 249 - minLength: 1 - type: string - required: - - name - type: object - maxItems: 100 - type: array - required: - - columns - - data_format - - group_name - - name - - topics type: object - maxItems: 100 - type: array - type: object - clickhousePostgresql: - description: Clickhouse PostgreSQL configuration values - properties: - databases: - description: Databases to expose - items: - description: Database to expose - properties: - database: - description: PostgreSQL database to expose - maxLength: 63 - minLength: 1 - type: string - schema: - description: PostgreSQL schema to expose - maxLength: 63 - minLength: 1 - type: string - type: object - maxItems: 10 - type: array - type: object - datadog: - description: Datadog specific user configuration options - properties: - datadog_dbm_enabled: - description: Enable Datadog Database Monitoring - type: boolean - datadog_tags: - description: Custom tags provided by user - items: - description: Datadog tag defined by user - properties: - comment: - description: Optional tag explanation - maxLength: 1024 - type: string - tag: - description: 'Tag format and usage are described here: https://docs.datadoghq.com/getting_started/tagging. - Tags with prefix ''aiven-'' are reserved for Aiven.' - maxLength: 200 - minLength: 1 - type: string - required: - - tag - type: object - maxItems: 32 - type: array - exclude_consumer_groups: - description: List of custom metrics - items: - type: string - maxItems: 1024 - type: array - exclude_topics: - description: List of topics to exclude - items: - type: string - maxItems: 1024 - type: array - include_consumer_groups: - description: List of custom metrics - items: + type: object + logs: + description: Logs configuration values + properties: + elasticsearch_index_days_max: + description: Elasticsearch index retention limit + maximum: 10000 + minimum: 1 + type: integer + elasticsearch_index_prefix: + description: Elasticsearch index prefix + maxLength: 1024 + minLength: 1 type: string - maxItems: 1024 - type: array - include_topics: - description: List of topics to include - items: + selected_log_fields: + description: + The list of logging fields that will be sent to the + integration logging service. The MESSAGE and timestamp fields + are always sent. + items: + type: string + maxItems: 5 + type: array + type: object + metrics: + description: Metrics configuration values + properties: + database: + description: + Name of the database where to store metric datapoints. + Only affects PostgreSQL destinations. Defaults to 'metrics'. + Note that this must be the same for all metrics integrations + that write data to the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-_A-Za-z0-9]{0,39}$ type: string - maxItems: 1024 - type: array - kafka_custom_metrics: - description: List of custom metrics - items: + retention_days: + description: + Number of days to keep old metrics. Only affects + PostgreSQL destinations. Set to 0 for no automatic cleanup. + Defaults to 30 days. + maximum: 10000 + minimum: 0 + type: integer + ro_username: + description: + Name of a user that can be used to read metrics. + This will be used for Grafana integration (if enabled) to prevent + Grafana users from making undesired changes. Only affects PostgreSQL + destinations. Defaults to 'metrics_reader'. Note that this must + be the same for all metrics integrations that write data to + the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ type: string - maxItems: 1024 - type: array - max_jmx_metrics: - description: Maximum number of JMX metrics to send - maximum: 100000 - minimum: 10 - type: integer - opensearch: - description: Datadog Opensearch Options - properties: - index_stats_enabled: - description: Enable Datadog Opensearch Index Monitoring - type: boolean - pending_task_stats_enabled: - description: Enable Datadog Opensearch Pending Task Monitoring - type: boolean - pshard_stats_enabled: - description: Enable Datadog Opensearch Primary Shard Monitoring - type: boolean - type: object - redis: - description: Datadog Redis Options - properties: - command_stats_enabled: - description: Enable command_stats option in the agent's configuration - type: boolean - type: object - type: object - destinationEndpointId: - description: Destination endpoint for the integration (if any) - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - destinationProjectName: - description: Destination project for the integration (if any) - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - destinationServiceName: - description: Destination service for the integration (if any) - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - externalAWSCloudwatchMetrics: - description: External AWS CloudWatch Metrics integration Logs configuration - values - properties: - dropped_metrics: - description: Metrics to not send to AWS CloudWatch (takes precedence - over extra_metrics) - items: - description: Metric name and subfield + source_mysql: + description: + Configuration options for metrics where source service + is MySQL properties: - field: - description: Identifier of a value in the metric - maxLength: 1000 - type: string - metric: - description: Identifier of the metric - maxLength: 1000 - type: string - required: - - field - - metric + telegraf: + description: + Configuration options for Telegraf MySQL input + plugin + properties: + gather_event_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.EVENT_WAITS + type: boolean + gather_file_events_stats: + description: gather metrics from PERFORMANCE_SCHEMA.FILE_SUMMARY_BY_EVENT_NAME + type: boolean + gather_index_io_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_INDEX_USAGE + type: boolean + gather_info_schema_auto_inc: + description: + Gather auto_increment columns and max values + from information schema + type: boolean + gather_innodb_metrics: + description: Gather metrics from INFORMATION_SCHEMA.INNODB_METRICS + type: boolean + gather_perf_events_statements: + description: Gather metrics from PERFORMANCE_SCHEMA.EVENTS_STATEMENTS_SUMMARY_BY_DIGEST + type: boolean + gather_process_list: + description: Gather thread state counts from INFORMATION_SCHEMA.PROCESSLIST + type: boolean + gather_slave_status: + description: + Gather metrics from SHOW SLAVE STATUS command + output + type: boolean + gather_table_io_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_TABLE + type: boolean + gather_table_lock_waits: + description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_LOCK_WAITS + type: boolean + gather_table_schema: + description: Gather metrics from INFORMATION_SCHEMA.TABLES + type: boolean + perf_events_statements_digest_text_limit: + description: + Truncates digest text from perf_events_statements + into this many characters + maximum: 2048 + minimum: 1 + type: integer + perf_events_statements_limit: + description: Limits metrics from perf_events_statements + maximum: 4000 + minimum: 1 + type: integer + perf_events_statements_time_limit: + description: + Only include perf_events_statements whose + last seen is less than this many seconds + maximum: 2592000 + minimum: 1 + type: integer + type: object type: object - maxItems: 1024 - type: array - extra_metrics: - description: Metrics to allow through to AWS CloudWatch (in addition - to default metrics) - items: - description: Metric name and subfield - properties: - field: - description: Identifier of a value in the metric - maxLength: 1000 - type: string - metric: - description: Identifier of the metric - maxLength: 1000 - type: string - required: - - field - - metric - type: object - maxItems: 1024 - type: array - type: object - integrationType: - description: Type of the service integration accepted by Aiven API. - Some values may not be supported by the operator - enum: - - alertmanager - - autoscaler - - caching - - cassandra_cross_service_cluster - - clickhouse_kafka - - clickhouse_postgresql - - dashboard - - datadog - - datasource - - external_aws_cloudwatch_logs - - external_aws_cloudwatch_metrics - - external_elasticsearch_logs - - external_google_cloud_logging - - external_opensearch_logs - - flink - - flink_external_kafka - - internal_connectivity - - jolokia - - kafka_connect - - kafka_logs - - kafka_mirrormaker - - logs - - m3aggregator - - m3coordinator - - metrics - - opensearch_cross_cluster_replication - - opensearch_cross_cluster_search - - prometheus - - read_replica - - rsyslog - - schema_registry_proxy - - stresstester - - thanosquery - - thanosstore - - vmalert - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - kafkaConnect: - description: Kafka Connect service configuration values - properties: - kafka_connect: - description: Kafka Connect service configuration values + username: + description: + Name of the user used to write metrics. Only affects + PostgreSQL destinations. Defaults to 'metrics_writer'. Note + that this must be the same for all metrics integrations that + write data to the same PostgreSQL service. + maxLength: 40 + pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ + type: string + type: object + project: + description: Project the integration belongs to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceEndpointID: + description: Source endpoint for the integration (if any) + maxLength: 36 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceProjectName: + description: Source project for the integration (if any) + maxLength: 63 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + sourceServiceName: + description: Source service for the integration (if any) + maxLength: 64 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + required: + - integrationType + - project + type: object + status: + description: ServiceIntegrationStatus defines the observed state of ServiceIntegration + properties: + conditions: + description: + Conditions represent the latest available observations + of an ServiceIntegration state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - config_storage_topic: - description: The name of the topic where connector and task - configuration data are stored.This must be the same for - all workers with the same group_id. - maxLength: 249 - type: string - group_id: - description: A unique string that identifies the Connect cluster - group this worker belongs to. - maxLength: 249 - type: string - offset_storage_topic: - description: The name of the topic where connector and task - configuration offsets are stored.This must be the same for - all workers with the same group_id. - maxLength: 249 + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time type: string - status_storage_topic: - description: The name of the topic where connector and task - configuration status updates are stored.This must be the - same for all workers with the same group_id. - maxLength: 249 + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 type: string - type: object - type: object - kafkaLogs: - description: Kafka logs configuration values - properties: - kafka_topic: - description: Topic name - maxLength: 249 - minLength: 1 - type: string - selected_log_fields: - description: The list of logging fields that will be sent to the - integration logging service. The MESSAGE and timestamp fields - are always sent. - items: - type: string - maxItems: 5 - type: array - required: - - kafka_topic - type: object - kafkaMirrormaker: - description: Kafka MirrorMaker configuration values - properties: - cluster_alias: - description: 'The alias under which the Kafka cluster is known - to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, - ''.'', ''_'', and ''-''.' - maxLength: 128 - pattern: ^[a-zA-Z0-9_.-]+$ - type: string - kafka_mirrormaker: - description: Kafka MirrorMaker configuration values - properties: - consumer_fetch_min_bytes: - description: The minimum amount of data the server should - return for a fetch request - maximum: 5242880 - minimum: 1 - type: integer - producer_batch_size: - description: The batch size in bytes producer will attempt - to collect before publishing to broker. - maximum: 5242880 + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 minimum: 0 type: integer - producer_buffer_memory: - description: The amount of bytes producer can use for buffering - data before publishing to broker. - maximum: 134217728 - minimum: 5242880 - type: integer - producer_compression_type: - description: Specify the default compression type for producers. - This configuration accepts the standard compression codecs - ('gzip', 'snappy', 'lz4', 'zstd'). It additionally accepts - 'none' which is the default and equivalent to no compression. + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. enum: - - gzip - - snappy - - lz4 - - zstd - - none + - "True" + - "False" + - Unknown type: string - producer_linger_ms: - description: The linger time (ms) for waiting new data to - arrive for publishing. - maximum: 5000 - minimum: 0 - type: integer - producer_max_request_size: - description: The maximum request size in bytes. - maximum: 268435456 - minimum: 0 - type: integer - type: object - type: object - logs: - description: Logs configuration values - properties: - elasticsearch_index_days_max: - description: Elasticsearch index retention limit - maximum: 10000 - minimum: 1 - type: integer - elasticsearch_index_prefix: - description: Elasticsearch index prefix - maxLength: 1024 - minLength: 1 - type: string - selected_log_fields: - description: The list of logging fields that will be sent to the - integration logging service. The MESSAGE and timestamp fields - are always sent. - items: - type: string - maxItems: 5 - type: array - type: object - metrics: - description: Metrics configuration values - properties: - database: - description: Name of the database where to store metric datapoints. - Only affects PostgreSQL destinations. Defaults to 'metrics'. - Note that this must be the same for all metrics integrations - that write data to the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-_A-Za-z0-9]{0,39}$ - type: string - retention_days: - description: Number of days to keep old metrics. Only affects - PostgreSQL destinations. Set to 0 for no automatic cleanup. - Defaults to 30 days. - maximum: 10000 - minimum: 0 - type: integer - ro_username: - description: Name of a user that can be used to read metrics. - This will be used for Grafana integration (if enabled) to prevent - Grafana users from making undesired changes. Only affects PostgreSQL - destinations. Defaults to 'metrics_reader'. Note that this must - be the same for all metrics integrations that write data to - the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ - type: string - source_mysql: - description: Configuration options for metrics where source service - is MySQL - properties: - telegraf: - description: Configuration options for Telegraf MySQL input - plugin - properties: - gather_event_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.EVENT_WAITS - type: boolean - gather_file_events_stats: - description: gather metrics from PERFORMANCE_SCHEMA.FILE_SUMMARY_BY_EVENT_NAME - type: boolean - gather_index_io_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_INDEX_USAGE - type: boolean - gather_info_schema_auto_inc: - description: Gather auto_increment columns and max values - from information schema - type: boolean - gather_innodb_metrics: - description: Gather metrics from INFORMATION_SCHEMA.INNODB_METRICS - type: boolean - gather_perf_events_statements: - description: Gather metrics from PERFORMANCE_SCHEMA.EVENTS_STATEMENTS_SUMMARY_BY_DIGEST - type: boolean - gather_process_list: - description: Gather thread state counts from INFORMATION_SCHEMA.PROCESSLIST - type: boolean - gather_slave_status: - description: Gather metrics from SHOW SLAVE STATUS command - output - type: boolean - gather_table_io_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_IO_WAITS_SUMMARY_BY_TABLE - type: boolean - gather_table_lock_waits: - description: Gather metrics from PERFORMANCE_SCHEMA.TABLE_LOCK_WAITS - type: boolean - gather_table_schema: - description: Gather metrics from INFORMATION_SCHEMA.TABLES - type: boolean - perf_events_statements_digest_text_limit: - description: Truncates digest text from perf_events_statements - into this many characters - maximum: 2048 - minimum: 1 - type: integer - perf_events_statements_limit: - description: Limits metrics from perf_events_statements - maximum: 4000 - minimum: 1 - type: integer - perf_events_statements_time_limit: - description: Only include perf_events_statements whose - last seen is less than this many seconds - maximum: 2592000 - minimum: 1 - type: integer - type: object + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - username: - description: Name of the user used to write metrics. Only affects - PostgreSQL destinations. Defaults to 'metrics_writer'. Note - that this must be the same for all metrics integrations that - write data to the same PostgreSQL service. - maxLength: 40 - pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,39}$ - type: string - type: object - project: - description: Project the integration belongs to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceEndpointID: - description: Source endpoint for the integration (if any) - maxLength: 36 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceProjectName: - description: Source project for the integration (if any) - maxLength: 63 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - sourceServiceName: - description: Source service for the integration (if any) - maxLength: 64 - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - required: - - integrationType - - project - type: object - status: - description: ServiceIntegrationStatus defines the observed state of ServiceIntegration - properties: - conditions: - description: Conditions represent the latest available observations - of an ServiceIntegration state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - id: - description: Service integration ID - type: string - required: - - conditions - - id - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + id: + description: Service integration ID + type: string + required: + - conditions + - id + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/aiven.io_serviceusers.yaml b/config/crd/bases/aiven.io_serviceusers.yaml index e188b02d..b71e03fb 100644 --- a/config/crd/bases/aiven.io_serviceusers.yaml +++ b/config/crd/bases/aiven.io_serviceusers.yaml @@ -15,179 +15,191 @@ spec: singular: serviceuser scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.serviceName - name: Service Name - type: string - - jsonPath: .spec.project - name: Project - type: string - - jsonPath: .spec.connInfoSecretTarget.name - name: Connection Information Secret - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ServiceUser is the Schema for the serviceusers API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceUserSpec defines the desired state of ServiceUser - properties: - authSecretRef: - description: Authentication reference to Aiven token in a secret - properties: - key: - minLength: 1 - type: string - name: - minLength: 1 - type: string - required: - - key - - name - type: object - authentication: - description: Authentication details - enum: - - caching_sha2_password - - mysql_native_password - type: string - connInfoSecretTarget: - description: 'Information regarding secret creation. Exposed keys: - `SERVICEUSER_HOST`, `SERVICEUSER_PORT`, `SERVICEUSER_USERNAME`, - `SERVICEUSER_PASSWORD`, `SERVICEUSER_CA_CERT`, `SERVICEUSER_ACCESS_CERT`, - `SERVICEUSER_ACCESS_KEY`' - properties: - annotations: - additionalProperties: - type: string - description: Annotations added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - labels: - additionalProperties: - type: string - description: Labels added to the secret - type: object - x-kubernetes-preserve-unknown-fields: true - name: - description: Name of the secret resource to be created. By default, - is equal to the resource name - type: string - prefix: - description: Prefix for the secret's keys. Added "as is" without - any transformations. By default, is equal to the kind name in - uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - type: string - required: - - name - type: object - project: - description: Project to link the user to - format: ^[a-zA-Z0-9_-]*$ - maxLength: 63 - type: string - serviceName: - description: Service to link the user to - maxLength: 63 - type: string - required: - - project - - serviceName - type: object - status: - description: ServiceUserStatus defines the observed state of ServiceUser - properties: - conditions: - description: Conditions represent the latest available observations - of an ServiceUser state - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.serviceName + name: Service Name + type: string + - jsonPath: .spec.project + name: Project + type: string + - jsonPath: .spec.connInfoSecretTarget.name + name: Connection Information Secret + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ServiceUser is the Schema for the serviceusers API + properties: + apiVersion: + description: + "APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: + "Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: ServiceUserSpec defines the desired state of ServiceUser + properties: + authSecretRef: + description: Authentication reference to Aiven token in a secret properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 + key: + minLength: 1 type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 + name: minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + required: + - key + - name + type: object + authentication: + description: Authentication details + enum: + - caching_sha2_password + - mysql_native_password + type: string + connInfoSecretTarget: + description: + "Information regarding secret creation. Exposed keys: + `SERVICEUSER_HOST`, `SERVICEUSER_PORT`, `SERVICEUSER_USERNAME`, + `SERVICEUSER_PASSWORD`, `SERVICEUSER_CA_CERT`, `SERVICEUSER_ACCESS_CERT`, + `SERVICEUSER_ACCESS_KEY`" + properties: + annotations: + additionalProperties: + type: string + description: Annotations added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: Labels added to the secret + type: object + x-kubernetes-preserve-unknown-fields: true + name: + description: + Name of the secret resource to be created. By default, + is equal to the resource name type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + prefix: + description: + Prefix for the secret's keys. Added "as is" without + any transformations. By default, is equal to the kind name in + uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - name type: object - type: array - type: - description: Type of the user account - type: string - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + project: + description: Project to link the user to + format: ^[a-zA-Z0-9_-]*$ + maxLength: 63 + type: string + serviceName: + description: Service to link the user to + maxLength: 63 + type: string + required: + - project + - serviceName + type: object + status: + description: ServiceUserStatus defines the observed state of ServiceUser + properties: + conditions: + description: + Conditions represent the latest available observations + of an ServiceUser state + items: + description: + "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: + lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: + message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: + observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: + reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: + type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: + description: Type of the user account + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index 6dbe80c3..0ac45af9 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -2,75 +2,75 @@ # since it depends on service name and namespace that are out of this kustomize package. # It should be run by config/default resources: -- bases/aiven.io_clickhouses.yaml -- bases/aiven.io_clickhouseusers.yaml -- bases/aiven.io_connectionpools.yaml -- bases/aiven.io_databases.yaml -- bases/aiven.io_kafkas.yaml -- bases/aiven.io_kafkaacls.yaml -- bases/aiven.io_kafkaconnects.yaml -- bases/aiven.io_kafkaconnectors.yaml -- bases/aiven.io_kafkaschemas.yaml -- bases/aiven.io_kafkatopics.yaml -- bases/aiven.io_opensearches.yaml -- bases/aiven.io_postgresqls.yaml -- bases/aiven.io_projects.yaml -- bases/aiven.io_projectvpcs.yaml -- bases/aiven.io_redis.yaml -- bases/aiven.io_serviceintegrations.yaml -- bases/aiven.io_serviceusers.yaml -- bases/aiven.io_mysqls.yaml -- bases/aiven.io_cassandras.yaml -- bases/aiven.io_grafanas.yaml + - bases/aiven.io_clickhouses.yaml + - bases/aiven.io_clickhouseusers.yaml + - bases/aiven.io_connectionpools.yaml + - bases/aiven.io_databases.yaml + - bases/aiven.io_kafkas.yaml + - bases/aiven.io_kafkaacls.yaml + - bases/aiven.io_kafkaconnects.yaml + - bases/aiven.io_kafkaconnectors.yaml + - bases/aiven.io_kafkaschemas.yaml + - bases/aiven.io_kafkatopics.yaml + - bases/aiven.io_opensearches.yaml + - bases/aiven.io_postgresqls.yaml + - bases/aiven.io_projects.yaml + - bases/aiven.io_projectvpcs.yaml + - bases/aiven.io_redis.yaml + - bases/aiven.io_serviceintegrations.yaml + - bases/aiven.io_serviceusers.yaml + - bases/aiven.io_mysqls.yaml + - bases/aiven.io_cassandras.yaml + - bases/aiven.io_grafanas.yaml #+kubebuilder:scaffold:crdkustomizeresource patchesStrategicMerge: -# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. -# patches here are for enabling the conversion webhook for each CRD -- patches/webhook_in_clickhouses.yaml -- patches/webhook_in_clickhouseusers.yaml -- patches/webhook_in_connectionpools.yaml -- patches/webhook_in_databases.yaml -- patches/webhook_in_kafkas.yaml -- patches/webhook_in_kafkaacls.yaml -- patches/webhook_in_kafkaconnects.yaml -- patches/webhook_in_kafkaconnectors.yaml -- patches/webhook_in_kafkaschemas.yaml -- patches/webhook_in_kafkatopics.yaml -- patches/webhook_in_opensearches.yaml -- patches/webhook_in_postgresqls.yaml -- patches/webhook_in_projects.yaml -- patches/webhook_in_redis.yaml -- patches/webhook_in_serviceintegrations.yaml -- patches/webhook_in_serviceusers.yaml -- patches/webhook_in_mysqls.yaml -- patches/webhook_in_cassandras.yaml -- patches/webhook_in_grafanas.yaml -#+kubebuilder:scaffold:crdkustomizewebhookpatch + # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. + # patches here are for enabling the conversion webhook for each CRD + - patches/webhook_in_clickhouses.yaml + - patches/webhook_in_clickhouseusers.yaml + - patches/webhook_in_connectionpools.yaml + - patches/webhook_in_databases.yaml + - patches/webhook_in_kafkas.yaml + - patches/webhook_in_kafkaacls.yaml + - patches/webhook_in_kafkaconnects.yaml + - patches/webhook_in_kafkaconnectors.yaml + - patches/webhook_in_kafkaschemas.yaml + - patches/webhook_in_kafkatopics.yaml + - patches/webhook_in_opensearches.yaml + - patches/webhook_in_postgresqls.yaml + - patches/webhook_in_projects.yaml + - patches/webhook_in_redis.yaml + - patches/webhook_in_serviceintegrations.yaml + - patches/webhook_in_serviceusers.yaml + - patches/webhook_in_mysqls.yaml + - patches/webhook_in_cassandras.yaml + - patches/webhook_in_grafanas.yaml + #+kubebuilder:scaffold:crdkustomizewebhookpatch -# [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix. -# patches here are for enabling the CA injection for each CRD -- patches/cainjection_in_clickhouses.yaml -- patches/cainjection_in_clickhouseusers.yaml -- patches/cainjection_in_connectionpools.yaml -- patches/cainjection_in_databases.yaml -- patches/cainjection_in_kafkas.yaml -- patches/cainjection_in_kafkaacls.yaml -- patches/cainjection_in_kafkaconnects.yaml -- patches/cainjection_in_kafkaconnectors.yaml -- patches/cainjection_in_kafkaschemas.yaml -- patches/cainjection_in_kafkatopics.yaml -- patches/cainjection_in_opensearches.yaml -- patches/cainjection_in_postgresqls.yaml -- patches/cainjection_in_projects.yaml -- patches/cainjection_in_redis.yaml -- patches/cainjection_in_serviceintegrations.yaml -- patches/cainjection_in_serviceusers.yaml -- patches/cainjection_in_mysqls.yaml -- patches/cainjection_in_cassandras.yaml -- patches/cainjection_in_grafanas.yaml + # [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix. + # patches here are for enabling the CA injection for each CRD + - patches/cainjection_in_clickhouses.yaml + - patches/cainjection_in_clickhouseusers.yaml + - patches/cainjection_in_connectionpools.yaml + - patches/cainjection_in_databases.yaml + - patches/cainjection_in_kafkas.yaml + - patches/cainjection_in_kafkaacls.yaml + - patches/cainjection_in_kafkaconnects.yaml + - patches/cainjection_in_kafkaconnectors.yaml + - patches/cainjection_in_kafkaschemas.yaml + - patches/cainjection_in_kafkatopics.yaml + - patches/cainjection_in_opensearches.yaml + - patches/cainjection_in_postgresqls.yaml + - patches/cainjection_in_projects.yaml + - patches/cainjection_in_redis.yaml + - patches/cainjection_in_serviceintegrations.yaml + - patches/cainjection_in_serviceusers.yaml + - patches/cainjection_in_mysqls.yaml + - patches/cainjection_in_cassandras.yaml + - patches/cainjection_in_grafanas.yaml #+kubebuilder:scaffold:crdkustomizecainjectionpatch # the following config is for teaching kustomize how to do kustomization for CRDs. configurations: -- kustomizeconfig.yaml + - kustomizeconfig.yaml diff --git a/config/crd/kustomizeconfig.yaml b/config/crd/kustomizeconfig.yaml index ec5c150a..c1418dde 100644 --- a/config/crd/kustomizeconfig.yaml +++ b/config/crd/kustomizeconfig.yaml @@ -1,19 +1,19 @@ # This file is for teaching kustomize how to substitute name and namespace reference in CRD nameReference: -- kind: Service - version: v1 - fieldSpecs: - - kind: CustomResourceDefinition + - kind: Service version: v1 - group: apiextensions.k8s.io - path: spec/conversion/webhook/clientConfig/service/name + fieldSpecs: + - kind: CustomResourceDefinition + version: v1 + group: apiextensions.k8s.io + path: spec/conversion/webhook/clientConfig/service/name namespace: -- kind: CustomResourceDefinition - version: v1 - group: apiextensions.k8s.io - path: spec/conversion/webhook/clientConfig/service/namespace - create: false + - kind: CustomResourceDefinition + version: v1 + group: apiextensions.k8s.io + path: spec/conversion/webhook/clientConfig/service/namespace + create: false varReference: -- path: metadata/annotations + - path: metadata/annotations diff --git a/config/crd/patches/webhook_in_cassandras.yaml b/config/crd/patches/webhook_in_cassandras.yaml index af50bb41..1e6fbe47 100644 --- a/config/crd/patches/webhook_in_cassandras.yaml +++ b/config/crd/patches/webhook_in_cassandras.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_clickhouses.yaml b/config/crd/patches/webhook_in_clickhouses.yaml index ee8de9af..64c98554 100644 --- a/config/crd/patches/webhook_in_clickhouses.yaml +++ b/config/crd/patches/webhook_in_clickhouses.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_clickhouseusers.yaml b/config/crd/patches/webhook_in_clickhouseusers.yaml index aa0640fa..2209e7bb 100644 --- a/config/crd/patches/webhook_in_clickhouseusers.yaml +++ b/config/crd/patches/webhook_in_clickhouseusers.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_connectionpools.yaml b/config/crd/patches/webhook_in_connectionpools.yaml index 069011e7..ca9a9f19 100644 --- a/config/crd/patches/webhook_in_connectionpools.yaml +++ b/config/crd/patches/webhook_in_connectionpools.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_databases.yaml b/config/crd/patches/webhook_in_databases.yaml index 4baa665f..a8366450 100644 --- a/config/crd/patches/webhook_in_databases.yaml +++ b/config/crd/patches/webhook_in_databases.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_grafanas.yaml b/config/crd/patches/webhook_in_grafanas.yaml index 999d4153..f95c7e64 100644 --- a/config/crd/patches/webhook_in_grafanas.yaml +++ b/config/crd/patches/webhook_in_grafanas.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_kafkaacls.yaml b/config/crd/patches/webhook_in_kafkaacls.yaml index 6b62b693..93e86958 100644 --- a/config/crd/patches/webhook_in_kafkaacls.yaml +++ b/config/crd/patches/webhook_in_kafkaacls.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_kafkaconnectors.yaml b/config/crd/patches/webhook_in_kafkaconnectors.yaml index 79b3ec3b..7b270893 100644 --- a/config/crd/patches/webhook_in_kafkaconnectors.yaml +++ b/config/crd/patches/webhook_in_kafkaconnectors.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_kafkaconnects.yaml b/config/crd/patches/webhook_in_kafkaconnects.yaml index cc7dc7e7..a2937521 100644 --- a/config/crd/patches/webhook_in_kafkaconnects.yaml +++ b/config/crd/patches/webhook_in_kafkaconnects.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_kafkas.yaml b/config/crd/patches/webhook_in_kafkas.yaml index 8327af52..89051344 100644 --- a/config/crd/patches/webhook_in_kafkas.yaml +++ b/config/crd/patches/webhook_in_kafkas.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_kafkaschemas.yaml b/config/crd/patches/webhook_in_kafkaschemas.yaml index a09822c2..0a252213 100644 --- a/config/crd/patches/webhook_in_kafkaschemas.yaml +++ b/config/crd/patches/webhook_in_kafkaschemas.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_kafkatopics.yaml b/config/crd/patches/webhook_in_kafkatopics.yaml index 087e1aea..76cf7406 100644 --- a/config/crd/patches/webhook_in_kafkatopics.yaml +++ b/config/crd/patches/webhook_in_kafkatopics.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_mysqls.yaml b/config/crd/patches/webhook_in_mysqls.yaml index 976ce9e3..3bdff082 100644 --- a/config/crd/patches/webhook_in_mysqls.yaml +++ b/config/crd/patches/webhook_in_mysqls.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_opensearches.yaml b/config/crd/patches/webhook_in_opensearches.yaml index d7886437..622b19c0 100644 --- a/config/crd/patches/webhook_in_opensearches.yaml +++ b/config/crd/patches/webhook_in_opensearches.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_postgresqls.yaml b/config/crd/patches/webhook_in_postgresqls.yaml index 1b64996c..9bb548d8 100644 --- a/config/crd/patches/webhook_in_postgresqls.yaml +++ b/config/crd/patches/webhook_in_postgresqls.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_projects.yaml b/config/crd/patches/webhook_in_projects.yaml index 6ec05bda..cffed236 100644 --- a/config/crd/patches/webhook_in_projects.yaml +++ b/config/crd/patches/webhook_in_projects.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_redis.yaml b/config/crd/patches/webhook_in_redis.yaml index 5befe4f3..93fb912d 100644 --- a/config/crd/patches/webhook_in_redis.yaml +++ b/config/crd/patches/webhook_in_redis.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_serviceintegrations.yaml b/config/crd/patches/webhook_in_serviceintegrations.yaml index 06fc2c9c..23a9225c 100644 --- a/config/crd/patches/webhook_in_serviceintegrations.yaml +++ b/config/crd/patches/webhook_in_serviceintegrations.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/crd/patches/webhook_in_serviceusers.yaml b/config/crd/patches/webhook_in_serviceusers.yaml index 610be8d9..cc709c32 100644 --- a/config/crd/patches/webhook_in_serviceusers.yaml +++ b/config/crd/patches/webhook_in_serviceusers.yaml @@ -13,4 +13,4 @@ spec: name: webhook-service path: /convert conversionReviewVersions: - - v1 + - v1 diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index 4229e881..f5da39f2 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -13,62 +13,62 @@ namePrefix: aiven-operator- # someName: someValue bases: -- ../crd -- ../rbac -- ../manager -# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in -# crd/kustomization.yaml -- ../webhook -# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required. -- ../certmanager + - ../crd + - ../rbac + - ../manager + # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in + # crd/kustomization.yaml + - ../webhook + # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required. + - ../certmanager # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. #- ../prometheus patchesStrategicMerge: -# Protect the /metrics endpoint by putting it behind auth. -# If you want your controller-manager to expose the /metrics -# endpoint w/o any authn/z, please comment the following line. -- manager_auth_proxy_patch.yaml + # Protect the /metrics endpoint by putting it behind auth. + # If you want your controller-manager to expose the /metrics + # endpoint w/o any authn/z, please comment the following line. + - manager_auth_proxy_patch.yaml -# Mount the controller config file for loading manager configurations -# through a ComponentConfig type -#- manager_config_patch.yaml + # Mount the controller config file for loading manager configurations + # through a ComponentConfig type + #- manager_config_patch.yaml -# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in -# crd/kustomization.yaml -- manager_webhook_patch.yaml + # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in + # crd/kustomization.yaml + - manager_webhook_patch.yaml -# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. -# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks. -# 'CERTMANAGER' needs to be enabled to use ca injection -- webhookcainjection_patch.yaml + # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. + # Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks. + # 'CERTMANAGER' needs to be enabled to use ca injection + - webhookcainjection_patch.yaml # the following config is for teaching kustomize how to do var substitution vars: -# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix. -- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR - objref: - kind: Certificate - group: cert-manager.io - version: v1 - name: serving-cert # this name should match the one in certificate.yaml - fieldref: - fieldpath: metadata.namespace -- name: CERTIFICATE_NAME - objref: - kind: Certificate - group: cert-manager.io - version: v1 - name: serving-cert # this name should match the one in certificate.yaml -- name: SERVICE_NAMESPACE # namespace of the service - objref: - kind: Service - version: v1 - name: webhook-service - fieldref: - fieldpath: metadata.namespace -- name: SERVICE_NAME - objref: - kind: Service - version: v1 - name: webhook-service + # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix. + - name: CERTIFICATE_NAMESPACE # namespace of the certificate CR + objref: + kind: Certificate + group: cert-manager.io + version: v1 + name: serving-cert # this name should match the one in certificate.yaml + fieldref: + fieldpath: metadata.namespace + - name: CERTIFICATE_NAME + objref: + kind: Certificate + group: cert-manager.io + version: v1 + name: serving-cert # this name should match the one in certificate.yaml + - name: SERVICE_NAMESPACE # namespace of the service + objref: + kind: Service + version: v1 + name: webhook-service + fieldref: + fieldpath: metadata.namespace + - name: SERVICE_NAME + objref: + kind: Service + version: v1 + name: webhook-service diff --git a/config/default/manager_auth_proxy_patch.yaml b/config/default/manager_auth_proxy_patch.yaml index cec149a0..39cd9960 100644 --- a/config/default/manager_auth_proxy_patch.yaml +++ b/config/default/manager_auth_proxy_patch.yaml @@ -9,31 +9,31 @@ spec: template: spec: containers: - - name: kube-rbac-proxy - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - "ALL" - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.13.0 - args: - - "--secure-listen-address=0.0.0.0:8443" - - "--upstream=http://127.0.0.1:8080/" - - "--logtostderr=true" - - "--v=0" - ports: - - containerPort: 8443 - protocol: TCP - name: https - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 5m - memory: 64Mi - - name: manager - args: - - "--health-probe-bind-address=:8081" - - "--metrics-bind-address=127.0.0.1:8080" - - "--leader-elect" + - name: kube-rbac-proxy + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - "ALL" + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.13.0 + args: + - "--secure-listen-address=0.0.0.0:8443" + - "--upstream=http://127.0.0.1:8080/" + - "--logtostderr=true" + - "--v=0" + ports: + - containerPort: 8443 + protocol: TCP + name: https + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + - name: manager + args: + - "--health-probe-bind-address=:8081" + - "--metrics-bind-address=127.0.0.1:8080" + - "--leader-elect" diff --git a/config/default/manager_config_patch.yaml b/config/default/manager_config_patch.yaml index 6c400155..68563ebf 100644 --- a/config/default/manager_config_patch.yaml +++ b/config/default/manager_config_patch.yaml @@ -7,14 +7,14 @@ spec: template: spec: containers: - - name: manager - args: - - "--config=controller_manager_config.yaml" - volumeMounts: - - name: manager-config - mountPath: /controller_manager_config.yaml - subPath: controller_manager_config.yaml + - name: manager + args: + - "--config=controller_manager_config.yaml" + volumeMounts: + - name: manager-config + mountPath: /controller_manager_config.yaml + subPath: controller_manager_config.yaml volumes: - - name: manager-config - configMap: - name: manager-config + - name: manager-config + configMap: + name: manager-config diff --git a/config/default/manager_webhook_patch.yaml b/config/default/manager_webhook_patch.yaml index 738de350..8a96063a 100644 --- a/config/default/manager_webhook_patch.yaml +++ b/config/default/manager_webhook_patch.yaml @@ -7,17 +7,17 @@ spec: template: spec: containers: - - name: manager - ports: - - containerPort: 9443 - name: webhook-server - protocol: TCP - volumeMounts: - - mountPath: /tmp/k8s-webhook-server/serving-certs - name: cert - readOnly: true + - name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true volumes: - - name: cert - secret: - defaultMode: 420 - secretName: webhook-server-cert + - name: cert + secret: + defaultMode: 420 + secretName: webhook-server-cert diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 65108f52..31864bec 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -1,16 +1,16 @@ resources: -- manager.yaml + - manager.yaml generatorOptions: disableNameSuffixHash: true configMapGenerator: -- files: - - controller_manager_config.yaml - name: manager-config + - files: + - controller_manager_config.yaml + name: manager-config apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization images: -- name: controller - newName: aivenoy/aiven-operator - newTag: b67bdfc15f9cac73542c68891f74382665311202 + - name: controller + newName: aivenoy/aiven-operator + newTag: b67bdfc15f9cac73542c68891f74382665311202 diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 878ad486..a6836ee6 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -34,37 +34,37 @@ spec: # seccompProfile: # type: RuntimeDefault containers: - - command: - - /manager - args: - - --leader-elect - image: controller:latest - name: manager - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - "ALL" - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - # TODO(user): Configure the resources accordingly based on the project requirements. - # More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi + - command: + - /manager + args: + - --leader-elect + image: controller:latest + name: manager + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - "ALL" + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + # TODO(user): Configure the resources accordingly based on the project requirements. + # More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi serviceAccountName: controller-manager terminationGracePeriodSeconds: 10 diff --git a/config/manifests/kustomization.yaml b/config/manifests/kustomization.yaml index 125c6a6b..6a6b0180 100644 --- a/config/manifests/kustomization.yaml +++ b/config/manifests/kustomization.yaml @@ -1,10 +1,9 @@ # These resources constitute the fully configured set of manifests # used to generate the 'manifests/' directory in a bundle. resources: -- ../default -- ../samples -- ../scorecard - + - ../default + - ../samples + - ../scorecard # [WEBHOOK] To enable webhooks, uncomment all the sections with [WEBHOOK] prefix. # Do NOT uncomment sections with prefix [CERTMANAGER], as OLM does not support cert-manager. # These patches remove the unnecessary "cert" volume and its manager container volumeMount. diff --git a/config/operatorhub/manifests/bases/aiven-operator.clusterserviceversion.yaml b/config/operatorhub/manifests/bases/aiven-operator.clusterserviceversion.yaml index 498beb04..b11a9337 100644 --- a/config/operatorhub/manifests/bases/aiven-operator.clusterserviceversion.yaml +++ b/config/operatorhub/manifests/bases/aiven-operator.clusterserviceversion.yaml @@ -2,7 +2,7 @@ apiVersion: operators.coreos.com/v1alpha1 kind: ClusterServiceVersion metadata: annotations: - alm-examples: '[]' + alm-examples: "[]" capabilities: Basic Install categories: Cloud Provider repository: https://github.com/aiven/aiven-operator @@ -13,100 +13,101 @@ spec: apiservicedefinitions: {} customresourcedefinitions: owned: - - description: ConnectionPool is the Schema for the connectionpools API - displayName: Connection Pool - kind: ConnectionPool - name: connectionpools.aiven.io - version: v1alpha1 - - description: Database is the Schema for the databases API - displayName: Database - kind: Database - name: databases.aiven.io - version: v1alpha1 - - description: KafkaACL is the Schema for the kafkaacls API - displayName: Kafka ACL - kind: KafkaACL - name: kafkaacls.aiven.io - version: v1alpha1 - - description: KafkaConnector is the Schema for the kafkaconnectors API - displayName: Kafka Connector - kind: KafkaConnector - name: kafkaconnectors.aiven.io - version: v1alpha1 - - description: KafkaConnect is the Schema for the kafkaconnects API - displayName: Kafka Connect - kind: KafkaConnect - name: kafkaconnects.aiven.io - version: v1alpha1 - - description: Kafka is the Schema for the kafkas API - displayName: Kafka - kind: Kafka - name: kafkas.aiven.io - version: v1alpha1 - - description: KafkaSchema is the Schema for the kafkaschemas API - displayName: Kafka Schema - kind: KafkaSchema - name: kafkaschemas.aiven.io - version: v1alpha1 - - description: KafkaTopic is the Schema for the kafkatopics API - displayName: Kafka Topic - kind: KafkaTopic - name: kafkatopics.aiven.io - version: v1alpha1 - - description: PostgreSQL is the Schema for the postgresql API - displayName: Postgre SQL - kind: PostgreSQL - name: postgresqls.aiven.io - version: v1alpha1 - - description: Project is the Schema for the projects API - displayName: Project - kind: Project - name: projects.aiven.io - version: v1alpha1 - - description: ProjectVPC is the Schema for the projectvpcs API - displayName: Project VPC - kind: ProjectVPC - name: projectvpcs.aiven.io - version: v1alpha1 - - description: ServiceIntegration is the Schema for the serviceintegrations API - displayName: Service Integration - kind: ServiceIntegration - name: serviceintegrations.aiven.io - version: v1alpha1 - - description: ServiceUser is the Schema for the serviceusers API - displayName: Service User - kind: ServiceUser - name: serviceusers.aiven.io - version: v1alpha1 - description: A Kubernetes operator for provisioning and managing Aiven Databases + - description: ConnectionPool is the Schema for the connectionpools API + displayName: Connection Pool + kind: ConnectionPool + name: connectionpools.aiven.io + version: v1alpha1 + - description: Database is the Schema for the databases API + displayName: Database + kind: Database + name: databases.aiven.io + version: v1alpha1 + - description: KafkaACL is the Schema for the kafkaacls API + displayName: Kafka ACL + kind: KafkaACL + name: kafkaacls.aiven.io + version: v1alpha1 + - description: KafkaConnector is the Schema for the kafkaconnectors API + displayName: Kafka Connector + kind: KafkaConnector + name: kafkaconnectors.aiven.io + version: v1alpha1 + - description: KafkaConnect is the Schema for the kafkaconnects API + displayName: Kafka Connect + kind: KafkaConnect + name: kafkaconnects.aiven.io + version: v1alpha1 + - description: Kafka is the Schema for the kafkas API + displayName: Kafka + kind: Kafka + name: kafkas.aiven.io + version: v1alpha1 + - description: KafkaSchema is the Schema for the kafkaschemas API + displayName: Kafka Schema + kind: KafkaSchema + name: kafkaschemas.aiven.io + version: v1alpha1 + - description: KafkaTopic is the Schema for the kafkatopics API + displayName: Kafka Topic + kind: KafkaTopic + name: kafkatopics.aiven.io + version: v1alpha1 + - description: PostgreSQL is the Schema for the postgresql API + displayName: Postgre SQL + kind: PostgreSQL + name: postgresqls.aiven.io + version: v1alpha1 + - description: Project is the Schema for the projects API + displayName: Project + kind: Project + name: projects.aiven.io + version: v1alpha1 + - description: ProjectVPC is the Schema for the projectvpcs API + displayName: Project VPC + kind: ProjectVPC + name: projectvpcs.aiven.io + version: v1alpha1 + - description: ServiceIntegration is the Schema for the serviceintegrations API + displayName: Service Integration + kind: ServiceIntegration + name: serviceintegrations.aiven.io + version: v1alpha1 + - description: ServiceUser is the Schema for the serviceusers API + displayName: Service User + kind: ServiceUser + name: serviceusers.aiven.io + version: v1alpha1 + description: + A Kubernetes operator for provisioning and managing Aiven Databases and other resources displayName: Aiven Operator icon: - - base64data: "" - mediatype: "" + - base64data: "" + mediatype: "" install: spec: deployments: null strategy: "" installModes: - - supported: false - type: OwnNamespace - - supported: false - type: SingleNamespace - - supported: false - type: MultiNamespace - - supported: true - type: AllNamespaces + - supported: false + type: OwnNamespace + - supported: false + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces keywords: - - aiven + - aiven links: - - name: Aiven Operator for Kubernetes - url: https://aiven.github.io/aiven-operator/ + - name: Aiven Operator for Kubernetes + url: https://aiven.github.io/aiven-operator/ maintainers: - - email: ivan.savciuc@gmail.com - name: Ivan Savciuc - - email: murad.biashimov@aiven.io - name: Murad Biashimov + - email: ivan.savciuc@gmail.com + name: Ivan Savciuc + - email: murad.biashimov@aiven.io + name: Murad Biashimov maturity: alpha provider: name: aiven diff --git a/config/operatorhub/manifests/kustomization.yaml b/config/operatorhub/manifests/kustomization.yaml index 090b86d1..c2920856 100644 --- a/config/operatorhub/manifests/kustomization.yaml +++ b/config/operatorhub/manifests/kustomization.yaml @@ -1,5 +1,5 @@ resources: -- ../../default -- ../samples -- ../scorecard -- bases/aiven-operator.clusterserviceversion.yaml + - ../../default + - ../samples + - ../scorecard + - bases/aiven-operator.clusterserviceversion.yaml diff --git a/config/operatorhub/scorecard/bases/config.yaml b/config/operatorhub/scorecard/bases/config.yaml index c7704784..707a5c25 100644 --- a/config/operatorhub/scorecard/bases/config.yaml +++ b/config/operatorhub/scorecard/bases/config.yaml @@ -3,5 +3,5 @@ kind: Configuration metadata: name: config stages: -- parallel: true - tests: [] + - parallel: true + tests: [] diff --git a/config/operatorhub/scorecard/patches/basic.config.yaml b/config/operatorhub/scorecard/patches/basic.config.yaml index d164f2fb..8159f1cd 100644 --- a/config/operatorhub/scorecard/patches/basic.config.yaml +++ b/config/operatorhub/scorecard/patches/basic.config.yaml @@ -7,4 +7,4 @@ image: quay.io/operator-framework/scorecard-test:v1.8.0 labels: suite: basic - test: basic-check-spec-test \ No newline at end of file + test: basic-check-spec-test diff --git a/config/operatorhub/scorecard/patches/olm.config.yaml b/config/operatorhub/scorecard/patches/olm.config.yaml index 90785f75..0933da47 100644 --- a/config/operatorhub/scorecard/patches/olm.config.yaml +++ b/config/operatorhub/scorecard/patches/olm.config.yaml @@ -37,4 +37,4 @@ image: quay.io/operator-framework/scorecard-test:v1.8.0 labels: suite: olm - test: olm-status-descriptors-test \ No newline at end of file + test: olm-status-descriptors-test diff --git a/config/prometheus/kustomization.yaml b/config/prometheus/kustomization.yaml index ed137168..d556b996 100644 --- a/config/prometheus/kustomization.yaml +++ b/config/prometheus/kustomization.yaml @@ -1,2 +1,2 @@ resources: -- monitor.yaml + - monitor.yaml diff --git a/config/prometheus/monitor.yaml b/config/prometheus/monitor.yaml index d19136ae..6812d4d5 100644 --- a/config/prometheus/monitor.yaml +++ b/config/prometheus/monitor.yaml @@ -1,4 +1,3 @@ - # Prometheus Monitor Service (Metrics) apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor diff --git a/config/rbac/auth_proxy_client_clusterrole.yaml b/config/rbac/auth_proxy_client_clusterrole.yaml index 51a75db4..07f43829 100644 --- a/config/rbac/auth_proxy_client_clusterrole.yaml +++ b/config/rbac/auth_proxy_client_clusterrole.yaml @@ -3,7 +3,7 @@ kind: ClusterRole metadata: name: metrics-reader rules: -- nonResourceURLs: - - "/metrics" - verbs: - - get + - nonResourceURLs: + - "/metrics" + verbs: + - get diff --git a/config/rbac/auth_proxy_role.yaml b/config/rbac/auth_proxy_role.yaml index 80e1857c..2e55d6ae 100644 --- a/config/rbac/auth_proxy_role.yaml +++ b/config/rbac/auth_proxy_role.yaml @@ -3,15 +3,15 @@ kind: ClusterRole metadata: name: proxy-role rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create diff --git a/config/rbac/auth_proxy_role_binding.yaml b/config/rbac/auth_proxy_role_binding.yaml index ec7acc0a..ec70c402 100644 --- a/config/rbac/auth_proxy_role_binding.yaml +++ b/config/rbac/auth_proxy_role_binding.yaml @@ -7,6 +7,6 @@ roleRef: kind: ClusterRole name: proxy-role subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system + - kind: ServiceAccount + name: controller-manager + namespace: system diff --git a/config/rbac/auth_proxy_service.yaml b/config/rbac/auth_proxy_service.yaml index 71f17972..7fa7a010 100644 --- a/config/rbac/auth_proxy_service.yaml +++ b/config/rbac/auth_proxy_service.yaml @@ -7,9 +7,9 @@ metadata: namespace: system spec: ports: - - name: https - port: 8443 - protocol: TCP - targetPort: https + - name: https + port: 8443 + protocol: TCP + targetPort: https selector: control-plane: controller-manager diff --git a/config/rbac/cassandra_editor_role.yaml b/config/rbac/cassandra_editor_role.yaml index d80b1e48..56181baf 100644 --- a/config/rbac/cassandra_editor_role.yaml +++ b/config/rbac/cassandra_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: cassandra-editor-role rules: -- apiGroups: - - aiven.io - resources: - - cassandras - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - cassandras/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - cassandras + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - cassandras/status + verbs: + - get diff --git a/config/rbac/cassandra_viewer_role.yaml b/config/rbac/cassandra_viewer_role.yaml index d145d4e3..ff66e0aa 100644 --- a/config/rbac/cassandra_viewer_role.yaml +++ b/config/rbac/cassandra_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: cassandra-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - cassandras - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - cassandras/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - cassandras + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - cassandras/status + verbs: + - get diff --git a/config/rbac/clickhouse_editor_role.yaml b/config/rbac/clickhouse_editor_role.yaml index 54e56ad7..bc117edc 100644 --- a/config/rbac/clickhouse_editor_role.yaml +++ b/config/rbac/clickhouse_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: clickhouse-editor-role rules: -- apiGroups: - - aiven.io - resources: - - clickhouses - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - clickhouses/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - clickhouses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - clickhouses/status + verbs: + - get diff --git a/config/rbac/clickhouse_viewer_role.yaml b/config/rbac/clickhouse_viewer_role.yaml index 7c2acaee..42b30507 100644 --- a/config/rbac/clickhouse_viewer_role.yaml +++ b/config/rbac/clickhouse_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: clickhouse-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - clickhouses - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - clickhouses/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - clickhouses + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - clickhouses/status + verbs: + - get diff --git a/config/rbac/clickhouseuser_editor_role.yaml b/config/rbac/clickhouseuser_editor_role.yaml index 123c694c..19f438e1 100644 --- a/config/rbac/clickhouseuser_editor_role.yaml +++ b/config/rbac/clickhouseuser_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: clickhouseuser-editor-role rules: -- apiGroups: - - aiven.io - resources: - - clickhouseusers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - clickhouseusers/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - clickhouseusers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - clickhouseusers/status + verbs: + - get diff --git a/config/rbac/clickhouseuser_viewer_role.yaml b/config/rbac/clickhouseuser_viewer_role.yaml index 73a95696..623d7801 100644 --- a/config/rbac/clickhouseuser_viewer_role.yaml +++ b/config/rbac/clickhouseuser_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: clickhouseuser-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - clickhouseusers - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - clickhouseusers/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - clickhouseusers + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - clickhouseusers/status + verbs: + - get diff --git a/config/rbac/connectionpool_editor_role.yaml b/config/rbac/connectionpool_editor_role.yaml index c6387bae..6746cf05 100644 --- a/config/rbac/connectionpool_editor_role.yaml +++ b/config/rbac/connectionpool_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: connectionpool-editor-role rules: -- apiGroups: - - aiven.io - resources: - - connectionpools - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - connectionpools/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - connectionpools + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - connectionpools/status + verbs: + - get diff --git a/config/rbac/connectionpool_viewer_role.yaml b/config/rbac/connectionpool_viewer_role.yaml index 95fa604c..1e81bf67 100644 --- a/config/rbac/connectionpool_viewer_role.yaml +++ b/config/rbac/connectionpool_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: connectionpool-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - connectionpools - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - connectionpools/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - connectionpools + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - connectionpools/status + verbs: + - get diff --git a/config/rbac/database_editor_role.yaml b/config/rbac/database_editor_role.yaml index 951f128a..95930266 100644 --- a/config/rbac/database_editor_role.yaml +++ b/config/rbac/database_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: database-editor-role rules: -- apiGroups: - - aiven.io - resources: - - databases - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - databases/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - databases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - databases/status + verbs: + - get diff --git a/config/rbac/database_viewer_role.yaml b/config/rbac/database_viewer_role.yaml index 92dd5d2b..161be0c7 100644 --- a/config/rbac/database_viewer_role.yaml +++ b/config/rbac/database_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: database-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - databases - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - databases/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - databases + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - databases/status + verbs: + - get diff --git a/config/rbac/grafana_editor_role.yaml b/config/rbac/grafana_editor_role.yaml index fabdae86..f78eb501 100644 --- a/config/rbac/grafana_editor_role.yaml +++ b/config/rbac/grafana_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: grafana-editor-role rules: -- apiGroups: - - aiven.io - resources: - - grafanas - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - grafanas/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - grafanas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - grafanas/status + verbs: + - get diff --git a/config/rbac/grafana_viewer_role.yaml b/config/rbac/grafana_viewer_role.yaml index 189a8910..addaa365 100644 --- a/config/rbac/grafana_viewer_role.yaml +++ b/config/rbac/grafana_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: grafana-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - grafanas - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - grafanas/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - grafanas + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - grafanas/status + verbs: + - get diff --git a/config/rbac/kafka_editor_role.yaml b/config/rbac/kafka_editor_role.yaml index 1e9049c3..fa3cd733 100644 --- a/config/rbac/kafka_editor_role.yaml +++ b/config/rbac/kafka_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: kafka-editor-role rules: -- apiGroups: - - aiven.io - resources: - - kafkas - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkas/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - kafkas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkas/status + verbs: + - get diff --git a/config/rbac/kafka_viewer_role.yaml b/config/rbac/kafka_viewer_role.yaml index ce9aa94f..fd4d5099 100644 --- a/config/rbac/kafka_viewer_role.yaml +++ b/config/rbac/kafka_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: kafka-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - kafkas - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - kafkas/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - kafkas + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - kafkas/status + verbs: + - get diff --git a/config/rbac/kafkaacl_editor_role.yaml b/config/rbac/kafkaacl_editor_role.yaml index bc444246..8f810121 100644 --- a/config/rbac/kafkaacl_editor_role.yaml +++ b/config/rbac/kafkaacl_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: kafkaacl-editor-role rules: -- apiGroups: - - aiven.io - resources: - - kafkaacls - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkaacls/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - kafkaacls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkaacls/status + verbs: + - get diff --git a/config/rbac/kafkaacl_viewer_role.yaml b/config/rbac/kafkaacl_viewer_role.yaml index a4360d66..3b9a27c5 100644 --- a/config/rbac/kafkaacl_viewer_role.yaml +++ b/config/rbac/kafkaacl_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: kafkaacl-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - kafkaacls - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - kafkaacls/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - kafkaacls + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - kafkaacls/status + verbs: + - get diff --git a/config/rbac/kafkaconnect_editor_role.yaml b/config/rbac/kafkaconnect_editor_role.yaml index 87a5deb7..7ee621a9 100644 --- a/config/rbac/kafkaconnect_editor_role.yaml +++ b/config/rbac/kafkaconnect_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: kafkaconnect-editor-role rules: -- apiGroups: - - aiven.io - resources: - - kafkaconnects - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkaconnects/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - kafkaconnects + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkaconnects/status + verbs: + - get diff --git a/config/rbac/kafkaconnect_viewer_role.yaml b/config/rbac/kafkaconnect_viewer_role.yaml index daf1dacb..ca47d893 100644 --- a/config/rbac/kafkaconnect_viewer_role.yaml +++ b/config/rbac/kafkaconnect_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: kafkaconnect-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - kafkaconnects - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - kafkaconnects/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - kafkaconnects + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - kafkaconnects/status + verbs: + - get diff --git a/config/rbac/kafkaconnector_editor_role.yaml b/config/rbac/kafkaconnector_editor_role.yaml index 3d15eed7..cf2ed305 100644 --- a/config/rbac/kafkaconnector_editor_role.yaml +++ b/config/rbac/kafkaconnector_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: kafkaconnector-editor-role rules: -- apiGroups: - - aiven.io - resources: - - kafkaconnectors - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkaconnectors/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - kafkaconnectors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkaconnectors/status + verbs: + - get diff --git a/config/rbac/kafkaconnector_viewer_role.yaml b/config/rbac/kafkaconnector_viewer_role.yaml index 71624cb8..d911c41c 100644 --- a/config/rbac/kafkaconnector_viewer_role.yaml +++ b/config/rbac/kafkaconnector_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: kafkaconnector-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - kafkaconnectors - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - kafkaconnectors/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - kafkaconnectors + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - kafkaconnectors/status + verbs: + - get diff --git a/config/rbac/kafkaschema_editor_role.yaml b/config/rbac/kafkaschema_editor_role.yaml index 8d98ef2e..0a83ec3f 100644 --- a/config/rbac/kafkaschema_editor_role.yaml +++ b/config/rbac/kafkaschema_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: kafkaschema-editor-role rules: -- apiGroups: - - aiven.io - resources: - - kafkaschemas - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkaschemas/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - kafkaschemas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkaschemas/status + verbs: + - get diff --git a/config/rbac/kafkaschema_viewer_role.yaml b/config/rbac/kafkaschema_viewer_role.yaml index 1caecf30..aeac42e9 100644 --- a/config/rbac/kafkaschema_viewer_role.yaml +++ b/config/rbac/kafkaschema_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: kafkaschema-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - kafkaschemas - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - kafkaschemas/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - kafkaschemas + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - kafkaschemas/status + verbs: + - get diff --git a/config/rbac/kafkatopic_editor_role.yaml b/config/rbac/kafkatopic_editor_role.yaml index 08fb524e..ac5d4736 100644 --- a/config/rbac/kafkatopic_editor_role.yaml +++ b/config/rbac/kafkatopic_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: kafkatopic-editor-role rules: -- apiGroups: - - aiven.io - resources: - - kafkatopics - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkatopics/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - kafkatopics + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkatopics/status + verbs: + - get diff --git a/config/rbac/kafkatopic_viewer_role.yaml b/config/rbac/kafkatopic_viewer_role.yaml index 99f64f95..511ab996 100644 --- a/config/rbac/kafkatopic_viewer_role.yaml +++ b/config/rbac/kafkatopic_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: kafkatopic-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - kafkatopics - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - kafkatopics/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - kafkatopics + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - kafkatopics/status + verbs: + - get diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index 731832a6..0ebbc6f6 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -1,18 +1,18 @@ resources: -# All RBAC will be applied under this service account in -# the deployment namespace. You may comment out this resource -# if your manager will use a service account that exists at -# runtime. Be sure to update RoleBinding and ClusterRoleBinding -# subjects if changing service account names. -- service_account.yaml -- role.yaml -- role_binding.yaml -- leader_election_role.yaml -- leader_election_role_binding.yaml -# Comment the following 4 lines if you want to disable -# the auth proxy (https://github.com/brancz/kube-rbac-proxy) -# which protects your /metrics endpoint. -- auth_proxy_service.yaml -- auth_proxy_role.yaml -- auth_proxy_role_binding.yaml -- auth_proxy_client_clusterrole.yaml + # All RBAC will be applied under this service account in + # the deployment namespace. You may comment out this resource + # if your manager will use a service account that exists at + # runtime. Be sure to update RoleBinding and ClusterRoleBinding + # subjects if changing service account names. + - service_account.yaml + - role.yaml + - role_binding.yaml + - leader_election_role.yaml + - leader_election_role_binding.yaml + # Comment the following 4 lines if you want to disable + # the auth proxy (https://github.com/brancz/kube-rbac-proxy) + # which protects your /metrics endpoint. + - auth_proxy_service.yaml + - auth_proxy_role.yaml + - auth_proxy_role_binding.yaml + - auth_proxy_client_clusterrole.yaml diff --git a/config/rbac/leader_election_role.yaml b/config/rbac/leader_election_role.yaml index 4190ec80..9221419f 100644 --- a/config/rbac/leader_election_role.yaml +++ b/config/rbac/leader_election_role.yaml @@ -4,34 +4,34 @@ kind: Role metadata: name: leader-election-role rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch diff --git a/config/rbac/leader_election_role_binding.yaml b/config/rbac/leader_election_role_binding.yaml index 1d1321ed..887508dd 100644 --- a/config/rbac/leader_election_role_binding.yaml +++ b/config/rbac/leader_election_role_binding.yaml @@ -7,6 +7,6 @@ roleRef: kind: Role name: leader-election-role subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system + - kind: ServiceAccount + name: controller-manager + namespace: system diff --git a/config/rbac/mysql_editor_role.yaml b/config/rbac/mysql_editor_role.yaml index 8e86c9df..d5bd3f7e 100644 --- a/config/rbac/mysql_editor_role.yaml +++ b/config/rbac/mysql_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: mysql-editor-role rules: -- apiGroups: - - aiven.io - resources: - - mysqls - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - mysqls/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - mysqls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - mysqls/status + verbs: + - get diff --git a/config/rbac/mysql_viewer_role.yaml b/config/rbac/mysql_viewer_role.yaml index 7074ec40..b5fa6060 100644 --- a/config/rbac/mysql_viewer_role.yaml +++ b/config/rbac/mysql_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: mysql-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - mysqls - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - mysqls/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - mysqls + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - mysqls/status + verbs: + - get diff --git a/config/rbac/opensearch_editor_role.yaml b/config/rbac/opensearch_editor_role.yaml index a8f53601..7d086395 100644 --- a/config/rbac/opensearch_editor_role.yaml +++ b/config/rbac/opensearch_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: opensearch-editor-role rules: -- apiGroups: - - aiven.io - resources: - - opensearches - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - opensearches/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - opensearches + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - opensearches/status + verbs: + - get diff --git a/config/rbac/opensearch_viewer_role.yaml b/config/rbac/opensearch_viewer_role.yaml index 8125d5b7..11e73bf9 100644 --- a/config/rbac/opensearch_viewer_role.yaml +++ b/config/rbac/opensearch_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: opensearch-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - opensearches - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - opensearches/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - opensearches + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - opensearches/status + verbs: + - get diff --git a/config/rbac/postgresql_editor_role.yaml b/config/rbac/postgresql_editor_role.yaml index e99de1db..9507fcec 100644 --- a/config/rbac/postgresql_editor_role.yaml +++ b/config/rbac/postgresql_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: postgresql-editor-role rules: -- apiGroups: - - aiven.io - resources: - - postgresqls - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - postgresqls/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - postgresqls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - postgresqls/status + verbs: + - get diff --git a/config/rbac/postgresql_viewer_role.yaml b/config/rbac/postgresql_viewer_role.yaml index 584b8207..c84bf5b4 100644 --- a/config/rbac/postgresql_viewer_role.yaml +++ b/config/rbac/postgresql_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: postgresql-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - postgresqls - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - postgresqls/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - postgresqls + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - postgresqls/status + verbs: + - get diff --git a/config/rbac/project_editor_role.yaml b/config/rbac/project_editor_role.yaml index cd9f2229..81e64d60 100644 --- a/config/rbac/project_editor_role.yaml +++ b/config/rbac/project_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: project-editor-role rules: -- apiGroups: - - aiven.io - resources: - - projects - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - projects/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - projects + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - projects/status + verbs: + - get diff --git a/config/rbac/project_viewer_role.yaml b/config/rbac/project_viewer_role.yaml index bdfca203..c98ad034 100644 --- a/config/rbac/project_viewer_role.yaml +++ b/config/rbac/project_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: project-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - projects - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - projects/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - projects + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - projects/status + verbs: + - get diff --git a/config/rbac/projectvpc_editor_role.yaml b/config/rbac/projectvpc_editor_role.yaml index de3143c6..d3f5d8d3 100644 --- a/config/rbac/projectvpc_editor_role.yaml +++ b/config/rbac/projectvpc_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: projectvpc-editor-role rules: -- apiGroups: - - aiven.io - resources: - - projectvpcs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - projectvpcs/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - projectvpcs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - projectvpcs/status + verbs: + - get diff --git a/config/rbac/projectvpc_viewer_role.yaml b/config/rbac/projectvpc_viewer_role.yaml index 9e1ae714..45a52c5a 100644 --- a/config/rbac/projectvpc_viewer_role.yaml +++ b/config/rbac/projectvpc_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: projectvpc-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - projectvpcs - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - projectvpcs/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - projectvpcs + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - projectvpcs/status + verbs: + - get diff --git a/config/rbac/redis_editor_role.yaml b/config/rbac/redis_editor_role.yaml index bdac9c42..bab19769 100644 --- a/config/rbac/redis_editor_role.yaml +++ b/config/rbac/redis_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: redis-editor-role rules: -- apiGroups: - - aiven.io - resources: - - redis - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - redis/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - redis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - redis/status + verbs: + - get diff --git a/config/rbac/redis_viewer_role.yaml b/config/rbac/redis_viewer_role.yaml index 2bc04c1b..f3412bb8 100644 --- a/config/rbac/redis_viewer_role.yaml +++ b/config/rbac/redis_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: redis-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - redis - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - redis/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - redis + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - redis/status + verbs: + - get diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 46e7f1d6..6c73a4f1 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -5,599 +5,599 @@ metadata: creationTimestamp: null name: manager-role rules: -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - cassandras - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - cassandras/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - cassandras/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - clickhouses - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - clickhouses/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - clickhouses/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - clickhouseusers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - clickhouseusers/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - clickhouseusers/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - connectionpools - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - connectionpools/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - connectionpools/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - databases - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - databases/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - grafanas - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - grafanas/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - grafanas/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - kafkaacls - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkaacls/status - verbs: - - create - - delete - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - kafkaconnectors - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkaconnectors/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkaconnectors/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - kafkaconnects - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkaconnects/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkaconnects/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - kafkas - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkas/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkas/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - kafkaschemas - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkaschemas/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - kafkatopics - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - kafkatopics/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - mysqls - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - mysqls/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - mysqls/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - opensearches - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - opensearches/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - opensearches/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - postgresqls - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - postgresqls/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - postgresqls/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - projects - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - projects/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - projects/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - projectvpcs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - projectvpcs/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - redis - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - redis/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - redis/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - serviceintegrations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - serviceintegrations/status - verbs: - - get - - patch - - update -- apiGroups: - - aiven.io - resources: - - serviceusers - verbs: - - create - - delete - - get - - list - - update - - watch -- apiGroups: - - aiven.io - resources: - - serviceusers/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - serviceusers/status - verbs: - - get - - update -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - get - - list - - update + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - cassandras + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - cassandras/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - cassandras/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - clickhouses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - clickhouses/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - clickhouses/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - clickhouseusers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - clickhouseusers/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - clickhouseusers/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - connectionpools + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - connectionpools/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - connectionpools/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - databases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - databases/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - grafanas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - grafanas/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - grafanas/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - kafkaacls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkaacls/status + verbs: + - create + - delete + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - kafkaconnectors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkaconnectors/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkaconnectors/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - kafkaconnects + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkaconnects/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkaconnects/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - kafkas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkas/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkas/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - kafkaschemas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkaschemas/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - kafkatopics + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - kafkatopics/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - mysqls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - mysqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - mysqls/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - opensearches + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - opensearches/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - opensearches/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - postgresqls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - postgresqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - postgresqls/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - projects + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - projects/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - projects/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - projectvpcs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - projectvpcs/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - redis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - redis/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - redis/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - serviceintegrations + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - serviceintegrations/status + verbs: + - get + - patch + - update + - apiGroups: + - aiven.io + resources: + - serviceusers + verbs: + - create + - delete + - get + - list + - update + - watch + - apiGroups: + - aiven.io + resources: + - serviceusers/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - serviceusers/status + verbs: + - get + - update + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - list + - update diff --git a/config/rbac/role_binding.yaml b/config/rbac/role_binding.yaml index 2070ede4..d5925c3a 100644 --- a/config/rbac/role_binding.yaml +++ b/config/rbac/role_binding.yaml @@ -7,6 +7,6 @@ roleRef: kind: ClusterRole name: manager-role subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system + - kind: ServiceAccount + name: controller-manager + namespace: system diff --git a/config/rbac/serviceintegration_editor_role.yaml b/config/rbac/serviceintegration_editor_role.yaml index 9f954baa..98210d32 100644 --- a/config/rbac/serviceintegration_editor_role.yaml +++ b/config/rbac/serviceintegration_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: serviceintegration-editor-role rules: -- apiGroups: - - aiven.io - resources: - - serviceintegrations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - serviceintegrations/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - serviceintegrations + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - serviceintegrations/status + verbs: + - get diff --git a/config/rbac/serviceintegration_viewer_role.yaml b/config/rbac/serviceintegration_viewer_role.yaml index 42d8dc82..a2d0de59 100644 --- a/config/rbac/serviceintegration_viewer_role.yaml +++ b/config/rbac/serviceintegration_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: serviceintegration-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - serviceintegrations - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - serviceintegrations/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - serviceintegrations + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - serviceintegrations/status + verbs: + - get diff --git a/config/rbac/serviceuser_editor_role.yaml b/config/rbac/serviceuser_editor_role.yaml index 752a2f5e..677011ef 100644 --- a/config/rbac/serviceuser_editor_role.yaml +++ b/config/rbac/serviceuser_editor_role.yaml @@ -4,21 +4,21 @@ kind: ClusterRole metadata: name: serviceuser-editor-role rules: -- apiGroups: - - aiven.io - resources: - - serviceusers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - aiven.io - resources: - - serviceusers/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - serviceusers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - aiven.io + resources: + - serviceusers/status + verbs: + - get diff --git a/config/rbac/serviceuser_viewer_role.yaml b/config/rbac/serviceuser_viewer_role.yaml index c089fd13..d39b3ee6 100644 --- a/config/rbac/serviceuser_viewer_role.yaml +++ b/config/rbac/serviceuser_viewer_role.yaml @@ -4,17 +4,17 @@ kind: ClusterRole metadata: name: serviceuser-viewer-role rules: -- apiGroups: - - aiven.io - resources: - - serviceusers - verbs: - - get - - list - - watch -- apiGroups: - - aiven.io - resources: - - serviceusers/status - verbs: - - get + - apiGroups: + - aiven.io + resources: + - serviceusers + verbs: + - get + - list + - watch + - apiGroups: + - aiven.io + resources: + - serviceusers/status + verbs: + - get diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml index 60d8c379..4ac5c48e 100644 --- a/config/samples/kustomization.yaml +++ b/config/samples/kustomization.yaml @@ -1,23 +1,23 @@ ## Append samples you want in your CSV to this file as resources ## resources: -- _v1alpha1_clickhouse.yaml -- _v1alpha1_clickhouseuser.yaml -- _v1alpha1_connectionpool.yaml -- _v1alpha1_database.yaml -- _v1alpha1_kafka.yaml -- _v1alpha1_kafkaacl.yaml -- _v1alpha1_kafkaconnect.yaml -- _v1alpha1_kafkaconnector.yaml -- _v1alpha1_kafkaschema.yaml -- _v1alpha1_kafkatopic.yaml -- _v1alpha1_opensearch.yaml -- _v1alpha1_postgresql.yaml -- _v1alpha1_project.yaml -- _v1alpha1_projectvpc.yaml -- _v1alpha1_redis.yaml -- _v1alpha1_serviceintegration.yaml -- _v1alpha1_serviceuser.yaml -- _v1alpha1_mysql.yaml -- _v1alpha1_cassandra.yaml -- _v1alpha1_grafana.yaml + - _v1alpha1_clickhouse.yaml + - _v1alpha1_clickhouseuser.yaml + - _v1alpha1_connectionpool.yaml + - _v1alpha1_database.yaml + - _v1alpha1_kafka.yaml + - _v1alpha1_kafkaacl.yaml + - _v1alpha1_kafkaconnect.yaml + - _v1alpha1_kafkaconnector.yaml + - _v1alpha1_kafkaschema.yaml + - _v1alpha1_kafkatopic.yaml + - _v1alpha1_opensearch.yaml + - _v1alpha1_postgresql.yaml + - _v1alpha1_project.yaml + - _v1alpha1_projectvpc.yaml + - _v1alpha1_redis.yaml + - _v1alpha1_serviceintegration.yaml + - _v1alpha1_serviceuser.yaml + - _v1alpha1_mysql.yaml + - _v1alpha1_cassandra.yaml + - _v1alpha1_grafana.yaml #+kubebuilder:scaffold:manifestskustomizesamples diff --git a/config/scorecard/bases/config.yaml b/config/scorecard/bases/config.yaml index c7704784..707a5c25 100644 --- a/config/scorecard/bases/config.yaml +++ b/config/scorecard/bases/config.yaml @@ -3,5 +3,5 @@ kind: Configuration metadata: name: config stages: -- parallel: true - tests: [] + - parallel: true + tests: [] diff --git a/config/scorecard/kustomization.yaml b/config/scorecard/kustomization.yaml index 50cd2d08..ee7181bb 100644 --- a/config/scorecard/kustomization.yaml +++ b/config/scorecard/kustomization.yaml @@ -1,16 +1,16 @@ resources: -- bases/config.yaml + - bases/config.yaml patchesJson6902: -- path: patches/basic.config.yaml - target: - group: scorecard.operatorframework.io - version: v1alpha3 - kind: Configuration - name: config -- path: patches/olm.config.yaml - target: - group: scorecard.operatorframework.io - version: v1alpha3 - kind: Configuration - name: config + - path: patches/basic.config.yaml + target: + group: scorecard.operatorframework.io + version: v1alpha3 + kind: Configuration + name: config + - path: patches/olm.config.yaml + target: + group: scorecard.operatorframework.io + version: v1alpha3 + kind: Configuration + name: config #+kubebuilder:scaffold:patchesJson6902 diff --git a/config/scorecard/patches/basic.config.yaml b/config/scorecard/patches/basic.config.yaml index bb8153f6..73512ddd 100644 --- a/config/scorecard/patches/basic.config.yaml +++ b/config/scorecard/patches/basic.config.yaml @@ -2,8 +2,8 @@ path: /stages/0/tests/- value: entrypoint: - - scorecard-test - - basic-check-spec + - scorecard-test + - basic-check-spec image: quay.io/operator-framework/scorecard-test:v1.24.0 labels: suite: basic diff --git a/config/scorecard/patches/olm.config.yaml b/config/scorecard/patches/olm.config.yaml index 4e2f4b83..85a4d012 100644 --- a/config/scorecard/patches/olm.config.yaml +++ b/config/scorecard/patches/olm.config.yaml @@ -2,8 +2,8 @@ path: /stages/0/tests/- value: entrypoint: - - scorecard-test - - olm-bundle-validation + - scorecard-test + - olm-bundle-validation image: quay.io/operator-framework/scorecard-test:v1.24.0 labels: suite: olm @@ -12,8 +12,8 @@ path: /stages/0/tests/- value: entrypoint: - - scorecard-test - - olm-crds-have-validation + - scorecard-test + - olm-crds-have-validation image: quay.io/operator-framework/scorecard-test:v1.24.0 labels: suite: olm @@ -22,8 +22,8 @@ path: /stages/0/tests/- value: entrypoint: - - scorecard-test - - olm-crds-have-resources + - scorecard-test + - olm-crds-have-resources image: quay.io/operator-framework/scorecard-test:v1.24.0 labels: suite: olm @@ -32,8 +32,8 @@ path: /stages/0/tests/- value: entrypoint: - - scorecard-test - - olm-spec-descriptors + - scorecard-test + - olm-spec-descriptors image: quay.io/operator-framework/scorecard-test:v1.24.0 labels: suite: olm @@ -42,8 +42,8 @@ path: /stages/0/tests/- value: entrypoint: - - scorecard-test - - olm-status-descriptors + - scorecard-test + - olm-status-descriptors image: quay.io/operator-framework/scorecard-test:v1.24.0 labels: suite: olm diff --git a/config/webhook/kustomization.yaml b/config/webhook/kustomization.yaml index 9cf26134..7feb516a 100644 --- a/config/webhook/kustomization.yaml +++ b/config/webhook/kustomization.yaml @@ -1,6 +1,6 @@ resources: -- manifests.yaml -- service.yaml + - manifests.yaml + - service.yaml configurations: -- kustomizeconfig.yaml + - kustomizeconfig.yaml diff --git a/config/webhook/kustomizeconfig.yaml b/config/webhook/kustomizeconfig.yaml index 25e21e3c..5e35ba09 100644 --- a/config/webhook/kustomizeconfig.yaml +++ b/config/webhook/kustomizeconfig.yaml @@ -1,25 +1,25 @@ # the following config is for teaching kustomize where to look at when substituting vars. # It requires kustomize v2.1.0 or newer to work properly. nameReference: -- kind: Service - version: v1 - fieldSpecs: + - kind: Service + version: v1 + fieldSpecs: + - kind: MutatingWebhookConfiguration + group: admissionregistration.k8s.io + path: webhooks/clientConfig/service/name + - kind: ValidatingWebhookConfiguration + group: admissionregistration.k8s.io + path: webhooks/clientConfig/service/name + +namespace: - kind: MutatingWebhookConfiguration group: admissionregistration.k8s.io - path: webhooks/clientConfig/service/name + path: webhooks/clientConfig/service/namespace + create: true - kind: ValidatingWebhookConfiguration group: admissionregistration.k8s.io - path: webhooks/clientConfig/service/name - -namespace: -- kind: MutatingWebhookConfiguration - group: admissionregistration.k8s.io - path: webhooks/clientConfig/service/namespace - create: true -- kind: ValidatingWebhookConfiguration - group: admissionregistration.k8s.io - path: webhooks/clientConfig/service/namespace - create: true + path: webhooks/clientConfig/service/namespace + create: true varReference: -- path: metadata/annotations + - path: metadata/annotations diff --git a/config/webhook/manifests.yaml b/config/webhook/manifests.yaml index c6bf25f2..f1395456 100644 --- a/config/webhook/manifests.yaml +++ b/config/webhook/manifests.yaml @@ -5,386 +5,386 @@ metadata: creationTimestamp: null name: mutating-webhook-configuration webhooks: -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-cassandra - failurePolicy: Fail - name: mcassandra.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - cassandras - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-clickhouse - failurePolicy: Fail - name: mclickhouse.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clickhouses - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-clickhouseuser - failurePolicy: Fail - name: mclickhouseuser.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clickhouseusers - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-connectionpool - failurePolicy: Fail - name: mconnectionpool.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - connectionpools - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-database - failurePolicy: Fail - name: mdatabase.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - databases - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-grafana - failurePolicy: Fail - name: mgrafana.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - grafanas - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafka - failurePolicy: Fail - name: mkafka.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkas - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafkaacl - failurePolicy: Fail - name: mkafkaacl.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaacls - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafkaconnect - failurePolicy: Fail - name: mkafkaconnect.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaconnects - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafkaconnector - failurePolicy: Fail - name: mkafkaconnector.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaconnectors - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafkaschema - failurePolicy: Fail - name: mkafkaschema.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaschemas - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-kafkatopic - failurePolicy: Fail - name: mkafkatopic.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkatopics - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-mysql - failurePolicy: Fail - name: mmysql.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - mysqls - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-opensearch - failurePolicy: Fail - name: mopensearch.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - opensearches - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-postgresql - failurePolicy: Fail - name: mpg.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - postgresqls - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-project - failurePolicy: Fail - name: mproject.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - projects - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-redis - failurePolicy: Fail - name: mredis.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - redis - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-serviceintegration - failurePolicy: Fail - name: mserviceintegration.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - serviceintegrations - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /mutate-aiven-io-v1alpha1-serviceuser - failurePolicy: Fail - name: mserviceuser.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - serviceusers - sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-cassandra + failurePolicy: Fail + name: mcassandra.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - cassandras + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-clickhouse + failurePolicy: Fail + name: mclickhouse.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clickhouses + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-clickhouseuser + failurePolicy: Fail + name: mclickhouseuser.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clickhouseusers + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-connectionpool + failurePolicy: Fail + name: mconnectionpool.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - connectionpools + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-database + failurePolicy: Fail + name: mdatabase.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - databases + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-grafana + failurePolicy: Fail + name: mgrafana.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - grafanas + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafka + failurePolicy: Fail + name: mkafka.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkas + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafkaacl + failurePolicy: Fail + name: mkafkaacl.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaacls + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafkaconnect + failurePolicy: Fail + name: mkafkaconnect.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaconnects + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafkaconnector + failurePolicy: Fail + name: mkafkaconnector.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaconnectors + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafkaschema + failurePolicy: Fail + name: mkafkaschema.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaschemas + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-kafkatopic + failurePolicy: Fail + name: mkafkatopic.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkatopics + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-mysql + failurePolicy: Fail + name: mmysql.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - mysqls + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-opensearch + failurePolicy: Fail + name: mopensearch.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - opensearches + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-postgresql + failurePolicy: Fail + name: mpg.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - postgresqls + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-project + failurePolicy: Fail + name: mproject.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - projects + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-redis + failurePolicy: Fail + name: mredis.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - redis + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-serviceintegration + failurePolicy: Fail + name: mserviceintegration.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - serviceintegrations + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-aiven-io-v1alpha1-serviceuser + failurePolicy: Fail + name: mserviceuser.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - serviceusers + sideEffects: None --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration @@ -392,397 +392,397 @@ metadata: creationTimestamp: null name: validating-webhook-configuration webhooks: -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-cassandra - failurePolicy: Fail - name: vcassandra.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - cassandras - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-clickhouse - failurePolicy: Fail - name: vclickhouse.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - clickhouses - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-clickhouseuser - failurePolicy: Fail - name: vclickhouseuser.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clickhouseusers - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-connectionpool - failurePolicy: Fail - name: vconnectionpool.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - connectionpools - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-database - failurePolicy: Fail - name: vdatabase.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - databases - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-grafana - failurePolicy: Fail - name: vgrafana.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - grafanas - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafka - failurePolicy: Fail - name: vkafka.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - kafkas - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafkaacl - failurePolicy: Fail - name: vkafkaacl.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaacls - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafkaconnect - failurePolicy: Fail - name: vkafkaconnect.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - kafkaconnects - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafkaconnector - failurePolicy: Fail - name: vkafkaconnector.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - kafkaconnectors - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafkaschema - failurePolicy: Fail - name: vkafkaschema.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - kafkaschemas - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-kafkatopic - failurePolicy: Fail - name: vkafkatopic.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - kafkatopics - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-mysql - failurePolicy: Fail - name: vmysql.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - mysqls - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-opensearch - failurePolicy: Fail - name: vopensearch.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - opensearches - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-postgresql - failurePolicy: Fail - name: vpg.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - postgresqls - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-project - failurePolicy: Fail - name: vproject.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - projects - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-redis - failurePolicy: Fail - name: vredis.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - redis - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-serviceintegration - failurePolicy: Fail - name: vserviceintegration.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - serviceintegrations - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: system - path: /validate-aiven-io-v1alpha1-serviceuser - failurePolicy: Fail - name: vserviceuser.kb.io - rules: - - apiGroups: - - aiven.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - serviceusers - sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-cassandra + failurePolicy: Fail + name: vcassandra.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - cassandras + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-clickhouse + failurePolicy: Fail + name: vclickhouse.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - clickhouses + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-clickhouseuser + failurePolicy: Fail + name: vclickhouseuser.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clickhouseusers + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-connectionpool + failurePolicy: Fail + name: vconnectionpool.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - connectionpools + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-database + failurePolicy: Fail + name: vdatabase.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - databases + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-grafana + failurePolicy: Fail + name: vgrafana.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - grafanas + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafka + failurePolicy: Fail + name: vkafka.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - kafkas + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafkaacl + failurePolicy: Fail + name: vkafkaacl.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaacls + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafkaconnect + failurePolicy: Fail + name: vkafkaconnect.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - kafkaconnects + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafkaconnector + failurePolicy: Fail + name: vkafkaconnector.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - kafkaconnectors + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafkaschema + failurePolicy: Fail + name: vkafkaschema.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - kafkaschemas + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-kafkatopic + failurePolicy: Fail + name: vkafkatopic.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - kafkatopics + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-mysql + failurePolicy: Fail + name: vmysql.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - mysqls + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-opensearch + failurePolicy: Fail + name: vopensearch.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - opensearches + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-postgresql + failurePolicy: Fail + name: vpg.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - postgresqls + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-project + failurePolicy: Fail + name: vproject.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - projects + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-redis + failurePolicy: Fail + name: vredis.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - redis + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-serviceintegration + failurePolicy: Fail + name: vserviceintegration.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - serviceintegrations + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-aiven-io-v1alpha1-serviceuser + failurePolicy: Fail + name: vserviceuser.kb.io + rules: + - apiGroups: + - aiven.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - serviceusers + sideEffects: None diff --git a/config/webhook/service.yaml b/config/webhook/service.yaml index 3f638bd9..c9f09d4b 100644 --- a/config/webhook/service.yaml +++ b/config/webhook/service.yaml @@ -1,4 +1,3 @@ - apiVersion: v1 kind: Service metadata: diff --git a/docs/docs/api-reference/cassandra.md b/docs/docs/api-reference/cassandra.md index b200d4ce..f38393ef 100644 --- a/docs/docs/api-reference/cassandra.md +++ b/docs/docs/api-reference/cassandra.md @@ -84,8 +84,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -111,11 +111,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -125,8 +125,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -196,4 +196,3 @@ Allow access to selected service ports from the public Internet. **Required** - [`prometheus`](#spec.userConfig.public_access.prometheus-property){: name='spec.userConfig.public_access.prometheus-property'} (boolean). Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network. - diff --git a/docs/docs/api-reference/clickhouse.md b/docs/docs/api-reference/clickhouse.md index f95407db..87834973 100644 --- a/docs/docs/api-reference/clickhouse.md +++ b/docs/docs/api-reference/clickhouse.md @@ -75,8 +75,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -102,11 +102,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -116,8 +116,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -189,4 +189,3 @@ Allow access to selected service ports from the public Internet. - [`clickhouse_https`](#spec.userConfig.public_access.clickhouse_https-property){: name='spec.userConfig.public_access.clickhouse_https-property'} (boolean). Allow clients to connect to clickhouse_https from the public internet for service nodes that are in a project VPC or another type of private network. - [`clickhouse_mysql`](#spec.userConfig.public_access.clickhouse_mysql-property){: name='spec.userConfig.public_access.clickhouse_mysql-property'} (boolean). Allow clients to connect to clickhouse_mysql from the public internet for service nodes that are in a project VPC or another type of private network. - [`prometheus`](#spec.userConfig.public_access.prometheus-property){: name='spec.userConfig.public_access.prometheus-property'} (boolean). Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network. - diff --git a/docs/docs/api-reference/clickhouseuser.md b/docs/docs/api-reference/clickhouseuser.md index ad2da11e..e30e1180 100644 --- a/docs/docs/api-reference/clickhouseuser.md +++ b/docs/docs/api-reference/clickhouseuser.md @@ -61,8 +61,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -79,4 +79,3 @@ Information regarding secret creation. Exposed keys: `CLICKHOUSEUSER_HOST`, `CLI - [`annotations`](#spec.connInfoSecretTarget.annotations-property){: name='spec.connInfoSecretTarget.annotations-property'} (object, AdditionalProperties: string). Annotations added to the secret. - [`labels`](#spec.connInfoSecretTarget.labels-property){: name='spec.connInfoSecretTarget.labels-property'} (object, AdditionalProperties: string). Labels added to the secret. - [`prefix`](#spec.connInfoSecretTarget.prefix-property){: name='spec.connInfoSecretTarget.prefix-property'} (string). Prefix for the secret's keys. Added "as is" without any transformations. By default, is equal to the kind name in uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - diff --git a/docs/docs/api-reference/connectionpool.md b/docs/docs/api-reference/connectionpool.md index 53e500e1..9905d6d7 100644 --- a/docs/docs/api-reference/connectionpool.md +++ b/docs/docs/api-reference/connectionpool.md @@ -69,8 +69,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -87,4 +87,3 @@ Information regarding secret creation. Exposed keys: `CONNECTIONPOOL_NAME`, `CON - [`annotations`](#spec.connInfoSecretTarget.annotations-property){: name='spec.connInfoSecretTarget.annotations-property'} (object, AdditionalProperties: string). Annotations added to the secret. - [`labels`](#spec.connInfoSecretTarget.labels-property){: name='spec.connInfoSecretTarget.labels-property'} (object, AdditionalProperties: string). Labels added to the secret. - [`prefix`](#spec.connInfoSecretTarget.prefix-property){: name='spec.connInfoSecretTarget.prefix-property'} (string). Prefix for the secret's keys. Added "as is" without any transformations. By default, is equal to the kind name in uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - diff --git a/docs/docs/api-reference/database.md b/docs/docs/api-reference/database.md index 61ce1948..c36af121 100644 --- a/docs/docs/api-reference/database.md +++ b/docs/docs/api-reference/database.md @@ -58,6 +58,5 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). - +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). diff --git a/docs/docs/api-reference/grafana.md b/docs/docs/api-reference/grafana.md index 29cd7f3c..1dc1c816 100644 --- a/docs/docs/api-reference/grafana.md +++ b/docs/docs/api-reference/grafana.md @@ -83,8 +83,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -110,11 +110,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -124,8 +124,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -166,7 +166,7 @@ Cassandra specific user configuration options. - [`privatelink_access`](#spec.userConfig.privatelink_access-property){: name='spec.userConfig.privatelink_access-property'} (object). Allow access to selected service components through Privatelink. See below for [nested schema](#spec.userConfig.privatelink_access). - [`project_to_fork_from`](#spec.userConfig.project_to_fork_from-property){: name='spec.userConfig.project_to_fork_from-property'} (string, Immutable, MaxLength: 63). Name of another project to fork a service from. This has effect only when a new service is being created. - [`public_access`](#spec.userConfig.public_access-property){: name='spec.userConfig.public_access-property'} (object). Allow access to selected service ports from the public Internet. See below for [nested schema](#spec.userConfig.public_access). -- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery_basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-_:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. +- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery*basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-*:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. - [`service_log`](#spec.userConfig.service_log-property){: name='spec.userConfig.service_log-property'} (boolean). Store logs for the service so that they are available in the HTTP API and console. - [`service_to_fork_from`](#spec.userConfig.service_to_fork_from-property){: name='spec.userConfig.service_to_fork_from-property'} (string, Immutable, MaxLength: 64). Name of another service to fork from. This has effect only when a new service is being created. - [`smtp_server`](#spec.userConfig.smtp_server-property){: name='spec.userConfig.smtp_server-property'} (object). SMTP server settings. See below for [nested schema](#spec.userConfig.smtp_server). @@ -215,7 +215,7 @@ Generic OAuth integration. - [`allowed_domains`](#spec.userConfig.auth_generic_oauth.allowed_domains-property){: name='spec.userConfig.auth_generic_oauth.allowed_domains-property'} (array of strings, MaxItems: 50). Allowed domains. - [`allowed_organizations`](#spec.userConfig.auth_generic_oauth.allowed_organizations-property){: name='spec.userConfig.auth_generic_oauth.allowed_organizations-property'} (array of strings, MaxItems: 50). Require user to be member of one of the listed organizations. - [`auto_login`](#spec.userConfig.auth_generic_oauth.auto_login-property){: name='spec.userConfig.auth_generic_oauth.auto_login-property'} (boolean). Allow users to bypass the login screen and automatically log in. -- [`name`](#spec.userConfig.auth_generic_oauth.name-property){: name='spec.userConfig.auth_generic_oauth.name-property'} (string, Pattern: `^[a-zA-Z0-9_\- ]+$`, MaxLength: 128). Name of the OAuth integration. +- [`name`](#spec.userConfig.auth_generic_oauth.name-property){: name='spec.userConfig.auth*generic_oauth.name-property'} (string, Pattern: `^[a-zA-Z0-9*\- ]+$`, MaxLength: 128). Name of the OAuth integration. - [`scopes`](#spec.userConfig.auth_generic_oauth.scopes-property){: name='spec.userConfig.auth_generic_oauth.scopes-property'} (array of strings, MaxItems: 50). OAuth scopes. ### auth_github {: #spec.userConfig.auth_github } @@ -363,4 +363,3 @@ SMTP server settings. - [`skip_verify`](#spec.userConfig.smtp_server.skip_verify-property){: name='spec.userConfig.smtp_server.skip_verify-property'} (boolean). Skip verifying server certificate. Defaults to false. - [`starttls_policy`](#spec.userConfig.smtp_server.starttls_policy-property){: name='spec.userConfig.smtp_server.starttls_policy-property'} (string, Enum: `OpportunisticStartTLS`, `MandatoryStartTLS`, `NoStartTLS`). Either OpportunisticStartTLS, MandatoryStartTLS or NoStartTLS. Default is OpportunisticStartTLS. - [`username`](#spec.userConfig.smtp_server.username-property){: name='spec.userConfig.smtp_server.username-property'} (string, Pattern: `^[^\x00-\x1F]+$`, MaxLength: 255). Username for SMTP authentication. - diff --git a/docs/docs/api-reference/kafka.md b/docs/docs/api-reference/kafka.md index 60eb266d..a1038224 100644 --- a/docs/docs/api-reference/kafka.md +++ b/docs/docs/api-reference/kafka.md @@ -76,8 +76,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -103,11 +103,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -117,8 +117,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -251,7 +251,7 @@ Kafka Connect configuration values. - [`producer_compression_type`](#spec.userConfig.kafka_connect_config.producer_compression_type-property){: name='spec.userConfig.kafka_connect_config.producer_compression_type-property'} (string, Enum: `gzip`, `snappy`, `lz4`, `zstd`, `none`). Specify the default compression type for producers. This configuration accepts the standard compression codecs (`gzip`, `snappy`, `lz4`, `zstd`). It additionally accepts `none` which is the default and equivalent to no compression. - [`producer_linger_ms`](#spec.userConfig.kafka_connect_config.producer_linger_ms-property){: name='spec.userConfig.kafka_connect_config.producer_linger_ms-property'} (integer, Minimum: 0, Maximum: 5000). This setting gives the upper bound on the delay for batching: once there is batch.size worth of records for a partition it will be sent immediately regardless of this setting, however if there are fewer than this many bytes accumulated for this partition the producer will `linger` for the specified time waiting for more records to show up. Defaults to 0. - [`producer_max_request_size`](#spec.userConfig.kafka_connect_config.producer_max_request_size-property){: name='spec.userConfig.kafka_connect_config.producer_max_request_size-property'} (integer, Minimum: 131072, Maximum: 67108864). This setting will limit the number of record batches the producer will send in a single request to avoid sending huge requests. -- [`scheduled_rebalance_max_delay_ms`](#spec.userConfig.kafka_connect_config.scheduled_rebalance_max_delay_ms-property){: name='spec.userConfig.kafka_connect_config.scheduled_rebalance_max_delay_ms-property'} (integer, Minimum: 0, Maximum: 600000). The maximum delay that is scheduled in order to wait for the return of one or more departed workers before rebalancing and reassigning their connectors and tasks to the group. During this period the connectors and tasks of the departed workers remain unassigned. Defaults to 5 minutes. +- [`scheduled_rebalance_max_delay_ms`](#spec.userConfig.kafka_connect_config.scheduled_rebalance_max_delay_ms-property){: name='spec.userConfig.kafka_connect_config.scheduled_rebalance_max_delay_ms-property'} (integer, Minimum: 0, Maximum: 600000). The maximum delay that is scheduled in order to wait for the return of one or more departed workers before rebalancing and reassigning their connectors and tasks to the group. During this period the connectors and tasks of the departed workers remain unassigned. Defaults to 5 minutes. - [`session_timeout_ms`](#spec.userConfig.kafka_connect_config.session_timeout_ms-property){: name='spec.userConfig.kafka_connect_config.session_timeout_ms-property'} (integer, Minimum: 1, Maximum: 2147483647). The timeout in milliseconds used to detect failures when using Kafka’s group management facilities (defaults to 10000). ### kafka_rest_config {: #spec.userConfig.kafka_rest_config } @@ -346,4 +346,3 @@ Deprecated. Local cache configuration. **Required** - [`size`](#spec.userConfig.tiered_storage.local_cache.size-property){: name='spec.userConfig.tiered_storage.local_cache.size-property'} (integer, Minimum: 1, Maximum: 107374182400). Deprecated. Local cache size in bytes. - diff --git a/docs/docs/api-reference/kafkaacl.md b/docs/docs/api-reference/kafkaacl.md index 16e382d3..ef683f58 100644 --- a/docs/docs/api-reference/kafkaacl.md +++ b/docs/docs/api-reference/kafkaacl.md @@ -58,6 +58,5 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). - +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). diff --git a/docs/docs/api-reference/kafkaconnect.md b/docs/docs/api-reference/kafkaconnect.md index 9670e11b..d045e98b 100644 --- a/docs/docs/api-reference/kafkaconnect.md +++ b/docs/docs/api-reference/kafkaconnect.md @@ -68,8 +68,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## projectVPCRef {: #spec.projectVPCRef } @@ -79,11 +79,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -93,8 +93,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -149,7 +149,7 @@ Kafka Connect configuration values. - [`producer_compression_type`](#spec.userConfig.kafka_connect.producer_compression_type-property){: name='spec.userConfig.kafka_connect.producer_compression_type-property'} (string, Enum: `gzip`, `snappy`, `lz4`, `zstd`, `none`). Specify the default compression type for producers. This configuration accepts the standard compression codecs (`gzip`, `snappy`, `lz4`, `zstd`). It additionally accepts `none` which is the default and equivalent to no compression. - [`producer_linger_ms`](#spec.userConfig.kafka_connect.producer_linger_ms-property){: name='spec.userConfig.kafka_connect.producer_linger_ms-property'} (integer, Minimum: 0, Maximum: 5000). This setting gives the upper bound on the delay for batching: once there is batch.size worth of records for a partition it will be sent immediately regardless of this setting, however if there are fewer than this many bytes accumulated for this partition the producer will `linger` for the specified time waiting for more records to show up. Defaults to 0. - [`producer_max_request_size`](#spec.userConfig.kafka_connect.producer_max_request_size-property){: name='spec.userConfig.kafka_connect.producer_max_request_size-property'} (integer, Minimum: 131072, Maximum: 67108864). This setting will limit the number of record batches the producer will send in a single request to avoid sending huge requests. -- [`scheduled_rebalance_max_delay_ms`](#spec.userConfig.kafka_connect.scheduled_rebalance_max_delay_ms-property){: name='spec.userConfig.kafka_connect.scheduled_rebalance_max_delay_ms-property'} (integer, Minimum: 0, Maximum: 600000). The maximum delay that is scheduled in order to wait for the return of one or more departed workers before rebalancing and reassigning their connectors and tasks to the group. During this period the connectors and tasks of the departed workers remain unassigned. Defaults to 5 minutes. +- [`scheduled_rebalance_max_delay_ms`](#spec.userConfig.kafka_connect.scheduled_rebalance_max_delay_ms-property){: name='spec.userConfig.kafka_connect.scheduled_rebalance_max_delay_ms-property'} (integer, Minimum: 0, Maximum: 600000). The maximum delay that is scheduled in order to wait for the return of one or more departed workers before rebalancing and reassigning their connectors and tasks to the group. During this period the connectors and tasks of the departed workers remain unassigned. Defaults to 5 minutes. - [`session_timeout_ms`](#spec.userConfig.kafka_connect.session_timeout_ms-property){: name='spec.userConfig.kafka_connect.session_timeout_ms-property'} (integer, Minimum: 1, Maximum: 2147483647). The timeout in milliseconds used to detect failures when using Kafka’s group management facilities (defaults to 10000). ### private_access {: #spec.userConfig.private_access } @@ -185,4 +185,3 @@ Allow access to selected service ports from the public Internet. - [`kafka_connect`](#spec.userConfig.public_access.kafka_connect-property){: name='spec.userConfig.public_access.kafka_connect-property'} (boolean). Allow clients to connect to kafka_connect from the public internet for service nodes that are in a project VPC or another type of private network. - [`prometheus`](#spec.userConfig.public_access.prometheus-property){: name='spec.userConfig.public_access.prometheus-property'} (boolean). Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network. - diff --git a/docs/docs/api-reference/kafkaconnector.md b/docs/docs/api-reference/kafkaconnector.md index 06b06a16..ab09f3cc 100644 --- a/docs/docs/api-reference/kafkaconnector.md +++ b/docs/docs/api-reference/kafkaconnector.md @@ -38,6 +38,5 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). - +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). diff --git a/docs/docs/api-reference/kafkaschema.md b/docs/docs/api-reference/kafkaschema.md index 56932154..b705e329 100644 --- a/docs/docs/api-reference/kafkaschema.md +++ b/docs/docs/api-reference/kafkaschema.md @@ -71,6 +71,5 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). - +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). diff --git a/docs/docs/api-reference/kafkatopic.md b/docs/docs/api-reference/kafkatopic.md index c52ad7e4..55a26e41 100644 --- a/docs/docs/api-reference/kafkatopic.md +++ b/docs/docs/api-reference/kafkatopic.md @@ -65,8 +65,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## config {: #spec.config } @@ -108,9 +108,8 @@ Kafka topic tags. **Required** -- [`key`](#spec.tags.key-property){: name='spec.tags.key-property'} (string, MinLength: 1, MaxLength: 64, Format: `^[a-zA-Z0-9_-]*$`). +- [`key`](#spec.tags.key-property){: name='spec.tags.key-property'} (string, MinLength: 1, MaxLength: 64, Format: `^[a-zA-Z0-9_-]*$`). **Optional** -- [`value`](#spec.tags.value-property){: name='spec.tags.value-property'} (string, MaxLength: 256, Format: `^[a-zA-Z0-9_-]*$`). - +- [`value`](#spec.tags.value-property){: name='spec.tags.value-property'} (string, MaxLength: 256, Format: `^[a-zA-Z0-9_-]*$`). diff --git a/docs/docs/api-reference/mysql.md b/docs/docs/api-reference/mysql.md index 27afc1bd..b7f7d431 100644 --- a/docs/docs/api-reference/mysql.md +++ b/docs/docs/api-reference/mysql.md @@ -83,8 +83,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -110,11 +110,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -124,8 +124,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -136,7 +136,7 @@ MySQL specific user configuration options. **Optional** - [`additional_backup_regions`](#spec.userConfig.additional_backup_regions-property){: name='spec.userConfig.additional_backup_regions-property'} (array of strings, MaxItems: 1). Additional Cloud Regions for Backup Replication. -- [`admin_password`](#spec.userConfig.admin_password-property){: name='spec.userConfig.admin_password-property'} (string, Immutable, Pattern: `^[a-zA-Z0-9-_]+$`, MinLength: 8, MaxLength: 256). Custom password for admin user. Defaults to random string. This must be set only when a new service is being created. +- [`admin_password`](#spec.userConfig.admin_password-property){: name='spec.userConfig.admin*password-property'} (string, Immutable, Pattern: `^[a-zA-Z0-9-*]+$`, MinLength: 8, MaxLength: 256). Custom password for admin user. Defaults to random string. This must be set only when a new service is being created. - [`admin_username`](#spec.userConfig.admin_username-property){: name='spec.userConfig.admin_username-property'} (string, Immutable, Pattern: `^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$`, MaxLength: 64). Custom username for admin user. This must be set only when a new service is being created. - [`backup_hour`](#spec.userConfig.backup_hour-property){: name='spec.userConfig.backup_hour-property'} (integer, Minimum: 0, Maximum: 23). The hour of day (in UTC) when backup for the service is started. New backup is only started if previous backup has already completed. - [`backup_minute`](#spec.userConfig.backup_minute-property){: name='spec.userConfig.backup_minute-property'} (integer, Minimum: 0, Maximum: 59). The minute of an hour when backup for the service is started. New backup is only started if previous backup has already completed. @@ -201,7 +201,7 @@ mysql.conf configuration values. - [`group_concat_max_len`](#spec.userConfig.mysql.group_concat_max_len-property){: name='spec.userConfig.mysql.group_concat_max_len-property'} (integer, Minimum: 4). The maximum permitted result length in bytes for the GROUP_CONCAT() function. - [`information_schema_stats_expiry`](#spec.userConfig.mysql.information_schema_stats_expiry-property){: name='spec.userConfig.mysql.information_schema_stats_expiry-property'} (integer, Minimum: 900, Maximum: 31536000). The time, in seconds, before cached statistics expire. - [`innodb_change_buffer_max_size`](#spec.userConfig.mysql.innodb_change_buffer_max_size-property){: name='spec.userConfig.mysql.innodb_change_buffer_max_size-property'} (integer, Minimum: 0, Maximum: 50). Maximum size for the InnoDB change buffer, as a percentage of the total size of the buffer pool. Default is 25. -- [`innodb_flush_neighbors`](#spec.userConfig.mysql.innodb_flush_neighbors-property){: name='spec.userConfig.mysql.innodb_flush_neighbors-property'} (integer, Minimum: 0, Maximum: 2). Specifies whether flushing a page from the InnoDB buffer pool also flushes other dirty pages in the same extent (default is 1): 0 - dirty pages in the same extent are not flushed, 1 - flush contiguous dirty pages in the same extent, 2 - flush dirty pages in the same extent. +- [`innodb_flush_neighbors`](#spec.userConfig.mysql.innodb_flush_neighbors-property){: name='spec.userConfig.mysql.innodb_flush_neighbors-property'} (integer, Minimum: 0, Maximum: 2). Specifies whether flushing a page from the InnoDB buffer pool also flushes other dirty pages in the same extent (default is 1): 0 - dirty pages in the same extent are not flushed, 1 - flush contiguous dirty pages in the same extent, 2 - flush dirty pages in the same extent. - [`innodb_ft_min_token_size`](#spec.userConfig.mysql.innodb_ft_min_token_size-property){: name='spec.userConfig.mysql.innodb_ft_min_token_size-property'} (integer, Minimum: 0, Maximum: 16). Minimum length of words that are stored in an InnoDB FULLTEXT index. Changing this parameter will lead to a restart of the MySQL service. - [`innodb_ft_server_stopword_table`](#spec.userConfig.mysql.innodb_ft_server_stopword_table-property){: name='spec.userConfig.mysql.innodb_ft_server_stopword_table-property'} (string, Pattern: `^.+/.+$`, MaxLength: 1024). This option is used to specify your own InnoDB FULLTEXT index stopword list for all InnoDB tables. - [`innodb_lock_wait_timeout`](#spec.userConfig.mysql.innodb_lock_wait_timeout-property){: name='spec.userConfig.mysql.innodb_lock_wait_timeout-property'} (integer, Minimum: 1, Maximum: 3600). The length of time in seconds an InnoDB transaction waits for a row lock before giving up. Default is 120. @@ -222,7 +222,7 @@ mysql.conf configuration values. - [`net_write_timeout`](#spec.userConfig.mysql.net_write_timeout-property){: name='spec.userConfig.mysql.net_write_timeout-property'} (integer, Minimum: 1, Maximum: 3600). The number of seconds to wait for a block to be written to a connection before aborting the write. - [`slow_query_log`](#spec.userConfig.mysql.slow_query_log-property){: name='spec.userConfig.mysql.slow_query_log-property'} (boolean). Slow query log enables capturing of slow queries. Setting slow_query_log to false also truncates the mysql.slow_log table. Default is off. - [`sort_buffer_size`](#spec.userConfig.mysql.sort_buffer_size-property){: name='spec.userConfig.mysql.sort_buffer_size-property'} (integer, Minimum: 32768, Maximum: 1073741824). Sort buffer size in bytes for ORDER BY optimization. Default is 262144 (256K). -- [`sql_mode`](#spec.userConfig.mysql.sql_mode-property){: name='spec.userConfig.mysql.sql_mode-property'} (string, Pattern: `^[A-Z_]*(,[A-Z_]+)*$`, MaxLength: 1024). Global SQL mode. Set to empty to use MySQL server defaults. When creating a new service and not setting this field Aiven default SQL mode (strict, SQL standard compliant) will be assigned. +- [`sql_mode`](#spec.userConfig.mysql.sql_mode-property){: name='spec.userConfig.mysql.sql*mode-property'} (string, Pattern: `^[A-Z*]_(,[A-Z_]+)\_$`, MaxLength: 1024). Global SQL mode. Set to empty to use MySQL server defaults. When creating a new service and not setting this field Aiven default SQL mode (strict, SQL standard compliant) will be assigned. - [`sql_require_primary_key`](#spec.userConfig.mysql.sql_require_primary_key-property){: name='spec.userConfig.mysql.sql_require_primary_key-property'} (boolean). Require primary key to be defined for new tables or old tables modified with ALTER TABLE and fail if missing. It is recommended to always have primary keys because various functionality may break if any large table is missing them. - [`tmp_table_size`](#spec.userConfig.mysql.tmp_table_size-property){: name='spec.userConfig.mysql.tmp_table_size-property'} (integer, Minimum: 1048576, Maximum: 1073741824). Limits the size of internal in-memory tables. Also set max_heap_table_size. Default is 16777216 (16M). - [`wait_timeout`](#spec.userConfig.mysql.wait_timeout-property){: name='spec.userConfig.mysql.wait_timeout-property'} (integer, Minimum: 1, Maximum: 2147483). The number of seconds the server waits for activity on a noninteractive connection before closing it. @@ -262,4 +262,3 @@ Allow access to selected service ports from the public Internet. - [`mysql`](#spec.userConfig.public_access.mysql-property){: name='spec.userConfig.public_access.mysql-property'} (boolean). Allow clients to connect to mysql from the public internet for service nodes that are in a project VPC or another type of private network. - [`mysqlx`](#spec.userConfig.public_access.mysqlx-property){: name='spec.userConfig.public_access.mysqlx-property'} (boolean). Allow clients to connect to mysqlx from the public internet for service nodes that are in a project VPC or another type of private network. - [`prometheus`](#spec.userConfig.public_access.prometheus-property){: name='spec.userConfig.public_access.prometheus-property'} (boolean). Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network. - diff --git a/docs/docs/api-reference/opensearch.md b/docs/docs/api-reference/opensearch.md index db5c6ee4..c80cf540 100644 --- a/docs/docs/api-reference/opensearch.md +++ b/docs/docs/api-reference/opensearch.md @@ -76,8 +76,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -103,11 +103,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -117,8 +117,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -144,7 +144,7 @@ OpenSearch specific user configuration options. - [`privatelink_access`](#spec.userConfig.privatelink_access-property){: name='spec.userConfig.privatelink_access-property'} (object). Allow access to selected service components through Privatelink. See below for [nested schema](#spec.userConfig.privatelink_access). - [`project_to_fork_from`](#spec.userConfig.project_to_fork_from-property){: name='spec.userConfig.project_to_fork_from-property'} (string, Immutable, MaxLength: 63). Name of another project to fork a service from. This has effect only when a new service is being created. - [`public_access`](#spec.userConfig.public_access-property){: name='spec.userConfig.public_access-property'} (object). Allow access to selected service ports from the public Internet. See below for [nested schema](#spec.userConfig.public_access). -- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery_basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-_:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. +- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery*basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-*:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. - [`saml`](#spec.userConfig.saml-property){: name='spec.userConfig.saml-property'} (object). OpenSearch SAML configuration. See below for [nested schema](#spec.userConfig.saml). - [`service_log`](#spec.userConfig.service_log-property){: name='spec.userConfig.service_log-property'} (boolean). Store logs for the service so that they are available in the HTTP API and console. - [`service_to_fork_from`](#spec.userConfig.service_to_fork_from-property){: name='spec.userConfig.service_to_fork_from-property'} (string, Immutable, MaxLength: 64). Name of another service to fork from. This has effect only when a new service is being created. @@ -159,7 +159,7 @@ Index patterns. **Required** - [`max_index_count`](#spec.userConfig.index_patterns.max_index_count-property){: name='spec.userConfig.index_patterns.max_index_count-property'} (integer, Minimum: 0). Maximum number of indexes to keep. -- [`pattern`](#spec.userConfig.index_patterns.pattern-property){: name='spec.userConfig.index_patterns.pattern-property'} (string, Pattern: `^[A-Za-z0-9-_.*?]+$`, MaxLength: 1024). fnmatch pattern. +- [`pattern`](#spec.userConfig.index_patterns.pattern-property){: name='spec.userConfig.index*patterns.pattern-property'} (string, Pattern: `^[A-Za-z0-9-*.\*?]+$`, MaxLength: 1024). fnmatch pattern. **Optional** @@ -228,7 +228,7 @@ OpenSearch settings. - [`auth_failure_listeners`](#spec.userConfig.opensearch.auth_failure_listeners-property){: name='spec.userConfig.opensearch.auth_failure_listeners-property'} (object). Opensearch Security Plugin Settings. See below for [nested schema](#spec.userConfig.opensearch.auth_failure_listeners). - [`cluster_max_shards_per_node`](#spec.userConfig.opensearch.cluster_max_shards_per_node-property){: name='spec.userConfig.opensearch.cluster_max_shards_per_node-property'} (integer, Minimum: 100, Maximum: 10000). Controls the number of shards allowed in the cluster per data node. - [`cluster_routing_allocation_node_concurrent_recoveries`](#spec.userConfig.opensearch.cluster_routing_allocation_node_concurrent_recoveries-property){: name='spec.userConfig.opensearch.cluster_routing_allocation_node_concurrent_recoveries-property'} (integer, Minimum: 2, Maximum: 16). How many concurrent incoming/outgoing shard recoveries (normally replicas) are allowed to happen on a node. Defaults to 2. -- [`email_sender_name`](#spec.userConfig.opensearch.email_sender_name-property){: name='spec.userConfig.opensearch.email_sender_name-property'} (string, Pattern: `^[a-zA-Z0-9-_]+$`, MaxLength: 40). Sender name placeholder to be used in Opensearch Dashboards and Opensearch keystore. +- [`email_sender_name`](#spec.userConfig.opensearch.email_sender_name-property){: name='spec.userConfig.opensearch.email*sender_name-property'} (string, Pattern: `^[a-zA-Z0-9-*]+$`, MaxLength: 40). Sender name placeholder to be used in Opensearch Dashboards and Opensearch keystore. - [`email_sender_password`](#spec.userConfig.opensearch.email_sender_password-property){: name='spec.userConfig.opensearch.email_sender_password-property'} (string, Pattern: `^[^\x00-\x1F]+$`, MaxLength: 1024). Sender password for Opensearch alerts to authenticate with SMTP server. - [`email_sender_username`](#spec.userConfig.opensearch.email_sender_username-property){: name='spec.userConfig.opensearch.email_sender_username-property'} (string, Pattern: `^[^\x00-\x1F]+$`, MaxLength: 320). Sender username for Opensearch alerts. - [`enable_security_audit`](#spec.userConfig.opensearch.enable_security_audit-property){: name='spec.userConfig.opensearch.enable_security_audit-property'} (boolean). Enable/Disable security audit. @@ -273,7 +273,7 @@ Opensearch Security Plugin Settings. **Optional** -- [`internal_authentication_backend_limiting`](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting-property){: name='spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting-property'} (object). See below for [nested schema](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting). +- [`internal_authentication_backend_limiting`](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting-property){: name='spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting-property'} (object). See below for [nested schema](#spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting). - [`ip_rate_limiting`](#spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting-property){: name='spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting-property'} (object). IP address rate limiting settings. See below for [nested schema](#spec.userConfig.opensearch.auth_failure_listeners.ip_rate_limiting). ##### internal_authentication_backend_limiting {: #spec.userConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting } @@ -371,4 +371,3 @@ OpenSearch SAML configuration. - [`idp_pemtrustedcas_content`](#spec.userConfig.saml.idp_pemtrustedcas_content-property){: name='spec.userConfig.saml.idp_pemtrustedcas_content-property'} (string, MaxLength: 16384). This parameter specifies the PEM-encoded root certificate authority (CA) content for the SAML identity provider (IdP) server verification. The root CA content is used to verify the SSL/TLS certificate presented by the server. - [`roles_key`](#spec.userConfig.saml.roles_key-property){: name='spec.userConfig.saml.roles_key-property'} (string, MinLength: 1, MaxLength: 256). Optional. Specifies the attribute in the SAML response where role information is stored, if available. Role attributes are not required for SAML authentication, but can be included in SAML assertions by most Identity Providers (IdPs) to determine user access levels or permissions. - [`subject_key`](#spec.userConfig.saml.subject_key-property){: name='spec.userConfig.saml.subject_key-property'} (string, MinLength: 1, MaxLength: 256). Optional. Specifies the attribute in the SAML response where the subject identifier is stored. If not configured, the NameID attribute is used by default. - diff --git a/docs/docs/api-reference/postgresql.md b/docs/docs/api-reference/postgresql.md index 3ee32409..0f0578eb 100644 --- a/docs/docs/api-reference/postgresql.md +++ b/docs/docs/api-reference/postgresql.md @@ -78,8 +78,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -105,11 +105,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -119,8 +119,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -131,7 +131,7 @@ PostgreSQL specific user configuration options. **Optional** - [`additional_backup_regions`](#spec.userConfig.additional_backup_regions-property){: name='spec.userConfig.additional_backup_regions-property'} (array of strings, MaxItems: 1). Additional Cloud Regions for Backup Replication. -- [`admin_password`](#spec.userConfig.admin_password-property){: name='spec.userConfig.admin_password-property'} (string, Immutable, Pattern: `^[a-zA-Z0-9-_]+$`, MinLength: 8, MaxLength: 256). Custom password for admin user. Defaults to random string. This must be set only when a new service is being created. +- [`admin_password`](#spec.userConfig.admin_password-property){: name='spec.userConfig.admin*password-property'} (string, Immutable, Pattern: `^[a-zA-Z0-9-*]+$`, MinLength: 8, MaxLength: 256). Custom password for admin user. Defaults to random string. This must be set only when a new service is being created. - [`admin_username`](#spec.userConfig.admin_username-property){: name='spec.userConfig.admin_username-property'} (string, Immutable, Pattern: `^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$`, MaxLength: 64). Custom username for admin user. This must be set only when a new service is being created. - [`backup_hour`](#spec.userConfig.backup_hour-property){: name='spec.userConfig.backup_hour-property'} (integer, Minimum: 0, Maximum: 23). The hour of day (in UTC) when backup for the service is started. New backup is only started if previous backup has already completed. - [`backup_minute`](#spec.userConfig.backup_minute-property){: name='spec.userConfig.backup_minute-property'} (integer, Minimum: 0, Maximum: 59). The minute of an hour when backup for the service is started. New backup is only started if previous backup has already completed. @@ -203,7 +203,7 @@ postgresql.conf configuration values. **Optional** - [`autovacuum_analyze_scale_factor`](#spec.userConfig.pg.autovacuum_analyze_scale_factor-property){: name='spec.userConfig.pg.autovacuum_analyze_scale_factor-property'} (number, Minimum: 0, Maximum: 1). Specifies a fraction of the table size to add to autovacuum_analyze_threshold when deciding whether to trigger an ANALYZE. The default is 0.2 (20% of table size). -- [`autovacuum_analyze_threshold`](#spec.userConfig.pg.autovacuum_analyze_threshold-property){: name='spec.userConfig.pg.autovacuum_analyze_threshold-property'} (integer, Minimum: 0, Maximum: 2147483647). Specifies the minimum number of inserted, updated or deleted tuples needed to trigger an ANALYZE in any one table. The default is 50 tuples. +- [`autovacuum_analyze_threshold`](#spec.userConfig.pg.autovacuum_analyze_threshold-property){: name='spec.userConfig.pg.autovacuum_analyze_threshold-property'} (integer, Minimum: 0, Maximum: 2147483647). Specifies the minimum number of inserted, updated or deleted tuples needed to trigger an ANALYZE in any one table. The default is 50 tuples. - [`autovacuum_freeze_max_age`](#spec.userConfig.pg.autovacuum_freeze_max_age-property){: name='spec.userConfig.pg.autovacuum_freeze_max_age-property'} (integer, Minimum: 200000000, Maximum: 1500000000). Specifies the maximum age (in transactions) that a table's pg_class.relfrozenxid field can attain before a VACUUM operation is forced to prevent transaction ID wraparound within the table. Note that the system will launch autovacuum processes to prevent wraparound even when autovacuum is otherwise disabled. This parameter will cause the server to be restarted. - [`autovacuum_max_workers`](#spec.userConfig.pg.autovacuum_max_workers-property){: name='spec.userConfig.pg.autovacuum_max_workers-property'} (integer, Minimum: 1, Maximum: 20). Specifies the maximum number of autovacuum processes (other than the autovacuum launcher) that may be running at any one time. The default is three. This parameter can only be set at server start. - [`autovacuum_naptime`](#spec.userConfig.pg.autovacuum_naptime-property){: name='spec.userConfig.pg.autovacuum_naptime-property'} (integer, Minimum: 1, Maximum: 86400). Specifies the minimum delay between autovacuum runs on any given database. The delay is measured in seconds, and the default is one minute. @@ -339,4 +339,3 @@ System-wide settings for the timescaledb extension. **Required** - [`max_background_workers`](#spec.userConfig.timescaledb.max_background_workers-property){: name='spec.userConfig.timescaledb.max_background_workers-property'} (integer, Minimum: 1, Maximum: 4096). The number of background workers for timescaledb operations. You should configure this setting to the sum of your number of databases and the total number of concurrent background workers you want running at any given point in time. - diff --git a/docs/docs/api-reference/project.md b/docs/docs/api-reference/project.md index 05867a8b..cfc6e9f6 100644 --- a/docs/docs/api-reference/project.md +++ b/docs/docs/api-reference/project.md @@ -71,8 +71,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -89,4 +89,3 @@ Information regarding secret creation. Exposed keys: `PROJECT_CA_CERT`. - [`annotations`](#spec.connInfoSecretTarget.annotations-property){: name='spec.connInfoSecretTarget.annotations-property'} (object, AdditionalProperties: string). Annotations added to the secret. - [`labels`](#spec.connInfoSecretTarget.labels-property){: name='spec.connInfoSecretTarget.labels-property'} (object, AdditionalProperties: string). Labels added to the secret. - [`prefix`](#spec.connInfoSecretTarget.prefix-property){: name='spec.connInfoSecretTarget.prefix-property'} (string). Prefix for the secret's keys. Added "as is" without any transformations. By default, is equal to the kind name in uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - diff --git a/docs/docs/api-reference/projectvpc.md b/docs/docs/api-reference/projectvpc.md index 7f36973b..1e9413ba 100644 --- a/docs/docs/api-reference/projectvpc.md +++ b/docs/docs/api-reference/projectvpc.md @@ -54,6 +54,5 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). - +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). diff --git a/docs/docs/api-reference/redis.md b/docs/docs/api-reference/redis.md index 04d3996a..f2244034 100644 --- a/docs/docs/api-reference/redis.md +++ b/docs/docs/api-reference/redis.md @@ -78,8 +78,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -105,11 +105,11 @@ ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID aut **Required** -- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). +- [`name`](#spec.projectVPCRef.name-property){: name='spec.projectVPCRef.name-property'} (string, MinLength: 1). **Optional** -- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). +- [`namespace`](#spec.projectVPCRef.namespace-property){: name='spec.projectVPCRef.namespace-property'} (string, MinLength: 1). ## serviceIntegrations {: #spec.serviceIntegrations } @@ -119,8 +119,8 @@ Service integrations to specify when creating a service. Not applied after initi **Required** -- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). -- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). +- [`integrationType`](#spec.serviceIntegrations.integrationType-property){: name='spec.serviceIntegrations.integrationType-property'} (string, Enum: `read_replica`). +- [`sourceServiceName`](#spec.serviceIntegrations.sourceServiceName-property){: name='spec.serviceIntegrations.sourceServiceName-property'} (string, MinLength: 1, MaxLength: 64). ## userConfig {: #spec.userConfig } @@ -137,7 +137,7 @@ Redis specific user configuration options. - [`privatelink_access`](#spec.userConfig.privatelink_access-property){: name='spec.userConfig.privatelink_access-property'} (object). Allow access to selected service components through Privatelink. See below for [nested schema](#spec.userConfig.privatelink_access). - [`project_to_fork_from`](#spec.userConfig.project_to_fork_from-property){: name='spec.userConfig.project_to_fork_from-property'} (string, Immutable, MaxLength: 63). Name of another project to fork a service from. This has effect only when a new service is being created. - [`public_access`](#spec.userConfig.public_access-property){: name='spec.userConfig.public_access-property'} (object). Allow access to selected service ports from the public Internet. See below for [nested schema](#spec.userConfig.public_access). -- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery_basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-_:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. +- [`recovery_basebackup_name`](#spec.userConfig.recovery_basebackup_name-property){: name='spec.userConfig.recovery*basebackup_name-property'} (string, Pattern: `^[a-zA-Z0-9-*:.]+$`, MaxLength: 128). Name of the basebackup to restore in forked service. - [`redis_acl_channels_default`](#spec.userConfig.redis_acl_channels_default-property){: name='spec.userConfig.redis_acl_channels_default-property'} (string, Enum: `allchannels`, `resetchannels`). Determines default pub/sub channels' ACL for new users if ACL is not supplied. When this option is not defined, all_channels is assumed to keep backward compatibility. This option doesn't affect Redis configuration acl-pubsub-default. - [`redis_io_threads`](#spec.userConfig.redis_io_threads-property){: name='spec.userConfig.redis_io_threads-property'} (integer, Minimum: 1, Maximum: 32). Set Redis IO thread count. Changing this will cause a restart of the Redis service. - [`redis_lfu_decay_time`](#spec.userConfig.redis_lfu_decay_time-property){: name='spec.userConfig.redis_lfu_decay_time-property'} (integer, Minimum: 1, Maximum: 120). LFU maxmemory-policy counter decay time in minutes. @@ -219,4 +219,3 @@ Allow access to selected service ports from the public Internet. - [`prometheus`](#spec.userConfig.public_access.prometheus-property){: name='spec.userConfig.public_access.prometheus-property'} (boolean). Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network. - [`redis`](#spec.userConfig.public_access.redis-property){: name='spec.userConfig.public_access.redis-property'} (boolean). Allow clients to connect to redis from the public internet for service nodes that are in a project VPC or another type of private network. - diff --git a/docs/docs/api-reference/serviceintegration.md b/docs/docs/api-reference/serviceintegration.md index 64875bd6..307052fe 100644 --- a/docs/docs/api-reference/serviceintegration.md +++ b/docs/docs/api-reference/serviceintegration.md @@ -73,8 +73,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## clickhouseKafka {: #spec.clickhouseKafka } @@ -286,7 +286,7 @@ Kafka MirrorMaker configuration values. **Optional** -- [`cluster_alias`](#spec.kafkaMirrormaker.cluster_alias-property){: name='spec.kafkaMirrormaker.cluster_alias-property'} (string, Pattern: `^[a-zA-Z0-9_.-]+$`, MaxLength: 128). The alias under which the Kafka cluster is known to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, `.`, `_`, and `-`. +- [`cluster_alias`](#spec.kafkaMirrormaker.cluster_alias-property){: name='spec.kafkaMirrormaker.cluster*alias-property'} (string, Pattern: `^[a-zA-Z0-9*.-]+$`, MaxLength: 128). The alias under which the Kafka cluster is known to MirrorMaker. Can contain the following symbols: ASCII alphanumerics, `.`, `\_`, and `-`. - [`kafka_mirrormaker`](#spec.kafkaMirrormaker.kafka_mirrormaker-property){: name='spec.kafkaMirrormaker.kafka_mirrormaker-property'} (object). Kafka MirrorMaker configuration values. See below for [nested schema](#spec.kafkaMirrormaker.kafka_mirrormaker). ### kafka_mirrormaker {: #spec.kafkaMirrormaker.kafka_mirrormaker } @@ -362,4 +362,3 @@ Configuration options for Telegraf MySQL input plugin. - [`perf_events_statements_digest_text_limit`](#spec.metrics.source_mysql.telegraf.perf_events_statements_digest_text_limit-property){: name='spec.metrics.source_mysql.telegraf.perf_events_statements_digest_text_limit-property'} (integer, Minimum: 1, Maximum: 2048). Truncates digest text from perf_events_statements into this many characters. - [`perf_events_statements_limit`](#spec.metrics.source_mysql.telegraf.perf_events_statements_limit-property){: name='spec.metrics.source_mysql.telegraf.perf_events_statements_limit-property'} (integer, Minimum: 1, Maximum: 4000). Limits metrics from perf_events_statements. - [`perf_events_statements_time_limit`](#spec.metrics.source_mysql.telegraf.perf_events_statements_time_limit-property){: name='spec.metrics.source_mysql.telegraf.perf_events_statements_time_limit-property'} (integer, Minimum: 1, Maximum: 2592000). Only include perf_events_statements whose last seen is less than this many seconds. - diff --git a/docs/docs/api-reference/serviceuser.md b/docs/docs/api-reference/serviceuser.md index 1bb2e8aa..53d3409f 100644 --- a/docs/docs/api-reference/serviceuser.md +++ b/docs/docs/api-reference/serviceuser.md @@ -62,8 +62,8 @@ Authentication reference to Aiven token in a secret. **Required** -- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). -- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). +- [`key`](#spec.authSecretRef.key-property){: name='spec.authSecretRef.key-property'} (string, MinLength: 1). +- [`name`](#spec.authSecretRef.name-property){: name='spec.authSecretRef.name-property'} (string, MinLength: 1). ## connInfoSecretTarget {: #spec.connInfoSecretTarget } @@ -80,4 +80,3 @@ Information regarding secret creation. Exposed keys: `SERVICEUSER_HOST`, `SERVIC - [`annotations`](#spec.connInfoSecretTarget.annotations-property){: name='spec.connInfoSecretTarget.annotations-property'} (object, AdditionalProperties: string). Annotations added to the secret. - [`labels`](#spec.connInfoSecretTarget.labels-property){: name='spec.connInfoSecretTarget.labels-property'} (object, AdditionalProperties: string). Labels added to the secret. - [`prefix`](#spec.connInfoSecretTarget.prefix-property){: name='spec.connInfoSecretTarget.prefix-property'} (string). Prefix for the secret's keys. Added "as is" without any transformations. By default, is equal to the kind name in uppercase + underscore, e.g. `KAFKA_`, `REDIS_`, etc. - diff --git a/docs/docs/changelog.md b/docs/docs/changelog.md index 5e3532a8..52a0a656 100644 --- a/docs/docs/changelog.md +++ b/docs/docs/changelog.md @@ -1,12 +1,11 @@ # Changelog - ## v0.16.1 - 2023-12-15 -- Check VPC for running services before deletion. Prevents VPC from hanging in the DELETING state +- Check VPC for running services before deletion. Prevents VPC from hanging in the DELETING state - Expose `KAFKA_SCHEMA_REGISTRY_URI` and `KAFKA_REST_URI` to `Kafka` secret - Expose `CONNECTIONPOOL_NAME` in `ConnectionPool` secret -- Fix `CONNECTIONPOOL_PORT` exposes service port instead of pool port +- Fix `CONNECTIONPOOL_PORT` exposes service port instead of pool port - Fix `SERVICEUSER_PORT` when `sasl` is the only authentication method - Change `PostgreSQL` field `userConfig.pg_qualstats.enabled`: deprecated - Change `PostgreSQL` field `userConfig.pg_qualstats.min_err_estimate_num`: deprecated @@ -17,7 +16,7 @@ ## v0.16.0 - 2023-12-07 - Set conditions on errors: `Preconditions`, `CreateOrUpdate`, `Delete`. Thanks to @atarax -- Fix object updates lost when reconciler exits before the object is committed +- Fix object updates lost when reconciler exits before the object is committed - Add `Kafka` field `userConfig.kafka.transaction_partition_verification_enable`, type `boolean`: Enable verification that checks that the partition has been added to the transaction before writing transactional records to the partition @@ -49,7 +48,7 @@ - Upgrade to Go 1.21 - Add option to orphan resources. Thanks to @atarax -- Fix `ServiceIntegration`: do not send empty user config to the API +- Fix `ServiceIntegration`: do not send empty user config to the API - Add a format for `string` type fields to the documentation - Generate CRDs changelog - Add `Clickhouse` field `userConfig.private_access.clickhouse_mysql`, type `boolean`: Allow clients @@ -72,7 +71,7 @@ - Add `Kafka` field `userConfig.kafka.sasl_oauthbearer_sub_claim_name`, type `string`: Name of the scope from which to extract the subject claim from the JWT. Defaults to sub - Change `Kafka` field `userConfig.kafka_version`: enum ~~`[3.1, 3.3, 3.4, 3.5]`~~ → `[3.1, 3.3, 3.4, - 3.5, 3.6]` +3.5, 3.6]` - Change `Kafka` field `userConfig.tiered_storage.local_cache.size`: deprecated - Add `OpenSearch` field `userConfig.opensearch.indices_memory_max_index_buffer_size`, type `integer`: Absolute value. Default is unbound. Doesn't work without indices.memory.index_buffer_size @@ -106,7 +105,7 @@ - Add `Kafka` spec property `scheduled_rebalance_max_delay_ms` - Mark deprecated `Kafka` spec property `remote_log_storage_system_enable` - Add `KafkaConnect` spec property `scheduled_rebalance_max_delay_ms` -- Add `OpenSearch` spec property `openid` +- Add `OpenSearch` spec property `openid` - Use updated go client with enhanced retries ## v0.12.3 - 2023-07-13 @@ -135,7 +134,6 @@ - Add `OpenSearch.spec.userConfig.idp_pemtrustedcas_content` option. Specifies the PEM-encoded root certificate authority (CA) content for the SAML identity provider (IdP) server verification. - ## v0.11.0 - 2023-04-25 - Add `ServiceIntegration` kind `SourceProjectName` and `DestinationProjectName` fields @@ -161,9 +159,9 @@ - Add Kafka `log_cleaner_min_cleanable_ratio` minimum and maximum validation rules - Remove Kafka version `3.2`, reached EOL - Remove PostgreSQL version `10`, reached EOL -- Explicitly delete `ProjectVPC` by `ID` to avoid conflicts +- Explicitly delete `ProjectVPC` by `ID` to avoid conflicts - Speed up `ProjectVPC` deletion by exiting on `DELETING` status -- Fix missing RBAC permissions to update finalizers for various controllers +- Fix missing RBAC permissions to update finalizers for various controllers - Refactor `ClickhouseUser` controller - Mark `ClickhouseUser.spec.project` and `ClickhouseUser.spec.serviceName` as immutable - Remove deprecated service integration type `signalfx` @@ -202,7 +200,7 @@ as native [CRD validation rules](https://kubernetes.io/blog/2022/09/23/crd-valid - Add Cassandra Kind - Add Grafana Kind -- Recreate Kafka ACL if modified. +- Recreate Kafka ACL if modified. Note: Modification of ACL created prior to v0.5.1 won't delete existing instance at Aiven. It must be deleted manually. - Fix MySQL webhook @@ -212,7 +210,7 @@ as native [CRD validation rules](https://kubernetes.io/blog/2022/09/23/crd-valid - Remove `never` from choices of maintenance dow - Add `development` flag to configure logger's behavior - Add user config generator (see `make generate-user-configs`) -- Add `genericServiceHandler` to generalize service management +- Add `genericServiceHandler` to generalize service management - Add MySQL Kind ## v0.5.2 - 2022-12-09 @@ -242,23 +240,29 @@ as native [CRD validation rules](https://kubernetes.io/blog/2022/09/23/crd-valid ## v0.2.0 - 2021-11-17 features: -* add Redis CRD + +- add Redis CRD improvements: -* watch CRDs to reconcile token secrets + +- watch CRDs to reconcile token secrets fixes: -* fix RBACs of KafkaACL CRD + +- fix RBACs of KafkaACL CRD ## v0.1.1 - 2021-09-13 improvements: -* update helm installation docs + +- update helm installation docs fixes: -* fix typo in a kafka-connector kuttl test + +- fix typo in a kafka-connector kuttl test ## v0.1.0 - 2021-09-10 features: -* initial release + +- initial release diff --git a/docs/docs/contributing/developer-guide.md b/docs/docs/contributing/developer-guide.md index 2759589f..40286272 100644 --- a/docs/docs/contributing/developer-guide.md +++ b/docs/docs/contributing/developer-guide.md @@ -44,13 +44,13 @@ Please have installed first: - [kcat](https://github.com/edenhill/kcat) - base64, note: MACOS version doesn't support `-w0` flag, some tests may not work properly - [kind](https://kind.sigs.k8s.io/), and existing cluster, e.g. - ```shell - kind create cluster --image kindest/node:v1.24.0 --wait 5m - ``` + ```shell + kind create cluster --image kindest/node:v1.24.0 --wait 5m + ``` The following commands must be executed with these environment variables (keep them in secret!): -- `AIVEN_TOKEN` — your [authentication token](https://docs.aiven.io/docs/platform/howto/create_authentication_token) +- `AIVEN_TOKEN` — your [authentication token](https://docs.aiven.io/docs/platform/howto/create_authentication_token) - `AIVEN_PROJECT_NAME` — your Aiven project name to run services in Setup everything: @@ -60,8 +60,8 @@ make e2e-setup-kind ``` !!! note - Additionally, webhooks can be disabled, - if there are any problems with them. +Additionally, webhooks can be disabled, +if there are any problems with them. ```shell WEBHOOKS_ENABLED=false make e2e-setup-kind @@ -70,7 +70,7 @@ make e2e-setup-kind Run e2e tests (creates real services in `AIVEN_PROJECT_NAME`): ```shell -make test-e2e-preinstalled +make test-e2e-preinstalled ``` When you're done, just drop the cluster: @@ -82,7 +82,7 @@ kind delete cluster ## Documentation The documentation is written in markdown and generated by [mkdocs](https://www.mkdocs.org/) -and [mkdocs-material](https://squidfunk.github.io/mkdocs-material/). +and [mkdocs-material](https://squidfunk.github.io/mkdocs-material/). To run the documentation live preview: diff --git a/docs/docs/contributing/index.md b/docs/docs/contributing/index.md index d09c1a43..a793254d 100644 --- a/docs/docs/contributing/index.md +++ b/docs/docs/contributing/index.md @@ -38,19 +38,19 @@ religion, or sexual identity and orientation. Examples of behavior that contributes to creating a positive environment include: -* Using welcoming and inclusive language -* Being respectful of differing viewpoints and experiences -* Gracefully accepting constructive criticism -* Focusing on what is best for the community -* Showing empathy towards other community members +- Using welcoming and inclusive language +- Being respectful of differing viewpoints and experiences +- Gracefully accepting constructive criticism +- Focusing on what is best for the community +- Showing empathy towards other community members Examples of unacceptable behavior by participants include: -* The use of sexualized language or imagery and unwelcome sexual attention or advances -* Trolling, insulting/derogatory comments, and personal or political attacks -* Public or private harassment -* Publishing others' private information, such as a physical or electronic address, without explicit permission -* Other conduct which could reasonably be considered inappropriate in a professional setting +- The use of sexualized language or imagery and unwelcome sexual attention or advances +- Trolling, insulting/derogatory comments, and personal or political attacks +- Public or private harassment +- Publishing others' private information, such as a physical or electronic address, without explicit permission +- Other conduct which could reasonably be considered inappropriate in a professional setting ### Commit Messages diff --git a/docs/docs/contributing/resource-generation.md b/docs/docs/contributing/resource-generation.md index 0a599736..ce9ef107 100644 --- a/docs/docs/contributing/resource-generation.md +++ b/docs/docs/contributing/resource-generation.md @@ -13,8 +13,8 @@ from public [service types schema][service-types]. When a new schema is issued on the API, a cron job fetches it, parses, patches, and saves in a shared library — [go-api-schemas][go-api-schemas]. -When the library is updated, -the GitHub [dependabot](https://github.com/dependabot) creates PRs to the dependant repositories, +When the library is updated, +the GitHub [dependabot](https://github.com/dependabot) creates PRs to the dependant repositories, like Aiven Kubernetes Operator and Aiven Terraform Provider. Then the [`make generate`](#make-generate) command is called by GitHub action. @@ -23,7 +23,7 @@ And the PR is ready for review. ```mermaid flowchart TB API(Aiven API) <-.->|polls schema updates| Schema([go-api-schemas]) - Bot(dependabot) <-.->|polls updates| Schema + Bot(dependabot) <-.->|polls updates| Schema Bot-->|pull request|UpdateOP[/"✨ $ make generate ✨"/] UpdateOP-->|review| OP([operator repository]) ``` @@ -38,21 +38,21 @@ and charts generator. Here how it goes in the details: -1. User config generator creates Go structs (k8s api compatible objects) with docstrings, +1. User config generator creates Go structs (k8s api compatible objects) with docstrings, validation rules and constraints (immutable, maxLength, etc) 2. [controller-gen][controller-gen] generates k8s methods, - generates [CRDs][crd] for those objects, - creates charts for cluster roles and webhooks. + generates [CRDs][crd] for those objects, + creates charts for cluster roles and webhooks. 3. Docs generator creates [API reference][api-reference] out of CRDs: - 1. it looks for an example file for the given CRD kind in `.//example/`, - if it finds one, it validates that with the CRD. - Each CRD has an OpenAPI v3 schema as a part of it. - This is also used by Kubernetes itself to validate user input. - 2. generates full spec reference out of the schema - 3. creates a markdown file with spec and example (if exists) -4. Charts generator + 1. it looks for an example file for the given CRD kind in `.//example/`, + if it finds one, it validates that with the CRD. + Each CRD has an OpenAPI v3 schema as a part of it. + This is also used by Kubernetes itself to validate user input. + 2. generates full spec reference out of the schema + 3. creates a markdown file with spec and example (if exists) +4. Charts generator updates CRDs, webhooks and cluster roles charts, - adds all changes to the changelog + adds all changes to the changelog [go-api-schemas]: https://github.com/aiven/go-api-schemas [service-types]: https://api.aiven.io/doc/#tag/Service/operation/ListPublicServiceTypes diff --git a/docs/docs/index.md b/docs/docs/index.md index f8f83048..07593662 100644 --- a/docs/docs/index.md +++ b/docs/docs/index.md @@ -16,4 +16,4 @@ We offer multiple cloud options because we believe that everyone should have acc ## Contributing -The [contribution guide](./contributing) covers everything you need to know about how you can contribute to Aiven Operator for Kubernetes. The [developer guide]( ./contributing/developer-guide ) will help you onboard as a developer. +The [contribution guide](./contributing) covers everything you need to know about how you can contribute to Aiven Operator for Kubernetes. The [developer guide](./contributing/developer-guide) will help you onboard as a developer. diff --git a/docs/docs/installation/helm.md b/docs/docs/installation/helm.md index 46b2ca7f..43283669 100644 --- a/docs/docs/installation/helm.md +++ b/docs/docs/installation/helm.md @@ -4,9 +4,9 @@ linkTitle: "Installing with Helm (recommended)" weight: 10 --- -## Installing +## Installing -The Aiven Operator for Kubernetes can be installed via [Helm](https://helm.sh/). +The Aiven Operator for Kubernetes can be installed via [Helm](https://helm.sh/). Before you start, make sure you have the [prerequisites](prerequisites.md). @@ -23,9 +23,11 @@ helm install aiven-operator-crds aiven/aiven-operator-crds ``` Verify the installation: + ```shell kubectl api-resources --api-group=aiven.io ``` + The output is similar to the following: ```{ .shell .no-copy } @@ -42,9 +44,10 @@ helm install aiven-operator aiven/aiven-operator ``` !!! note - Installation will fail if webhooks are enabled and the CRDs for the cert-manager are not installed. +Installation will fail if webhooks are enabled and the CRDs for the cert-manager are not installed. + +Verify the installation: -Verify the installation: ```shell helm status aiven-operator ``` @@ -61,6 +64,7 @@ TEST SUITE: None ``` It is also possible to install the operator without webhooks enabled: + ```shell helm install aiven-operator aiven/aiven-operator --set webhooks.enabled=false ``` @@ -70,12 +74,13 @@ helm install aiven-operator aiven/aiven-operator --set webhooks.enabled=false Please refer to the [values.yaml](https://github.com/aiven/aiven-charts/blob/main/charts/aiven-operator/values.yaml) of the chart. #### Installing without full cluster administrator access -There can be some scenarios where the individual installing the Helm chart does not have the ability to provision cluster-wide resources (e.g. ClusterRoles/ClusterRoleBindings). In this scenario, you can have a cluster administrator manually install the [ClusterRole](../../../charts/aiven-operator/templates/cluster_role.yaml) and [ClusterRoleBinding](../../../charts/aiven-operator/templates/cluster_role_binding.yaml) the operator requires prior to installing the Helm chart specifying `false` for the `clusterRole.create` attribute. -## Uninstalling +There can be some scenarios where the individual installing the Helm chart does not have the ability to provision cluster-wide resources (e.g. ClusterRoles/ClusterRoleBindings). In this scenario, you can have a cluster administrator manually install the [ClusterRole](../../../charts/aiven-operator/templates/cluster_role.yaml) and [ClusterRoleBinding](../../../charts/aiven-operator/templates/cluster_role_binding.yaml) the operator requires prior to installing the Helm chart specifying `false` for the `clusterRole.create` attribute. + +## Uninstalling !!! important - Please see [this page](uninstalling.md) for more information. +Please see [this page](uninstalling.md) for more information. Find out the name of your deployment: @@ -83,11 +88,11 @@ Find out the name of your deployment: helm list ``` -The output has the name of each deployment similar to the following: +The output has the name of each deployment similar to the following: ```{ .shell .no-copy } NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION -aiven-operator default 1 2021-09-09 10:56:14.623700249 +0200 CEST deployed aiven-operator-v0.1.0 v0.1.0 +aiven-operator default 1 2021-09-09 10:56:14.623700249 +0200 CEST deployed aiven-operator-v0.1.0 v0.1.0 aiven-operator-crds default 1 2021-09-09 10:56:05.736411868 +0200 CEST deployed aiven-operator-crds-v0.1.0 v0.1.0 ``` @@ -114,4 +119,3 @@ The confirmation message is similar to the following: ```{ .shell .no-copy } release "aiven-operator" uninstalled ``` - diff --git a/docs/docs/installation/prerequisites.md b/docs/docs/installation/prerequisites.md index d050f699..39233806 100644 --- a/docs/docs/installation/prerequisites.md +++ b/docs/docs/installation/prerequisites.md @@ -18,10 +18,9 @@ The Aiven Operator for Kubernetes uses `cert-manager` to configure the [service Please follow the [installation instructions](https://cert-manager.io/docs/installation/helm/) on their website. -!!! note - This is not required in the Helm installation if you select to [disable webhooks](./helm.md), - but that is not recommended outside of playground use. - The Aiven Operator for Kubernetes uses webhooks for setting defaults - and enforcing invariants that are expected by the aiven API and will lead to errors if ignored. - In the future webhooks will also be used for conversion and supporting multiple CRD versions. - +!!! note +This is not required in the Helm installation if you select to [disable webhooks](./helm.md), +but that is not recommended outside of playground use. +The Aiven Operator for Kubernetes uses webhooks for setting defaults +and enforcing invariants that are expected by the aiven API and will lead to errors if ignored. +In the future webhooks will also be used for conversion and supporting multiple CRD versions. diff --git a/docs/docs/installation/uninstalling.md b/docs/docs/installation/uninstalling.md index de94e806..cc3242e1 100644 --- a/docs/docs/installation/uninstalling.md +++ b/docs/docs/installation/uninstalling.md @@ -10,8 +10,8 @@ weight: 90 Depending on your installation, please follow one of: -* [Helm]({{< relref "/docs/installation/helm" >}}#uninstalling) -* [kubectl]({{< relref "/docs/installation/kubectl" >}}#uninstalling) +- [Helm]({{< relref "/docs/installation/helm" >}}#uninstalling) +- [kubectl]({{< relref "/docs/installation/kubectl" >}}#uninstalling) ## Dealing with expired tokens diff --git a/docs/docs/resources/cassandra.md b/docs/docs/resources/cassandra.md index 64db687e..77c409d7 100644 --- a/docs/docs/resources/cassandra.md +++ b/docs/docs/resources/cassandra.md @@ -6,12 +6,12 @@ weight: 55 Aiven for Apache Cassandra® is a distributed database designed to handle large volumes of writes. -!!! note - Before going through this guide, make sure you have a [Kubernetes cluster](../../installation/prerequisites/) with the [operator installed](../../installation/) and a [Kubernetes Secret with an Aiven authentication token](../../authentication/). +!!! note +Before going through this guide, make sure you have a [Kubernetes cluster](../../installation/prerequisites/) with the [operator installed](../../installation/) and a [Kubernetes Secret with an Aiven authentication token](../../authentication/). ## Creating a Cassandra instance -1\. Create a file named `cassandra-sample.yaml`, and add the following content: +1\. Create a file named `cassandra-sample.yaml`, and add the following content: ```yaml apiVersion: aiven.io/v1alpha1 @@ -44,7 +44,7 @@ spec: 2\. Create the service by applying the configuration: ```shell -kubectl apply -f cassandra-sample.yaml +kubectl apply -f cassandra-sample.yaml ``` The output is: @@ -89,7 +89,7 @@ name specified on the `connInfoSecretTarget` field. To view the details of the Secret, use the following command: ```shell -kubectl describe secret cassandra-secret +kubectl describe secret cassandra-secret ``` The output is similar to the following: @@ -129,7 +129,6 @@ The output is similar to the following: "CASSANDRA_URI": "", "CASSANDRA_USER": "avnadmin" } - ``` ## Creating a Cassandra user @@ -161,7 +160,7 @@ spec: kubectl apply -f cassandra-service-user.yaml ``` -The `ServiceUser` resource generates a Secret with connection information. +The `ServiceUser` resource generates a Secret with connection information. 3\. View the details of the Secret using the following command: diff --git a/docs/docs/resources/kafka/connect.md b/docs/docs/resources/kafka/connect.md index 0802372f..3a941d20 100644 --- a/docs/docs/resources/kafka/connect.md +++ b/docs/docs/resources/kafka/connect.md @@ -7,6 +7,7 @@ weight: 50 [Aiven for Apache Kafka Connect](https://aiven.io/kafka-connect) is a framework and a runtime for integrating Kafka with other systems. Kafka connectors can either be a source (for pulling data from other systems into Kafka) or sink (for pushing data into other systems from Kafka). This section involves a few different Kubernetes CRDs: + 1. A `KafkaService` service with a `KafkaTopic` 2. A `KafkaConnect` service 3. A `ServiceIntegration` to integrate the `Kafka` and `KafkaConnect` services @@ -14,6 +15,7 @@ This section involves a few different Kubernetes CRDs: 5. A `KafkaConnector` to finally connect the `Kafka` with the `PostgreSQL` ## Creating the resources + Create a file named `kafka-sample-connect.yaml` with the following content: ```yaml @@ -26,7 +28,7 @@ spec: authSecretRef: name: aiven-token key: token - + # outputs the Kafka connection on the `kafka-connection` Secret connInfoSecretTarget: name: kafka-auth @@ -45,11 +47,10 @@ spec: # specific Kafka configuration userConfig: - kafka_version: '2.7' + kafka_version: "2.7" kafka_connect: true --- - apiVersion: aiven.io/v1alpha1 kind: KafkaTopic metadata: @@ -100,7 +101,6 @@ kind: ServiceIntegration metadata: name: service-integration-kafka-connect spec: - # gets the authentication token from the `aiven-token` Secret authSecretRef: name: aiven-token @@ -124,7 +124,6 @@ kind: PostgreSQL metadata: name: pg-connect spec: - # gets the authentication token from the `aiven-token` Secret authSecretRef: name: aiven-token @@ -221,9 +220,11 @@ postgresql.aiven.io/pg-connect your-project google-europe-west1 startup-4 NAME SERVICE NAME PROJECT CONNECTOR CLASS STATE TASKS TOTAL TASKS RUNNING kafkaconnector.aiven.io/kafka-connector kafka-sample-connect your-project io.aiven.connect.jdbc.JdbcSinkConnector RUNNING 1 1 ``` + The deployment is finished when all services have the state `RUNNING`. ## Testing + To test the connection integration, let's produce a Kafka message using [kcat](https://github.com/edenhill/kcat) from within the Kubernetes cluster. We will deploy a Pod responsible for crafting a message and sending to the Kafka cluster, using the `kafka-auth` secret generate by the `Kafka` CRD. Create a new file named `kcat-connect.yaml` and add the content below: @@ -303,11 +304,17 @@ spec: - image: postgres:13 name: postgres # "kafka-topic-connect" is the table automatically created by KafkaConnect - command: ['psql', '$(DATABASE_URI)', '-c', 'SELECT * from "kafka-topic-connect";'] - + command: + [ + "psql", + "$(DATABASE_URI)", + "-c", + 'SELECT * from "kafka-topic-connect";', + ] + envFrom: - - secretRef: - name: pg-connection + - secretRef: + name: pg-connection ``` Apply the file with: @@ -316,22 +323,23 @@ Apply the file with: kubectl apply -f psql-connect.yaml ``` -After a couple of seconds, inspect its log with this command: +After a couple of seconds, inspect its log with this command: ```shell -kubectl logs psql-connect +kubectl logs psql-connect ``` -The output is similar to the following: +The output is similar to the following: ```{ .shell .no-copy } - text + text ------------- Hello World (1 row) ``` ## Clean up + To clean up all the created resources, use the following command: ```shell @@ -343,4 +351,4 @@ kubectl delete \ -f kafka-connector-connect.yaml \ -f kcat-connect.yaml \ -f psql-connect.yaml -``` \ No newline at end of file +``` diff --git a/docs/docs/resources/kafka/index.md b/docs/docs/resources/kafka/index.md index 25477630..43f29710 100644 --- a/docs/docs/resources/kafka/index.md +++ b/docs/docs/resources/kafka/index.md @@ -8,8 +8,8 @@ Aiven for Apache Kafka is an excellent option if you need to run Apache Kafka at you can get up and running with a suitably sized Apache Kafka service in a few minutes. !!! note - Before going through this guide, make sure you have a [Kubernetes cluster](../../installation/prerequisites/) with the [operator installed](../../installation/) - and a [Kubernetes Secret with an Aiven authentication token](../../authentication/). +Before going through this guide, make sure you have a [Kubernetes cluster](../../installation/prerequisites/) with the [operator installed](../../installation/) +and a [Kubernetes Secret with an Aiven authentication token](../../authentication/). ## Creating a Kafka instance @@ -44,16 +44,16 @@ spec: # specific Kafka configuration userConfig: - kafka_version: '2.7' + kafka_version: "2.7" ``` 2\. Create the following resource on Kubernetes: ```shell -kubectl apply -f kafka-sample.yaml +kubectl apply -f kafka-sample.yaml ``` -3\. Inspect the service created using the command below. +3\. Inspect the service created using the command below. ```shell kubectl get kafka.aiven.io kafka-sample @@ -67,7 +67,7 @@ NAME PROJECT REGION PLAN STATE kafka-sample google-europe-west1 startup-2 RUNNING ``` - After a couple of minutes, the `STATE` field is changed to `RUNNING`, and is ready to be used. +After a couple of minutes, the `STATE` field is changed to `RUNNING`, and is ready to be used. ## Using the connection Secret @@ -75,7 +75,7 @@ For your convenience, the operator automatically stores the Kafka connection inf name specified on the `connInfoSecretTarget` field. ```shell -kubectl describe secret kafka-auth +kubectl describe secret kafka-auth ``` The output is similar to the following: @@ -137,15 +137,23 @@ spec: # the command below will connect to the Kafka cluster # and output its metadata - command: [ - 'kcat', '-b', '$(HOST):$(PORT)', - '-X', 'security.protocol=SSL', - '-X', 'ssl.key.location=/kafka-auth/ACCESS_KEY', - '-X', 'ssl.key.password=$(PASSWORD)', - '-X', 'ssl.certificate.location=/kafka-auth/ACCESS_CERT', - '-X', 'ssl.ca.location=/kafka-auth/CA_CERT', - '-L' - ] + command: + [ + "kcat", + "-b", + "$(HOST):$(PORT)", + "-X", + "security.protocol=SSL", + "-X", + "ssl.key.location=/kafka-auth/ACCESS_KEY", + "-X", + "ssl.key.password=$(PASSWORD)", + "-X", + "ssl.certificate.location=/kafka-auth/ACCESS_CERT", + "-X", + "ssl.ca.location=/kafka-auth/CA_CERT", + "-L", + ] # loading the data from the Secret as environment variables # useful to access the Kafka information, like hostname and port @@ -158,7 +166,7 @@ spec: mountPath: "/kafka-auth" # loading the data from the Secret as files in a volume - # useful to access the Kafka certificates + # useful to access the Kafka certificates volumes: - name: kafka-auth secret: @@ -174,7 +182,7 @@ kubectl apply -f kafka-test-connection.yaml Once successfully applied, you have a log with the metadata information about the Kafka cluster. ```shell -kubectl logs kafka-test-connection +kubectl logs kafka-test-connection ``` The output is similar to the following: @@ -189,6 +197,7 @@ Metadata for all topics (from broker -1: ssl://kafka-sample-your-project.aivencl ``` ## Creating a `KafkaTopic` and `KafkaACL` + To properly produce and consume content on Kafka, you need topics and ACLs. The operator supports both with the `KafkaTopic` and `KafkaACL` resources. @@ -226,7 +235,7 @@ kubectl apply -f kafka-topic-random-strings.yaml ``` 3\. Create a user and an ACL. To use the Kafka topic, create a new user with the `ServiceUser` resource (in order to - avoid using the `avnadmin` superuser), and the `KafkaACL` to allow the user access to the topic. +avoid using the `avnadmin` superuser), and the `KafkaACL` to allow the user access to the topic. In a file named `kafka-acl-user-crab.yaml`, add the following two resources: @@ -254,7 +263,6 @@ spec: serviceName: kafka-sample --- - apiVersion: aiven.io/v1alpha1 kind: KafkaACL metadata: @@ -304,15 +312,26 @@ spec: name: kcat # the command below will produce a message with the /etc/issue file content - command: [ - 'kcat', '-b', '$(HOST):$(PORT)', - '-X', 'security.protocol=SSL', - '-X', 'ssl.key.location=/crab-auth/ACCESS_KEY', - '-X', 'ssl.key.password=$(PASSWORD)', - '-X', 'ssl.certificate.location=/crab-auth/ACCESS_CERT', - '-X', 'ssl.ca.location=/crab-auth/CA_CERT', - '-P', '-t', 'random-strings', '/etc/issue', - ] + command: + [ + "kcat", + "-b", + "$(HOST):$(PORT)", + "-X", + "security.protocol=SSL", + "-X", + "ssl.key.location=/crab-auth/ACCESS_KEY", + "-X", + "ssl.key.password=$(PASSWORD)", + "-X", + "ssl.certificate.location=/crab-auth/ACCESS_CERT", + "-X", + "ssl.ca.location=/crab-auth/CA_CERT", + "-P", + "-t", + "random-strings", + "/etc/issue", + ] # loading the crab user data from the Secret as environment variables # useful to access the Kafka information, like hostname and port @@ -325,7 +344,7 @@ spec: mountPath: "/crab-auth" # loading the crab user information from the Secret as files in a volume - # useful to access the Kafka certificates + # useful to access the Kafka certificates volumes: - name: crab-auth secret: @@ -344,7 +363,7 @@ To _consume_ a message, you can use a graphical interface called [Kowl](https:// to explore information about our Kafka cluster, such as brokers, topics, or consumer groups. 1\. Create a Kubernetes Pod and service to deploy and access Kowl. Create a file named `kafka-crab-consume.yaml` with the - content below: +content below: ```yaml apiVersion: v1 @@ -361,7 +380,7 @@ spec: # kowl configuration values env: - name: KAFKA_TLS_ENABLED - value: 'true' + value: "true" - name: KAFKA_BROKERS value: $(HOST):$(PORT) @@ -385,14 +404,13 @@ spec: mountPath: /crab-auth # loading the crab user information from the Secret as files in a volume - # useful to access the Kafka certificates + # useful to access the Kafka certificates volumes: - name: crab-auth secret: secretName: kafka-crab-connection --- - # we will be using a simple service to access Kowl on port 8080 apiVersion: v1 kind: Service @@ -419,10 +437,10 @@ kubectl port-forward kafka-crab-consume 8080:8080 ``` 4\. In the browser of your choice, access the [http://localhost:8080]() address. You now see a page with - the `random-strings` topic listed: - ![Kowl graphical interface on the topic listing page](./kowl-topics.png) +the `random-strings` topic listed: +![Kowl graphical interface on the topic listing page](./kowl-topics.png) 5\. Click the topic name to see the message. - ![Kowl graphical interface on the random-strings topic page](./kowl-random-strings.png) +![Kowl graphical interface on the random-strings topic page](./kowl-random-strings.png) You have now consumed the message. diff --git a/docs/docs/resources/kafka/schema.md b/docs/docs/resources/kafka/schema.md index f572a804..df3a19aa 100644 --- a/docs/docs/resources/kafka/schema.md +++ b/docs/docs/resources/kafka/schema.md @@ -5,6 +5,7 @@ weight: 40 --- ## Creating a `KafkaSchema` + Aiven develops and maintain [Karapace](https://github.com/aiven/karapace), an open source implementation of Kafka REST and schema registry. Is available out of the box for our managed Kafka service. @@ -34,7 +35,7 @@ spec: maintenanceWindowTime: 23:00:00 userConfig: - kafka_version: '2.7' + kafka_version: "2.7" # this flag enables the Schema registry schema_registry: true @@ -43,7 +44,7 @@ spec: 2\. Apply the changes with the following command: ```shell -kubectl apply -f kafka-schema.yaml +kubectl apply -f kafka-schema.yaml ``` Now, let's create the schema itself. @@ -79,7 +80,7 @@ spec: ] } - # sets the schema compatibility level + # sets the schema compatibility level compatibilityLevel: BACKWARD ``` @@ -102,4 +103,4 @@ NAME SERVICE NAME PROJECT SUBJECT COMPATIBILITY LEVEL kafka-schema kafka-sample MySchema BACKWARD 1 ``` -Now you can follow the instructions to [use a schema registry in Java](https://docs.aiven.io/docs/products/kafka/howto/schema-registry) on how to use the schema created. \ No newline at end of file +Now you can follow the instructions to [use a schema registry in Java](https://docs.aiven.io/docs/products/kafka/howto/schema-registry) on how to use the schema created. diff --git a/docs/docs/resources/mysql.md b/docs/docs/resources/mysql.md index 81637b44..a78f1593 100644 --- a/docs/docs/resources/mysql.md +++ b/docs/docs/resources/mysql.md @@ -4,13 +4,13 @@ linkTitle: "MySQL" weight: 46 --- -Aiven for MySQL is a fully managed relational database service, deployable in the cloud of your choice. +Aiven for MySQL is a fully managed relational database service, deployable in the cloud of your choice. > Before going through this guide, make sure you have a [Kubernetes cluster](../../installation/prerequisites/) with the [operator installed](../../installation/) and a [Kubernetes Secret with an Aiven authentication token](../../authentication/). ## Creating a MySQL instance -1\. Create a file named `mysql-sample.yaml`, and add the following content: +1\. Create a file named `mysql-sample.yaml`, and add the following content: ```yaml apiVersion: aiven.io/v1alpha1 @@ -43,7 +43,7 @@ spec: 2\. Create the service by applying the configuration: ```shell -kubectl apply -f mysql-sample.yaml +kubectl apply -f mysql-sample.yaml ``` 3\. Review the resource you created with this command: @@ -74,7 +74,6 @@ Status: The resource will be in the `REBUILDING` state for a few minutes. Once the state changes to `RUNNING`, you can access the resource. - ## Using the connection Secret For your convenience, the operator automatically stores the MySQL connection information in a Secret created with the @@ -83,7 +82,7 @@ name specified on the `connInfoSecretTarget` field. To view the details of the Secret, use the following command: ```shell -kubectl describe secret mysql-secret +kubectl describe secret mysql-secret ``` The output is similar to the following: @@ -156,7 +155,7 @@ spec: kubectl apply -f mysql-service-user.yaml ``` -The `ServiceUser` resource generates a Secret with connection information. +The `ServiceUser` resource generates a Secret with connection information. 3\. View the details of the Secret using [jq](https://github.com/stedolan/jq): @@ -178,4 +177,4 @@ The output is similar to the following: } ``` -You can connect to the MySQL instance using these credentials and the host information from the `mysql-secret` Secret. \ No newline at end of file +You can connect to the MySQL instance using these credentials and the host information from the `mysql-secret` Secret. diff --git a/docs/docs/resources/opensearch.md b/docs/docs/resources/opensearch.md index f65c27c2..7d325cb0 100644 --- a/docs/docs/resources/opensearch.md +++ b/docs/docs/resources/opensearch.md @@ -7,12 +7,12 @@ weight: 45 OpenSearch® is an open source search and analytics suite including search engine, NoSQL document database, and visualization interface. OpenSearch offers a distributed, full-text search engine based on Apache Lucene® with a RESTful API interface and support for JSON documents. !!! note - Before going through this guide, make sure you have a [Kubernetes cluster](../../installation/prerequisites/) with the [operator installed](../../installation/) - and a [Kubernetes Secret with an Aiven authentication token](../../authentication/). +Before going through this guide, make sure you have a [Kubernetes cluster](../../installation/prerequisites/) with the [operator installed](../../installation/) +and a [Kubernetes Secret with an Aiven authentication token](../../authentication/). ## Creating an OpenSearch instance -1\. Create a file named `os-sample.yaml`, and add the following content: +1\. Create a file named `os-sample.yaml`, and add the following content: ```yaml apiVersion: aiven.io/v1alpha1 @@ -45,7 +45,7 @@ spec: 2\. Create the service by applying the configuration: ```shell -kubectl apply -f os-sample.yaml +kubectl apply -f os-sample.yaml ``` 3\. Review the resource you created with this command: @@ -76,7 +76,6 @@ Status: The resource will be in the `REBUILDING` state for a few minutes. Once the state changes to `RUNNING`, you can access the resource. - ## Using the connection Secret For your convenience, the operator automatically stores the OpenSearch connection information in a Secret created with the @@ -85,7 +84,7 @@ name specified on the `connInfoSecretTarget` field. To view the details of the Secret, use the following command: ```shell -kubectl describe secret os-secret +kubectl describe secret os-secret ``` The output is similar to the following: diff --git a/docs/docs/resources/postgresql.md b/docs/docs/resources/postgresql.md index b6221ba0..b60085aa 100644 --- a/docs/docs/resources/postgresql.md +++ b/docs/docs/resources/postgresql.md @@ -12,8 +12,8 @@ extender for location queries. Aiven for PostgreSQL is the perfect fit for your With Aiven Kubernetes Operator, you can manage Aiven for PostgreSQL through the well defined Kubernetes API. !!! note - Before going through this guide, make sure you have a [Kubernetes cluster](../../installation/prerequisites/) with the [operator installed](../../installation/), - and a [Kubernetes Secret with an Aiven authentication token](../../authentication/). +Before going through this guide, make sure you have a [Kubernetes cluster](../../installation/prerequisites/) with the [operator installed](../../installation/), +and a [Kubernetes Secret with an Aiven authentication token](../../authentication/). ## Creating a PostgreSQL instance @@ -25,7 +25,6 @@ kind: PostgreSQL metadata: name: pg-sample spec: - # gets the authentication token from the `aiven-token` Secret authSecretRef: name: aiven-token @@ -49,7 +48,7 @@ spec: # specific PostgreSQL configuration userConfig: - pg_version: '11' + pg_version: "11" ``` 2\. Create the service by applying the configuration: @@ -139,9 +138,9 @@ spec: containers: - image: postgres:11-alpine name: postgres - command: [ 'psql', '$(DATABASE_URI)', '-c', 'SELECT version();' ] + command: ["psql", "$(DATABASE_URI)", "-c", "SELECT version();"] - # the pg-connection Secret becomes environment variables + # the pg-connection Secret becomes environment variables envFrom: - secretRef: name: pg-connection @@ -156,8 +155,9 @@ kubectl logs psql-test-connection ``` The output is similar to the following: + ```{ .shell .no-copy } - version + version --------------------------------------------------------------------------------------------- PostgreSQL 11.12 on x86_64-pc-linux-gnu, compiled by gcc, a 68c5366192 p 6b9244f01a, 64-bit (1 row) @@ -193,7 +193,7 @@ You can now connect to the `pg-database-sample` using the credentials stored in ## Creating a PostgreSQL user -Aiven uses the concept of *service user* that allows you to create users for different services. You can create one for +Aiven uses the concept of _service user_ that allows you to create users for different services. You can create one for the PostgreSQL instance. 1\. Create a file named `pg-service-user.yaml`. @@ -229,6 +229,7 @@ kubectl get secret pg-service-user-connection -o json | jq '.data | map_values(@ ``` The output has the password and username: + ```{ .json .no-copy } { "PASSWORD": "", @@ -276,9 +277,10 @@ The `ConnectionPool` generates a Secret with the connection info using the name field: ```shell -kubectl get secret pg-connection-pool-connection -o json | jq '.data | map_values(@base64d)' +kubectl get secret pg-connection-pool-connection -o json | jq '.data | map_values(@base64d)' ``` -The output is similar to the following: + +The output is similar to the following: ```{ .json .no-copy } { @@ -294,7 +296,7 @@ The output is similar to the following: ## Creating a PostgreSQL read-only replica -Read-only replicas can be used to reduce the load on the primary service by making read-only queries against the replica service. +Read-only replicas can be used to reduce the load on the primary service by making read-only queries against the replica service. To create a read-only replica for a PostgreSQL service, you create a second PostgreSQL service and use [serviceIntegrations](https://aiven.github.io/aiven-operator/api-reference/postgresql.html#spec.serviceIntegrations) to replicate data from your primary service. @@ -325,10 +327,9 @@ spec: maintenanceWindowDow: friday maintenanceWindowTime: 23:00:00 userConfig: - pg_version: '15' + pg_version: "15" --- - apiVersion: aiven.io/v1alpha1 kind: PostgreSQL metadata: @@ -351,16 +352,16 @@ spec: maintenanceWindowDow: saturday maintenanceWindowTime: 23:00:00 userConfig: - pg_version: '15' + pg_version: "15" # use the read_replica integration and point it to your primary service serviceIntegrations: - - integrationType: read_replica - sourceServiceName: primary-pg-service + - integrationType: read_replica + sourceServiceName: primary-pg-service ``` !!! note - You can create the replica service in a different region or on a different cloud provider. +You can create the replica service in a different region or on a different cloud provider. 2\. Apply the configuration with the following command: @@ -392,4 +393,4 @@ The resource can be in the `BUILDING` state for a few minutes. After the state o ```shell kubectl get postgresqls.aiven.io read-replica-pg -``` \ No newline at end of file +``` diff --git a/docs/docs/resources/project-vpc.md b/docs/docs/resources/project-vpc.md index 43c46084..d6a1a0b1 100644 --- a/docs/docs/resources/project-vpc.md +++ b/docs/docs/resources/project-vpc.md @@ -11,8 +11,8 @@ directly without going through the public internet. Within the Aiven Kubernetes Operator, you can create a `ProjectVPC` on Aiven's side to connect to your cloud provider. !!! note - Before going through this guide, make sure you have a [Kubernetes cluster](../../installation/prerequisites/) with the [operator installed](../../installation/), - and a [Kubernetes Secret with an Aiven authentication token](../../authentication/). +Before going through this guide, make sure you have a [Kubernetes cluster](../../installation/prerequisites/) with the [operator installed](../../installation/), +and a [Kubernetes Secret with an Aiven authentication token](../../authentication/). ## Creating an Aiven VPC diff --git a/docs/docs/resources/project.md b/docs/docs/resources/project.md index e67ee1f1..537099be 100644 --- a/docs/docs/resources/project.md +++ b/docs/docs/resources/project.md @@ -5,14 +5,15 @@ weight: 5 --- !!! note - Before going through this guide, make sure you have a [Kubernetes cluster](../../installation/prerequisites/) with the [operator installed](../../installation/) - and a [Kubernetes Secret with an Aiven authentication token](../../authentication/). +Before going through this guide, make sure you have a [Kubernetes cluster](../../installation/prerequisites/) with the [operator installed](../../installation/) +and a [Kubernetes Secret with an Aiven authentication token](../../authentication/). The `Project` CRD allows you to create Aiven Projects, where your resources can be located. To create a fully working Aiven Project with the Aiven Operator you need a source Aiven Project already created with a working billing configuration, like a credit card. Create a file named `project-sample.yaml` with the following content: + ```yaml apiVersion: aiven.io/v1alpha1 kind: Project @@ -31,6 +32,7 @@ spec: ``` Apply the resource with: + ```shell kubectl apply -f project-sample.yaml ``` @@ -46,4 +48,4 @@ The output is similar to the following: ```{ .shell .no-copy } NAME AGE project-sample 22s -``` \ No newline at end of file +``` diff --git a/docs/docs/resources/redis.md b/docs/docs/resources/redis.md index 61c08f46..03867b1e 100644 --- a/docs/docs/resources/redis.md +++ b/docs/docs/resources/redis.md @@ -4,15 +4,15 @@ linkTitle: "Redis" weight: 50 --- -Aiven for Redis®* is a fully managed in-memory NoSQL database that you can deploy in the cloud of your choice to store and access data quickly and efficiently. +Aiven for Redis®\* is a fully managed in-memory NoSQL database that you can deploy in the cloud of your choice to store and access data quickly and efficiently. !!! note - Before going through this guide, make sure you have a [Kubernetes cluster](../../installation/prerequisites/) with the [operator installed](../../installation/) - and a [Kubernetes Secret with an Aiven authentication token](../../authentication/). +Before going through this guide, make sure you have a [Kubernetes cluster](../../installation/prerequisites/) with the [operator installed](../../installation/) +and a [Kubernetes Secret with an Aiven authentication token](../../authentication/). ## Creating a Redis instance -1\. Create a file named `redis-sample.yaml`, and add the following content: +1\. Create a file named `redis-sample.yaml`, and add the following content: ```yaml apiVersion: aiven.io/v1alpha1 @@ -49,7 +49,7 @@ spec: 2\. Create the service by applying the configuration: ```shell -kubectl apply -f redis-sample.yaml +kubectl apply -f redis-sample.yaml ``` 3\. Review the resource you created with this command: @@ -80,7 +80,6 @@ Status: The resource will be in the `REBUILDING` state for a few minutes. Once the state changes to `RUNNING`, you can access the resource. - ## Using the connection Secret For your convenience, the operator automatically stores the Redis connection information in a Secret created with the @@ -89,7 +88,7 @@ name specified on the `connInfoSecretTarget` field. To view the details of the Secret, use the following command: ```shell -kubectl describe secret redis-secret +kubectl describe secret redis-secret ``` The output is similar to the following: diff --git a/docs/docs/resources/service-integrations.md b/docs/docs/resources/service-integrations.md index f239ab3c..44357f17 100644 --- a/docs/docs/resources/service-integrations.md +++ b/docs/docs/resources/service-integrations.md @@ -11,8 +11,8 @@ our [Getting Started with Service Integrations guide](https://help.aiven.io/en/a for more information. !!! note - Before going through this guide, make sure you have a [Kubernetes cluster](../../installation/prerequisites/) with the [operator installed](../../installation/), - and a [Kubernetes Secret with an Aiven authentication token](../../authentication/). +Before going through this guide, make sure you have a [Kubernetes cluster](../../installation/prerequisites/) with the [operator installed](../../installation/), +and a [Kubernetes Secret with an Aiven authentication token](../../authentication/). ## Send Kafka logs to a Kafka Topic @@ -51,10 +51,9 @@ spec: # specific Kafka configuration userConfig: - kafka_version: '2.7' + kafka_version: "2.7" --- - apiVersion: aiven.io/v1alpha1 kind: KafkaTopic metadata: @@ -80,11 +79,11 @@ spec: 2\. Create the resource on Kubernetes: ```shell -kubectl apply -f kafka-sample-topic.yaml +kubectl apply -f kafka-sample-topic.yaml ``` 3\. Now, create a `ServiceIntegration` resource to send the Kafka logs to the created topic. In the same file, add the - following YAML: +following YAML: ```yaml apiVersion: aiven.io/v1alpha1 @@ -92,7 +91,6 @@ kind: ServiceIntegration metadata: name: service-integration-kafka-logs spec: - # gets the authentication token from the `aiven-token` Secret authSecretRef: name: aiven-token @@ -116,7 +114,7 @@ spec: 4\. Reapply the resource on Kubernetes: ```shell -kubectl apply -f kafka-sample-topic.yaml +kubectl apply -f kafka-sample-topic.yaml ``` 5\. Let's check the created service integration: @@ -129,7 +127,7 @@ The output is similar to the following: ```{ .shell .no-copy } NAME PROJECT TYPE SOURCE SERVICE NAME DESTINATION SERVICE NAME SOURCE ENDPOINT ID DESTINATION ENDPOINT ID -service-integration-kafka-logs your-project kafka_logs kafka-sample kafka-sample +service-integration-kafka-logs your-project kafka_logs kafka-sample kafka-sample ``` Your Kafka service logs are now being streamed to the `logs` Kafka topic. diff --git a/generators/userconfigs/generator_test_source.yml b/generators/userconfigs/generator_test_source.yml index a57ba5cc..eb21fff2 100644 --- a/generators/userconfigs/generator_test_source.yml +++ b/generators/userconfigs/generator_test_source.yml @@ -263,9 +263,9 @@ properties: description: Choose from one of the available log-formats. These can support popular log analyzers like pgbadger, pganalyze etc. type: string enum: - - value: '''pid=%p,user=%u,db=%d,app=%a,client=%h ''' - - value: '''%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h ''' - - value: '''%m [%p] %q[user=%u,db=%d,app=%a] ''' + - value: "'pid=%p,user=%u,db=%d,app=%a,client=%h '" + - value: "'%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h '" + - value: "'%m [%p] %q[user=%u,db=%d,app=%a] '" log_min_duration_statement: title: log_min_duration_statement description: Log statements that take more than this number of milliseconds to run, -1 disables @@ -384,7 +384,7 @@ properties: example: false pg_stat_monitor.pgsm_max_buckets: title: pg_stat_monitor.pgsm_max_buckets - description: 'Sets the maximum number of buckets ' + description: "Sets the maximum number of buckets " type: integer minimum: 1 maximum: 10 diff --git a/test/e2e/cassandra/cassandra-simple-cluster/00-secret.yaml b/test/e2e/cassandra/cassandra-simple-cluster/00-secret.yaml index a87b3cdf..11d5feae 100644 --- a/test/e2e/cassandra/cassandra-simple-cluster/00-secret.yaml +++ b/test/e2e/cassandra/cassandra-simple-cluster/00-secret.yaml @@ -1,4 +1,4 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN + - script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN diff --git a/test/e2e/cassandra/cassandra-simple-cluster/02-check.yaml b/test/e2e/cassandra/cassandra-simple-cluster/02-check.yaml index f5132d4c..5c1311d2 100644 --- a/test/e2e/cassandra/cassandra-simple-cluster/02-check.yaml +++ b/test/e2e/cassandra/cassandra-simple-cluster/02-check.yaml @@ -1,8 +1,8 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: | - while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-cassandra-simple --project aiven-ci-kubernetes-operator; - do - sleep 10 - done + - script: | + while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-cassandra-simple --project aiven-ci-kubernetes-operator; + do + sleep 10 + done diff --git a/test/e2e/clickhouse/clickhouse-simple-cluster/00-secret.yaml b/test/e2e/clickhouse/clickhouse-simple-cluster/00-secret.yaml index a87b3cdf..11d5feae 100644 --- a/test/e2e/clickhouse/clickhouse-simple-cluster/00-secret.yaml +++ b/test/e2e/clickhouse/clickhouse-simple-cluster/00-secret.yaml @@ -1,4 +1,4 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN + - script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN diff --git a/test/e2e/clickhouse/clickhouse-simple-cluster/02-check.yaml b/test/e2e/clickhouse/clickhouse-simple-cluster/02-check.yaml index 16f9f2c9..d389fafa 100644 --- a/test/e2e/clickhouse/clickhouse-simple-cluster/02-check.yaml +++ b/test/e2e/clickhouse/clickhouse-simple-cluster/02-check.yaml @@ -1,8 +1,8 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: | - while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-test-ch-sample --project aiven-ci-kubernetes-operator; - do - sleep 10 - done \ No newline at end of file + - script: | + while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-test-ch-sample --project aiven-ci-kubernetes-operator; + do + sleep 10 + done diff --git a/test/e2e/grafana/grafana-simple-cluster/00-secret.yaml b/test/e2e/grafana/grafana-simple-cluster/00-secret.yaml index a87b3cdf..11d5feae 100644 --- a/test/e2e/grafana/grafana-simple-cluster/00-secret.yaml +++ b/test/e2e/grafana/grafana-simple-cluster/00-secret.yaml @@ -1,4 +1,4 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN + - script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN diff --git a/test/e2e/grafana/grafana-simple-cluster/02-check.yaml b/test/e2e/grafana/grafana-simple-cluster/02-check.yaml index 71cdd6a5..d283b720 100644 --- a/test/e2e/grafana/grafana-simple-cluster/02-check.yaml +++ b/test/e2e/grafana/grafana-simple-cluster/02-check.yaml @@ -1,8 +1,8 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: | - while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-grafana-simple --project aiven-ci-kubernetes-operator; - do - sleep 10 - done + - script: | + while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-grafana-simple --project aiven-ci-kubernetes-operator; + do + sleep 10 + done diff --git a/test/e2e/kafka-connector/connect-kafka-to-postgres/00-secret.yaml b/test/e2e/kafka-connector/connect-kafka-to-postgres/00-secret.yaml index a87b3cdf..11d5feae 100644 --- a/test/e2e/kafka-connector/connect-kafka-to-postgres/00-secret.yaml +++ b/test/e2e/kafka-connector/connect-kafka-to-postgres/00-secret.yaml @@ -1,4 +1,4 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN + - script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN diff --git a/test/e2e/kafka-connector/connect-kafka-to-postgres/02-check-services-running.yaml b/test/e2e/kafka-connector/connect-kafka-to-postgres/02-check-services-running.yaml index 60262657..fe3383f8 100644 --- a/test/e2e/kafka-connector/connect-kafka-to-postgres/02-check-services-running.yaml +++ b/test/e2e/kafka-connector/connect-kafka-to-postgres/02-check-services-running.yaml @@ -1,22 +1,22 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: | - SERVICE=k8s-test-kafka-connector-connect-kafka-to-postgres-kafka - while ! avn --auth-token $AIVEN_TOKEN service wait $SERVICE --project aiven-ci-kubernetes-operator; - do - sleep 10 - done -- script: | - SERVICE=k8s-test-kafka-connector-connect-kafka-to-postgres-pg - while ! avn --auth-token $AIVEN_TOKEN service wait $SERVICE --project aiven-ci-kubernetes-operator; - do - sleep 10 - done -- script: | - SERVICE=k8s-test-kafka-connector-connect-kafka-to-postgres-kafka - TOPIC=k8s-test-kafka-connector-connect-kafka-to-postgres-topic - while ! avn --auth-token $AIVEN_TOKEN service topic-get $SERVICE $TOPIC --project aiven-ci-kubernetes-operator; - do - sleep 10 - done + - script: | + SERVICE=k8s-test-kafka-connector-connect-kafka-to-postgres-kafka + while ! avn --auth-token $AIVEN_TOKEN service wait $SERVICE --project aiven-ci-kubernetes-operator; + do + sleep 10 + done + - script: | + SERVICE=k8s-test-kafka-connector-connect-kafka-to-postgres-pg + while ! avn --auth-token $AIVEN_TOKEN service wait $SERVICE --project aiven-ci-kubernetes-operator; + do + sleep 10 + done + - script: | + SERVICE=k8s-test-kafka-connector-connect-kafka-to-postgres-kafka + TOPIC=k8s-test-kafka-connector-connect-kafka-to-postgres-topic + while ! avn --auth-token $AIVEN_TOKEN service topic-get $SERVICE $TOPIC --project aiven-ci-kubernetes-operator; + do + sleep 10 + done diff --git a/test/e2e/kafka-connector/connect-kafka-to-postgres/04-write-and-receive.yaml b/test/e2e/kafka-connector/connect-kafka-to-postgres/04-write-and-receive.yaml index 113b6d48..7cbb9486 100644 --- a/test/e2e/kafka-connector/connect-kafka-to-postgres/04-write-and-receive.yaml +++ b/test/e2e/kafka-connector/connect-kafka-to-postgres/04-write-and-receive.yaml @@ -1,48 +1,47 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -# produce the message -- script: | - mkdir -p /tmp/kafkacat - trap 'rm -rf /tmp/kafkacat' EXIT + # produce the message + - script: | + mkdir -p /tmp/kafkacat + trap 'rm -rf /tmp/kafkacat' EXIT - kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.CA_CERT -r | base64 -w0 -d >> /tmp/kafkacat/ca.crt - kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.ACCESS_CERT -r | base64 -w0 -d >> /tmp/kafkacat/service.crt - kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.ACCESS_KEY -r | base64 -w0 -d >> /tmp/kafkacat/service.key + kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.CA_CERT -r | base64 -w0 -d >> /tmp/kafkacat/ca.crt + kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.ACCESS_CERT -r | base64 -w0 -d >> /tmp/kafkacat/service.crt + kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.ACCESS_KEY -r | base64 -w0 -d >> /tmp/kafkacat/service.key - HOST=$(kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.HOST -r | base64 -d) - PORT=$(kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.PORT -r | base64 -d) - TOPIC=k8s-test-kafka-connector-connect-kafka-to-postgres-topic + HOST=$(kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.HOST -r | base64 -d) + PORT=$(kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.PORT -r | base64 -d) + TOPIC=k8s-test-kafka-connector-connect-kafka-to-postgres-topic - cat <> /tmp/kafkacat/msg - { - "schema": { - "type": "struct", - "fields": [ - { "field": "text", "type": "string", "optional": false } - ] - }, - "payload": { - "text": "Hello World" + cat <> /tmp/kafkacat/msg + { + "schema": { + "type": "struct", + "fields": [ + { "field": "text", "type": "string", "optional": false } + ] + }, + "payload": { + "text": "Hello World" + } } - } - EOF - - kcat \ - -b $HOST:$PORT \ - -X security.protocol=SSL \ - -X ssl.ca.location=/tmp/kafkacat/ca.crt \ - -X ssl.certificate.location=/tmp/kafkacat/service.crt \ - -X ssl.key.location=/tmp/kafkacat/service.key \ - -P -t $TOPIC /tmp/kafkacat/msg + EOF + + kcat \ + -b $HOST:$PORT \ + -X security.protocol=SSL \ + -X ssl.ca.location=/tmp/kafkacat/ca.crt \ + -X ssl.certificate.location=/tmp/kafkacat/service.crt \ + -X ssl.key.location=/tmp/kafkacat/service.key \ + -P -t $TOPIC /tmp/kafkacat/msg -# check that the connector wrote the message -- script: | - URI=$(kubectl --namespace $NAMESPACE get secret pg-secret -ojson | jq .data.DATABASE_URI -r | base64 -d) - TABLE=k8s-test-kafka-connector-connect-kafka-to-postgres-topic - - while ! psql $URI -qtAX -c "SELECT text FROM \"$TABLE\"" == "Hello World" - do - sleep 10 - done + # check that the connector wrote the message + - script: | + URI=$(kubectl --namespace $NAMESPACE get secret pg-secret -ojson | jq .data.DATABASE_URI -r | base64 -d) + TABLE=k8s-test-kafka-connector-connect-kafka-to-postgres-topic + while ! psql $URI -qtAX -c "SELECT text FROM \"$TABLE\"" == "Hello World" + do + sleep 10 + done diff --git a/test/e2e/kafka-topic/simple-kafka-topic/00-secret.yaml b/test/e2e/kafka-topic/simple-kafka-topic/00-secret.yaml index a87b3cdf..11d5feae 100644 --- a/test/e2e/kafka-topic/simple-kafka-topic/00-secret.yaml +++ b/test/e2e/kafka-topic/simple-kafka-topic/00-secret.yaml @@ -1,4 +1,4 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN + - script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN diff --git a/test/e2e/kafka-topic/simple-kafka-topic/02-check-services-running.yaml b/test/e2e/kafka-topic/simple-kafka-topic/02-check-services-running.yaml index ff036986..a42b1e69 100644 --- a/test/e2e/kafka-topic/simple-kafka-topic/02-check-services-running.yaml +++ b/test/e2e/kafka-topic/simple-kafka-topic/02-check-services-running.yaml @@ -1,20 +1,20 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: | - SERVICE=k8s-test-kafka-topic-simple-kafka-topic-kafka - while ! avn --auth-token $AIVEN_TOKEN service wait $SERVICE --project aiven-ci-kubernetes-operator; - do - sleep 10 - done -- script: | - SERVICE=k8s-test-kafka-topic-simple-kafka-topic-kafka - TOPIC=k8s-test-kafka-topic-simple-kafka-topic-topic - while ! avn --auth-token $AIVEN_TOKEN service topic-get $SERVICE $TOPIC --project aiven-ci-kubernetes-operator; - do - sleep 10 - done -- script: | + - script: | + SERVICE=k8s-test-kafka-topic-simple-kafka-topic-kafka + while ! avn --auth-token $AIVEN_TOKEN service wait $SERVICE --project aiven-ci-kubernetes-operator; + do + sleep 10 + done + - script: | + SERVICE=k8s-test-kafka-topic-simple-kafka-topic-kafka + TOPIC=k8s-test-kafka-topic-simple-kafka-topic-topic + while ! avn --auth-token $AIVEN_TOKEN service topic-get $SERVICE $TOPIC --project aiven-ci-kubernetes-operator; + do + sleep 10 + done + - script: | SERVICE=k8s-test-kafka-topic-simple-kafka-topic-kafka ACLTARGET=k8s-test-kafka-topic-simple-kafka-topic-topic while ! ( avn --auth-token $AIVEN_TOKEN service acl-list $SERVICE --project aiven-ci-kubernetes-operator | grep -q $ACLTARGET ); diff --git a/test/e2e/kafka-topic/simple-kafka-topic/03-delete.yaml b/test/e2e/kafka-topic/simple-kafka-topic/03-delete.yaml index 33db2546..6967f88c 100644 --- a/test/e2e/kafka-topic/simple-kafka-topic/03-delete.yaml +++ b/test/e2e/kafka-topic/simple-kafka-topic/03-delete.yaml @@ -3,4 +3,4 @@ kind: TestStep delete: - apiVersion: aiven.io/v1alpha1 kind: Kafka - name: k8s-test-kafka-topic-simple-kafka-topic-topic \ No newline at end of file + name: k8s-test-kafka-topic-simple-kafka-topic-topic diff --git a/test/e2e/kafka/kafka-simple-cluster/00-secret.yaml b/test/e2e/kafka/kafka-simple-cluster/00-secret.yaml index a87b3cdf..11d5feae 100644 --- a/test/e2e/kafka/kafka-simple-cluster/00-secret.yaml +++ b/test/e2e/kafka/kafka-simple-cluster/00-secret.yaml @@ -1,4 +1,4 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN + - script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN diff --git a/test/e2e/kafka/kafka-simple-cluster/02-check.yaml b/test/e2e/kafka/kafka-simple-cluster/02-check.yaml index 65ad105f..7e3814ef 100644 --- a/test/e2e/kafka/kafka-simple-cluster/02-check.yaml +++ b/test/e2e/kafka/kafka-simple-cluster/02-check.yaml @@ -1,8 +1,8 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: | - while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-kafka-simple --project aiven-ci-kubernetes-operator; - do - sleep 10 - done + - script: | + while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-kafka-simple --project aiven-ci-kubernetes-operator; + do + sleep 10 + done diff --git a/test/e2e/kuttl-test.preinstalled.yaml b/test/e2e/kuttl-test.preinstalled.yaml index efb55854..e4d1de3f 100644 --- a/test/e2e/kuttl-test.preinstalled.yaml +++ b/test/e2e/kuttl-test.preinstalled.yaml @@ -2,15 +2,15 @@ apiVersion: kuttl.dev/v1beta1 kind: TestSuite timeout: 600 testDirs: -- test/e2e/kafka -- test/e2e/kafka-topic -- test/e2e/kafka-connector -- test/e2e/redis -- test/e2e/opensearch -- test/e2e/clickhouse -- test/e2e/projectvpc -- test/e2e/service-integration -- test/e2e/mysql -- test/e2e/cassandra -- test/e2e/grafana + - test/e2e/kafka + - test/e2e/kafka-topic + - test/e2e/kafka-connector + - test/e2e/redis + - test/e2e/opensearch + - test/e2e/clickhouse + - test/e2e/projectvpc + - test/e2e/service-integration + - test/e2e/mysql + - test/e2e/cassandra + - test/e2e/grafana blockOnNamespaceDelete: true diff --git a/test/e2e/kuttl-test.yaml b/test/e2e/kuttl-test.yaml index e71e5d03..09d8ee11 100644 --- a/test/e2e/kuttl-test.yaml +++ b/test/e2e/kuttl-test.yaml @@ -4,18 +4,18 @@ timeout: 9999 startKIND: true crdDir: config/crd/bases testDirs: -- test/e2e/kafka -- test/e2e/kafka-topic -- test/e2e/kafka-connector -- test/e2e/redis -- test/e2e/opensearch -- test/e2e/clickhouse -- test/e2e/projectvpc -- test/e2e/service-integration -- test/e2e/mysql -- test/e2e/cassandra -- test/e2e/grafana + - test/e2e/kafka + - test/e2e/kafka-topic + - test/e2e/kafka-connector + - test/e2e/redis + - test/e2e/opensearch + - test/e2e/clickhouse + - test/e2e/projectvpc + - test/e2e/service-integration + - test/e2e/mysql + - test/e2e/cassandra + - test/e2e/grafana commands: -- script: ENABLE_WEBHOOKS=false ./bin/manager --metrics-bind-address=0 --health-probe-bind-address=0 - background: true + - script: ENABLE_WEBHOOKS=false ./bin/manager --metrics-bind-address=0 --health-probe-bind-address=0 + background: true blockOnNamespaceDelete: false diff --git a/test/e2e/mysql/mysql-simple-cluster/00-secret.yaml b/test/e2e/mysql/mysql-simple-cluster/00-secret.yaml index a87b3cdf..11d5feae 100644 --- a/test/e2e/mysql/mysql-simple-cluster/00-secret.yaml +++ b/test/e2e/mysql/mysql-simple-cluster/00-secret.yaml @@ -1,4 +1,4 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN + - script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN diff --git a/test/e2e/mysql/mysql-simple-cluster/02-check.yaml b/test/e2e/mysql/mysql-simple-cluster/02-check.yaml index acf4651e..a28366f9 100644 --- a/test/e2e/mysql/mysql-simple-cluster/02-check.yaml +++ b/test/e2e/mysql/mysql-simple-cluster/02-check.yaml @@ -1,8 +1,8 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: | - while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-mysql-simple --project aiven-ci-kubernetes-operator; - do - sleep 10 - done + - script: | + while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-mysql-simple --project aiven-ci-kubernetes-operator; + do + sleep 10 + done diff --git a/test/e2e/opensearch/opensearch-simple-cluster/00-secret.yaml b/test/e2e/opensearch/opensearch-simple-cluster/00-secret.yaml index a87b3cdf..11d5feae 100644 --- a/test/e2e/opensearch/opensearch-simple-cluster/00-secret.yaml +++ b/test/e2e/opensearch/opensearch-simple-cluster/00-secret.yaml @@ -1,4 +1,4 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN + - script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN diff --git a/test/e2e/opensearch/opensearch-simple-cluster/02-check.yaml b/test/e2e/opensearch/opensearch-simple-cluster/02-check.yaml index 7924659b..ca7fd858 100644 --- a/test/e2e/opensearch/opensearch-simple-cluster/02-check.yaml +++ b/test/e2e/opensearch/opensearch-simple-cluster/02-check.yaml @@ -1,8 +1,8 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: | - while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-os-simple --project aiven-ci-kubernetes-operator; - do - sleep 10 - done + - script: | + while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-os-simple --project aiven-ci-kubernetes-operator; + do + sleep 10 + done diff --git a/test/e2e/opensearch/opensearch-simple-cluster/03-delete.yaml b/test/e2e/opensearch/opensearch-simple-cluster/03-delete.yaml index 90dfd909..05eca5d3 100644 --- a/test/e2e/opensearch/opensearch-simple-cluster/03-delete.yaml +++ b/test/e2e/opensearch/opensearch-simple-cluster/03-delete.yaml @@ -3,4 +3,4 @@ kind: TestStep delete: - apiVersion: aiven.io/v1alpha1 kind: OpenSearch - name: k8s-e2e-os-simple \ No newline at end of file + name: k8s-e2e-os-simple diff --git a/test/e2e/projectvpc/projectvpc-ref/00-secret.yaml b/test/e2e/projectvpc/projectvpc-ref/00-secret.yaml index a87b3cdf..11d5feae 100644 --- a/test/e2e/projectvpc/projectvpc-ref/00-secret.yaml +++ b/test/e2e/projectvpc/projectvpc-ref/00-secret.yaml @@ -1,4 +1,4 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN + - script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN diff --git a/test/e2e/projectvpc/projectvpc-ref/01-resources.yaml b/test/e2e/projectvpc/projectvpc-ref/01-resources.yaml index 1b5e7c73..4aa3ff9b 100644 --- a/test/e2e/projectvpc/projectvpc-ref/01-resources.yaml +++ b/test/e2e/projectvpc/projectvpc-ref/01-resources.yaml @@ -12,7 +12,6 @@ spec: key: token --- - apiVersion: aiven.io/v1alpha1 kind: Kafka metadata: @@ -33,7 +32,6 @@ spec: name: k8s-e2e-projectvpc-ref --- - apiVersion: aiven.io/v1alpha1 kind: OpenSearch metadata: @@ -54,7 +52,6 @@ spec: name: k8s-e2e-projectvpc-ref --- - apiVersion: aiven.io/v1alpha1 kind: Redis metadata: diff --git a/test/e2e/projectvpc/projectvpc-ref/02-check.yaml b/test/e2e/projectvpc/projectvpc-ref/02-check.yaml index eff6c6b8..24c8fb11 100644 --- a/test/e2e/projectvpc/projectvpc-ref/02-check.yaml +++ b/test/e2e/projectvpc/projectvpc-ref/02-check.yaml @@ -1,33 +1,33 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: | - while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-projectvpc-ref-kafka --project aiven-ci-kubernetes-operator; - do - sleep 10 - done -- script: | - while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-projectvpc-ref-os --project aiven-ci-kubernetes-operator; - do - sleep 10 - done -- script: | - while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-projectvpc-ref-redis --project aiven-ci-kubernetes-operator; - do - sleep 10 - done -- script: | - while ! avn service get k8s-e2e-projectvpc-ref-kafka --project aiven-ci-kubernetes-operator --json | grep -c -E '"project_vpc_id":\s*"[0-9a-z-]+"' - do - sleep 10 - done -- script: | - while ! avn service get k8s-e2e-projectvpc-ref-os --project aiven-ci-kubernetes-operator --json | grep -c -E '"project_vpc_id":\s*"[0-9a-z-]+"' - do - sleep 10 - done -- script: | - while ! avn service get k8s-e2e-projectvpc-ref-redis --project aiven-ci-kubernetes-operator --json | grep -c -E '"project_vpc_id":\s*"[0-9a-z-]+"' - do - sleep 10 - done + - script: | + while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-projectvpc-ref-kafka --project aiven-ci-kubernetes-operator; + do + sleep 10 + done + - script: | + while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-projectvpc-ref-os --project aiven-ci-kubernetes-operator; + do + sleep 10 + done + - script: | + while ! avn --auth-token $AIVEN_TOKEN service wait k8s-e2e-projectvpc-ref-redis --project aiven-ci-kubernetes-operator; + do + sleep 10 + done + - script: | + while ! avn service get k8s-e2e-projectvpc-ref-kafka --project aiven-ci-kubernetes-operator --json | grep -c -E '"project_vpc_id":\s*"[0-9a-z-]+"' + do + sleep 10 + done + - script: | + while ! avn service get k8s-e2e-projectvpc-ref-os --project aiven-ci-kubernetes-operator --json | grep -c -E '"project_vpc_id":\s*"[0-9a-z-]+"' + do + sleep 10 + done + - script: | + while ! avn service get k8s-e2e-projectvpc-ref-redis --project aiven-ci-kubernetes-operator --json | grep -c -E '"project_vpc_id":\s*"[0-9a-z-]+"' + do + sleep 10 + done diff --git a/test/e2e/redis/redis-simple-cluster/00-secret.yaml b/test/e2e/redis/redis-simple-cluster/00-secret.yaml index a87b3cdf..11d5feae 100644 --- a/test/e2e/redis/redis-simple-cluster/00-secret.yaml +++ b/test/e2e/redis/redis-simple-cluster/00-secret.yaml @@ -1,4 +1,4 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN + - script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN diff --git a/test/e2e/redis/redis-simple-cluster/02-check.yaml b/test/e2e/redis/redis-simple-cluster/02-check.yaml index e083b132..d1230e0f 100644 --- a/test/e2e/redis/redis-simple-cluster/02-check.yaml +++ b/test/e2e/redis/redis-simple-cluster/02-check.yaml @@ -1,8 +1,8 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: | - while ! avn --auth-token $AIVEN_TOKEN service wait k8s-redis-simple --project aiven-ci-kubernetes-operator; - do - sleep 10 - done + - script: | + while ! avn --auth-token $AIVEN_TOKEN service wait k8s-redis-simple --project aiven-ci-kubernetes-operator; + do + sleep 10 + done diff --git a/test/e2e/redis/redis-simple-cluster/03-delete.yaml b/test/e2e/redis/redis-simple-cluster/03-delete.yaml index 36b40b70..5a324c4f 100644 --- a/test/e2e/redis/redis-simple-cluster/03-delete.yaml +++ b/test/e2e/redis/redis-simple-cluster/03-delete.yaml @@ -3,4 +3,4 @@ kind: TestStep delete: - apiVersion: aiven.io/v1alpha1 kind: Redis - name: k8s-redis-simple \ No newline at end of file + name: k8s-redis-simple diff --git a/test/e2e/service-integration/clickhouse-postgresql/00-secret.yaml b/test/e2e/service-integration/clickhouse-postgresql/00-secret.yaml index a87b3cdf..11d5feae 100644 --- a/test/e2e/service-integration/clickhouse-postgresql/00-secret.yaml +++ b/test/e2e/service-integration/clickhouse-postgresql/00-secret.yaml @@ -1,4 +1,4 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN + - script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN diff --git a/test/e2e/service-integration/clickhouse-postgresql/02-check-services-running.yaml b/test/e2e/service-integration/clickhouse-postgresql/02-check-services-running.yaml index 9d9014a3..91a13dc0 100644 --- a/test/e2e/service-integration/clickhouse-postgresql/02-check-services-running.yaml +++ b/test/e2e/service-integration/clickhouse-postgresql/02-check-services-running.yaml @@ -1,15 +1,15 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: | - SERVICE=k8s-e2e-test-ch-integration - while ! avn --auth-token $AIVEN_TOKEN service wait $SERVICE --project aiven-ci-kubernetes-operator; - do - sleep 10 - done -- script: | - SERVICE=k8s-e2e-test-pg-integration - while ! avn --auth-token $AIVEN_TOKEN service wait $SERVICE --project aiven-ci-kubernetes-operator; - do - sleep 10 - done + - script: | + SERVICE=k8s-e2e-test-ch-integration + while ! avn --auth-token $AIVEN_TOKEN service wait $SERVICE --project aiven-ci-kubernetes-operator; + do + sleep 10 + done + - script: | + SERVICE=k8s-e2e-test-pg-integration + while ! avn --auth-token $AIVEN_TOKEN service wait $SERVICE --project aiven-ci-kubernetes-operator; + do + sleep 10 + done diff --git a/test/e2e/service-integration/clickhouse-postgresql/04-check-integration.yaml b/test/e2e/service-integration/clickhouse-postgresql/04-check-integration.yaml index a78d5d4e..5cf23d10 100644 --- a/test/e2e/service-integration/clickhouse-postgresql/04-check-integration.yaml +++ b/test/e2e/service-integration/clickhouse-postgresql/04-check-integration.yaml @@ -1,9 +1,9 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: | - SERVICE=k8s-e2e-test-pg-integration - while ! avn service integration-list $SERVICE --json | jq '.[] | select(.integration_type == "clickhouse_postgresql" and .active == true)' - do - sleep 10 - done + - script: | + SERVICE=k8s-e2e-test-pg-integration + while ! avn service integration-list $SERVICE --json | jq '.[] | select(.integration_type == "clickhouse_postgresql" and .active == true)' + do + sleep 10 + done diff --git a/test/e2e/service-integration/kafka-logs/00-secret.yaml b/test/e2e/service-integration/kafka-logs/00-secret.yaml index a87b3cdf..11d5feae 100644 --- a/test/e2e/service-integration/kafka-logs/00-secret.yaml +++ b/test/e2e/service-integration/kafka-logs/00-secret.yaml @@ -1,4 +1,4 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN + - script: kubectl --namespace $NAMESPACE create secret generic aiven-token --from-literal=token=$AIVEN_TOKEN diff --git a/test/e2e/service-integration/kafka-logs/02-check-services-running.yaml b/test/e2e/service-integration/kafka-logs/02-check-services-running.yaml index 1e2d7105..06b79254 100644 --- a/test/e2e/service-integration/kafka-logs/02-check-services-running.yaml +++ b/test/e2e/service-integration/kafka-logs/02-check-services-running.yaml @@ -1,16 +1,16 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: | - SERVICE=k8s-test-service-integration-kafka-logs-kafka - while ! avn --auth-token $AIVEN_TOKEN service wait $SERVICE --project aiven-ci-kubernetes-operator; - do - sleep 10 - done -- script: | - SERVICE=k8s-test-service-integration-kafka-logs-kafka - TOPIC=k8s-test-service-integration-kafka-logs-topic - while ! avn --auth-token $AIVEN_TOKEN service topic-get $SERVICE $TOPIC --project aiven-ci-kubernetes-operator; - do - sleep 10 - done + - script: | + SERVICE=k8s-test-service-integration-kafka-logs-kafka + while ! avn --auth-token $AIVEN_TOKEN service wait $SERVICE --project aiven-ci-kubernetes-operator; + do + sleep 10 + done + - script: | + SERVICE=k8s-test-service-integration-kafka-logs-kafka + TOPIC=k8s-test-service-integration-kafka-logs-topic + while ! avn --auth-token $AIVEN_TOKEN service topic-get $SERVICE $TOPIC --project aiven-ci-kubernetes-operator; + do + sleep 10 + done diff --git a/test/e2e/service-integration/kafka-logs/04-check-topic.yaml b/test/e2e/service-integration/kafka-logs/04-check-topic.yaml index 35beb1ea..1b7bc235 100644 --- a/test/e2e/service-integration/kafka-logs/04-check-topic.yaml +++ b/test/e2e/service-integration/kafka-logs/04-check-topic.yaml @@ -1,22 +1,22 @@ apiVersion: kuttl.dev/v1beta1 kind: TestStep commands: -- script: | - TMPDIR=$(mktemp -d) - trap "rm -rf $TMPDIR" EXIT + - script: | + TMPDIR=$(mktemp -d) + trap "rm -rf $TMPDIR" EXIT - kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.CA_CERT -r | base64 -w0 -d >> $TMPDIR/ca.crt - kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.ACCESS_CERT -r | base64 -w0 -d >> $TMPDIR/service.crt - kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.ACCESS_KEY -r | base64 -w0 -d >> $TMPDIR/service.key + kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.CA_CERT -r | base64 -w0 -d >> $TMPDIR/ca.crt + kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.ACCESS_CERT -r | base64 -w0 -d >> $TMPDIR/service.crt + kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.ACCESS_KEY -r | base64 -w0 -d >> $TMPDIR/service.key - HOST=$(kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.HOST -r | base64 -d) - PORT=$(kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.PORT -r | base64 -d) - TOPIC=k8s-test-service-integration-kafka-logs-topic - - kcat \ - -b $HOST:$PORT \ - -X security.protocol=SSL \ - -X ssl.ca.location=$TMPDIR/ca.crt \ - -X ssl.certificate.location=$TMPDIR/service.crt \ - -X ssl.key.location=$TMPDIR/service.key \ - -C -t $TOPIC -c 1 + HOST=$(kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.HOST -r | base64 -d) + PORT=$(kubectl --namespace $NAMESPACE get secret kafka-secret -ojson | jq .data.PORT -r | base64 -d) + TOPIC=k8s-test-service-integration-kafka-logs-topic + + kcat \ + -b $HOST:$PORT \ + -X security.protocol=SSL \ + -X ssl.ca.location=$TMPDIR/ca.crt \ + -X ssl.certificate.location=$TMPDIR/service.crt \ + -X ssl.key.location=$TMPDIR/service.key \ + -C -t $TOPIC -c 1 diff --git a/test/e2e/service-integration/kafka-logs/05-delete.yaml b/test/e2e/service-integration/kafka-logs/05-delete.yaml index f596dfde..067df2af 100644 --- a/test/e2e/service-integration/kafka-logs/05-delete.yaml +++ b/test/e2e/service-integration/kafka-logs/05-delete.yaml @@ -3,4 +3,4 @@ kind: TestStep delete: - apiVersion: aiven.io/v1alpha1 kind: Kafka - name: k8s-test-service-integration-kafka-logs-kafka \ No newline at end of file + name: k8s-test-service-integration-kafka-logs-kafka From 37ee589d4541a59d1270dc23781c511a8211431b Mon Sep 17 00:00:00 2001 From: Timo Riski Date: Thu, 21 Dec 2023 16:14:17 +0200 Subject: [PATCH 3/8] chore(lint): fix `yamllint` --- .trunk/configs/.yamllint.yaml | 5 +++-- .trunk/trunk.yaml | 5 +++++ charts/aiven-operator/values.yaml | 2 +- config/default/manager_auth_proxy_patch.yaml | 16 ++++++++-------- config/default/manager_config_patch.yaml | 2 +- config/manager/manager.yaml | 2 +- config/rbac/auth_proxy_client_clusterrole.yaml | 2 +- config/samples/aiven.io_v1alpha1_redis.yaml | 2 +- docs/docs/api-reference/examples/redis.yaml | 2 +- .../e2e/redis/redis-simple-cluster/01-redis.yaml | 2 +- 10 files changed, 23 insertions(+), 17 deletions(-) diff --git a/.trunk/configs/.yamllint.yaml b/.trunk/configs/.yamllint.yaml index 4d444662..e6114ef7 100644 --- a/.trunk/configs/.yamllint.yaml +++ b/.trunk/configs/.yamllint.yaml @@ -1,9 +1,10 @@ rules: quoted-strings: required: only-when-needed - extra-allowed: ["{|}"] + extra-allowed: + - "{|}" empty-values: - forbid-in-block-mappings: true + forbid-in-block-mappings: false forbid-in-flow-mappings: true key-duplicates: {} octal-values: diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml index 2ad48711..2a99601e 100644 --- a/.trunk/trunk.yaml +++ b/.trunk/trunk.yaml @@ -1,11 +1,14 @@ version: 0.1 + cli: version: 1.18.1 + plugins: sources: - id: trunk uri: https://github.com/trunk-io/plugins ref: v1.4.1 + lint: enabled: - codespell@2.2.6 @@ -27,11 +30,13 @@ lint: - markdownlint paths: - .trunk/** + runtimes: enabled: - go@1.21.4 - node@20.10.0 - python@3.10.8 + actions: disabled: - trunk-announce diff --git a/charts/aiven-operator/values.yaml b/charts/aiven-operator/values.yaml index 3104c7b0..ba0ca26b 100644 --- a/charts/aiven-operator/values.yaml +++ b/charts/aiven-operator/values.yaml @@ -16,7 +16,7 @@ leaderElect: true # operator will be installed and should contain a valid Aiven API Token. defaultTokenSecret: name: "" - key: "token" + key: token # webhhook configuration webhooks: diff --git a/config/default/manager_auth_proxy_patch.yaml b/config/default/manager_auth_proxy_patch.yaml index 39cd9960..6ff1ad4e 100644 --- a/config/default/manager_auth_proxy_patch.yaml +++ b/config/default/manager_auth_proxy_patch.yaml @@ -14,13 +14,13 @@ spec: allowPrivilegeEscalation: false capabilities: drop: - - "ALL" + - ALL image: gcr.io/kubebuilder/kube-rbac-proxy:v0.13.0 args: - - "--secure-listen-address=0.0.0.0:8443" - - "--upstream=http://127.0.0.1:8080/" - - "--logtostderr=true" - - "--v=0" + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=0 ports: - containerPort: 8443 protocol: TCP @@ -34,6 +34,6 @@ spec: memory: 64Mi - name: manager args: - - "--health-probe-bind-address=:8081" - - "--metrics-bind-address=127.0.0.1:8080" - - "--leader-elect" + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect diff --git a/config/default/manager_config_patch.yaml b/config/default/manager_config_patch.yaml index 68563ebf..86ad3eaa 100644 --- a/config/default/manager_config_patch.yaml +++ b/config/default/manager_config_patch.yaml @@ -9,7 +9,7 @@ spec: containers: - name: manager args: - - "--config=controller_manager_config.yaml" + - --config=controller_manager_config.yaml volumeMounts: - name: manager-config mountPath: /controller_manager_config.yaml diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index a6836ee6..21c3cd58 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -44,7 +44,7 @@ spec: allowPrivilegeEscalation: false capabilities: drop: - - "ALL" + - ALL livenessProbe: httpGet: path: /healthz diff --git a/config/rbac/auth_proxy_client_clusterrole.yaml b/config/rbac/auth_proxy_client_clusterrole.yaml index 07f43829..2ac50a3b 100644 --- a/config/rbac/auth_proxy_client_clusterrole.yaml +++ b/config/rbac/auth_proxy_client_clusterrole.yaml @@ -4,6 +4,6 @@ metadata: name: metrics-reader rules: - nonResourceURLs: - - "/metrics" + - /metrics verbs: - get diff --git a/config/samples/aiven.io_v1alpha1_redis.yaml b/config/samples/aiven.io_v1alpha1_redis.yaml index 75d7ddd9..787a0b9d 100644 --- a/config/samples/aiven.io_v1alpha1_redis.yaml +++ b/config/samples/aiven.io_v1alpha1_redis.yaml @@ -19,4 +19,4 @@ spec: maintenanceWindowTime: 23:00:00 userConfig: - redis_maxmemory_policy: "allkeys-random" + redis_maxmemory_policy: allkeys-random diff --git a/docs/docs/api-reference/examples/redis.yaml b/docs/docs/api-reference/examples/redis.yaml index a98b4691..bbb0c7a5 100644 --- a/docs/docs/api-reference/examples/redis.yaml +++ b/docs/docs/api-reference/examples/redis.yaml @@ -23,4 +23,4 @@ spec: maintenanceWindowTime: 23:00:00 userConfig: - redis_maxmemory_policy: "allkeys-random" + redis_maxmemory_policy: allkeys-random diff --git a/test/e2e/redis/redis-simple-cluster/01-redis.yaml b/test/e2e/redis/redis-simple-cluster/01-redis.yaml index b5d39a4e..117cf331 100644 --- a/test/e2e/redis/redis-simple-cluster/01-redis.yaml +++ b/test/e2e/redis/redis-simple-cluster/01-redis.yaml @@ -19,4 +19,4 @@ spec: maintenanceWindowTime: 23:00:00 userConfig: - redis_maxmemory_policy: "allkeys-random" + redis_maxmemory_policy: allkeys-random From f173abda76b75c34e929dde4f6428a951c0cb518 Mon Sep 17 00:00:00 2001 From: Timo Riski Date: Thu, 21 Dec 2023 16:31:16 +0200 Subject: [PATCH 4/8] chore(lint): fix `markdownlint` --- CODE_OF_CONDUCT.md | 8 ++++---- README.md | 6 +++--- docs/docs/api-reference/grafana.md | 2 +- docs/docs/api-reference/serviceintegration.md | 2 +- docs/docs/contributing/developer-guide.md | 1 + docs/docs/contributing/index.md | 4 ++-- docs/docs/installation/helm.md | 6 +++--- docs/docs/resources/kafka/index.md | 2 +- docs/docs/resources/postgresql.md | 4 ++-- 9 files changed, 18 insertions(+), 17 deletions(-) diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index a1f72992..11ac8702 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -60,7 +60,7 @@ representative at an online or offline event. Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the community leaders responsible for enforcement at -opensource@aiven.io. +. All complaints will be reviewed and investigated promptly and fairly. All community leaders are obligated to respect the privacy and security of the @@ -116,7 +116,7 @@ the community. This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 2.0, available at -https://www.contributor-covenant.org/version/2/0/code_of_conduct.html. +. Community Impact Guidelines were inspired by [Mozilla's code of conduct enforcement ladder](https://github.com/mozilla/diversity). @@ -124,5 +124,5 @@ enforcement ladder](https://github.com/mozilla/diversity). [homepage]: https://www.contributor-covenant.org For answers to common questions about this code of conduct, see the FAQ at -https://www.contributor-covenant.org/faq. Translations are available at -https://www.contributor-covenant.org/translations. +. Translations are available at +. diff --git a/README.md b/README.md index 4d043e4b..1e94c66d 100644 --- a/README.md +++ b/README.md @@ -39,19 +39,19 @@ spec: Watch the resource being created and wait until its status is `RUNNING`: ```bash -$ watch kubectl get postgresql.aiven.io aiven-pg +watch kubectl get postgresql.aiven.io aiven-pg ``` After created, the Operator will create a Kubernetes Secret containing the PostgreSQL connection information: ```bash -$ kubectl describe secret pg-connection +kubectl describe secret pg-connection ``` Use the following [jq](https://github.com/stedolan/jq) command to decode the Secret: ```bash -$ kubectl get secret pg-connection -o json | jq '.data | map_values(@base64d)' +kubectl get secret pg-connection -o json | jq '.data | map_values(@base64d)' ``` ## Connecting to PostgreSQL diff --git a/docs/docs/api-reference/grafana.md b/docs/docs/api-reference/grafana.md index 1dc1c816..143358ab 100644 --- a/docs/docs/api-reference/grafana.md +++ b/docs/docs/api-reference/grafana.md @@ -171,7 +171,7 @@ Cassandra specific user configuration options. - [`service_to_fork_from`](#spec.userConfig.service_to_fork_from-property){: name='spec.userConfig.service_to_fork_from-property'} (string, Immutable, MaxLength: 64). Name of another service to fork from. This has effect only when a new service is being created. - [`smtp_server`](#spec.userConfig.smtp_server-property){: name='spec.userConfig.smtp_server-property'} (object). SMTP server settings. See below for [nested schema](#spec.userConfig.smtp_server). - [`static_ips`](#spec.userConfig.static_ips-property){: name='spec.userConfig.static_ips-property'} (boolean). Use static public IP addresses. -- [`unified_alerting_enabled`](#spec.userConfig.unified_alerting_enabled-property){: name='spec.userConfig.unified_alerting_enabled-property'} (boolean). Enable or disable Grafana unified alerting functionality. By default this is enabled and any legacy alerts will be migrated on upgrade to Grafana 9+. To stay on legacy alerting, set unified_alerting_enabled to false and alerting_enabled to true. See https://grafana.com/docs/grafana/latest/alerting/set-up/migrating-alerts/ for more details. +- [`unified_alerting_enabled`](#spec.userConfig.unified_alerting_enabled-property){: name='spec.userConfig.unified_alerting_enabled-property'} (boolean). Enable or disable Grafana unified alerting functionality. By default this is enabled and any legacy alerts will be migrated on upgrade to Grafana 9+. To stay on legacy alerting, set unified_alerting_enabled to false and alerting_enabled to true. See for more details. - [`user_auto_assign_org`](#spec.userConfig.user_auto_assign_org-property){: name='spec.userConfig.user_auto_assign_org-property'} (boolean). Auto-assign new users on signup to main organization. Defaults to false. - [`user_auto_assign_org_role`](#spec.userConfig.user_auto_assign_org_role-property){: name='spec.userConfig.user_auto_assign_org_role-property'} (string, Enum: `Viewer`, `Admin`, `Editor`). Set role for new signups. Defaults to Viewer. - [`viewers_can_edit`](#spec.userConfig.viewers_can_edit-property){: name='spec.userConfig.viewers_can_edit-property'} (boolean). Users with view-only permission can edit but not save dashboards. diff --git a/docs/docs/api-reference/serviceintegration.md b/docs/docs/api-reference/serviceintegration.md index 307052fe..5f5d9e22 100644 --- a/docs/docs/api-reference/serviceintegration.md +++ b/docs/docs/api-reference/serviceintegration.md @@ -180,7 +180,7 @@ Custom tags provided by user. **Required** -- [`tag`](#spec.datadog.datadog_tags.tag-property){: name='spec.datadog.datadog_tags.tag-property'} (string, MinLength: 1, MaxLength: 200). Tag format and usage are described here: https://docs.datadoghq.com/getting_started/tagging. Tags with prefix `aiven-` are reserved for Aiven. +- [`tag`](#spec.datadog.datadog_tags.tag-property){: name='spec.datadog.datadog_tags.tag-property'} (string, MinLength: 1, MaxLength: 200). Tag format and usage are described here: . Tags with prefix `aiven-` are reserved for Aiven. **Optional** diff --git a/docs/docs/contributing/developer-guide.md b/docs/docs/contributing/developer-guide.md index 40286272..cf6ac272 100644 --- a/docs/docs/contributing/developer-guide.md +++ b/docs/docs/contributing/developer-guide.md @@ -44,6 +44,7 @@ Please have installed first: - [kcat](https://github.com/edenhill/kcat) - base64, note: MACOS version doesn't support `-w0` flag, some tests may not work properly - [kind](https://kind.sigs.k8s.io/), and existing cluster, e.g. + ```shell kind create cluster --image kindest/node:v1.24.0 --wait 5m ``` diff --git a/docs/docs/contributing/index.md b/docs/docs/contributing/index.md index a793254d..8f40cf16 100644 --- a/docs/docs/contributing/index.md +++ b/docs/docs/contributing/index.md @@ -11,13 +11,13 @@ to help get your contribution accepted. Please see also the Aiven Operator for Kubernetes [Developer Guide](./developer-guide). -### Support Channels +## Support Channels This project offers support through GitHub issues and can be filed [here](https://github.com/aiven/aiven-operator/issues). Moreover, GitHub issues are used as the primary method for tracking anything to do with the Aiven Operator for Kubernetes project. -### Pull Request Process +## Pull Request Process 1. Ensure any install or build dependencies are removed before the end of the layer when doing a build. 2. Increase the version numbers in any examples files and the README.md and in corresponding file in he /docs folder to diff --git a/docs/docs/installation/helm.md b/docs/docs/installation/helm.md index 43283669..48cb8e31 100644 --- a/docs/docs/installation/helm.md +++ b/docs/docs/installation/helm.md @@ -91,9 +91,9 @@ helm list The output has the name of each deployment similar to the following: ```{ .shell .no-copy } -NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION -aiven-operator default 1 2021-09-09 10:56:14.623700249 +0200 CEST deployed aiven-operator-v0.1.0 v0.1.0 -aiven-operator-crds default 1 2021-09-09 10:56:05.736411868 +0200 CEST deployed aiven-operator-crds-v0.1.0 v0.1.0 +NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION +aiven-operator default 1 2021-09-09 10:56:14.623700249 +0200 CEST deployed aiven-operator-v0.1.0 v0.1.0 +aiven-operator-crds default 1 2021-09-09 10:56:05.736411868 +0200 CEST deployed aiven-operator-crds-v0.1.0 v0.1.0 ``` Remove the CRDs: diff --git a/docs/docs/resources/kafka/index.md b/docs/docs/resources/kafka/index.md index 43f29710..93a2baf3 100644 --- a/docs/docs/resources/kafka/index.md +++ b/docs/docs/resources/kafka/index.md @@ -436,7 +436,7 @@ kubectl apply -f kafka-crab-consume.yaml kubectl port-forward kafka-crab-consume 8080:8080 ``` -4\. In the browser of your choice, access the [http://localhost:8080]() address. You now see a page with +4\. In the browser of your choice, access the address. You now see a page with the `random-strings` topic listed: ![Kowl graphical interface on the topic listing page](./kowl-topics.png) diff --git a/docs/docs/resources/postgresql.md b/docs/docs/resources/postgresql.md index b60085aa..c02f162d 100644 --- a/docs/docs/resources/postgresql.md +++ b/docs/docs/resources/postgresql.md @@ -385,8 +385,8 @@ kubectl get postgresqls.aiven.io primary-pg-service The output is similar to the following: ```{ .shell .no-copy } -NAME PROJECT REGION PLAN STATE -primary-pg-service google-europe-west1 startup-4 RUNNING +NAME PROJECT REGION PLAN STATE +primary-pg-service google-europe-west1 startup-4 RUNNING ``` The resource can be in the `BUILDING` state for a few minutes. After the state of the primary service changes to `RUNNING`, the read-only replica is created. You can check the status of the replica using the same command with the name of the replica: From a878388ecf20796039b3c6f2d67a98d19881cffc Mon Sep 17 00:00:00 2001 From: Timo Riski Date: Tue, 19 Dec 2023 10:59:18 +0200 Subject: [PATCH 5/8] chore(lint): fix `codespell` --- CHANGELOG.md | 2 +- charts/aiven-operator/values.yaml | 2 +- config/crd/bases/aiven.io_crd-all.gen.yaml | 2 +- controllers/basic_controller.go | 2 +- controllers/kafkaconnector_controller.go | 2 +- docs/docs/changelog.md | 2 +- docs/docs/contributing/resource-generation.md | 2 +- docs/docs/troubleshooting.md | 2 +- generators/userconfigs/generator_test_source.yml | 8 ++++---- 9 files changed, 12 insertions(+), 12 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1da210b2..ab9020c5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -157,7 +157,7 @@ - Add `minumim`, `maximum` validations for `number` type - Move helm charts to the operator repository - Add helm charts generator -- Remove `ip_filter` backward compatability +- Remove `ip_filter` backward compatibility - Fix deletion errors omitted - Add service integration `clickhouseKafka.tables.data_format-property` enum `RawBLOB` value - Update OpenSearch `userConfig.opensearch.email_sender_username` validation pattern diff --git a/charts/aiven-operator/values.yaml b/charts/aiven-operator/values.yaml index ba0ca26b..34123c0a 100644 --- a/charts/aiven-operator/values.yaml +++ b/charts/aiven-operator/values.yaml @@ -30,7 +30,7 @@ webhooks: image: repository: aivenoy/aiven-operator pullPolicy: IfNotPresent - # default is .Chart.AppVersion but can be overriden here + # default is .Chart.AppVersion but can be overridden here tag: "" imagePullSecrets: [] diff --git a/config/crd/bases/aiven.io_crd-all.gen.yaml b/config/crd/bases/aiven.io_crd-all.gen.yaml index 3e1985c1..c3705e18 100644 --- a/config/crd/bases/aiven.io_crd-all.gen.yaml +++ b/config/crd/bases/aiven.io_crd-all.gen.yaml @@ -151,7 +151,7 @@ spec: type: integer pattern: description: - Must consist of alpha-numeric characters, dashes, + Must consist of alphanumeric characters, dashes, underscores, dots and glob characters (* and ?) maxLength: 1024 type: string diff --git a/controllers/basic_controller.go b/controllers/basic_controller.go index 534ace59..fe5772d7 100644 --- a/controllers/basic_controller.go +++ b/controllers/basic_controller.go @@ -346,7 +346,7 @@ func (i *instanceReconcilerHelper) finalize(ctx context.Context, o v1alpha1.Aive deletionPolicy := deletionPolicyDelete // Parse the annotations for the deletion policy. For simplicity, we only allow 'Orphan'. - // If set will skip the deletion of the remote object. Disable by removing the annoation. + // If set will skip the deletion of the remote object. Disable by removing the annotation. if p, ok := o.GetAnnotations()[deletionPolicyAnnotation]; ok { deletionPolicy = deletionPolicyOrphan if p != deletionPolicyOrphan { diff --git a/controllers/kafkaconnector_controller.go b/controllers/kafkaconnector_controller.go index bd86011f..d091b243 100644 --- a/controllers/kafkaconnector_controller.go +++ b/controllers/kafkaconnector_controller.go @@ -90,7 +90,7 @@ func (h KafkaConnectorHandler) createOrUpdate(ctx context.Context, avn *aiven.Cl return nil } -// buildConnectorConfig joins mandatory fields with additional conncetor specific config +// buildConnectorConfig joins mandatory fields with additional connector specific config func (h KafkaConnectorHandler) buildConnectorConfig(conn *v1alpha1.KafkaConnector) (aiven.KafkaConnectorConfig, error) { const ( configFieldConnectorName = "name" diff --git a/docs/docs/changelog.md b/docs/docs/changelog.md index 52a0a656..db641295 100644 --- a/docs/docs/changelog.md +++ b/docs/docs/changelog.md @@ -152,7 +152,7 @@ - Add `minumim`, `maximum` validations for `number` type - Move helm charts to the operator repository - Add helm charts generator -- Remove `ip_filter` backward compatability +- Remove `ip_filter` backward compatibility - Fix deletion errors omitted - Add service integration `clickhouseKafka.tables.data_format-property` enum `RawBLOB` value - Update OpenSearch `userConfig.opensearch.email_sender_username` validation pattern diff --git a/docs/docs/contributing/resource-generation.md b/docs/docs/contributing/resource-generation.md index ce9ef107..03fd286e 100644 --- a/docs/docs/contributing/resource-generation.md +++ b/docs/docs/contributing/resource-generation.md @@ -14,7 +14,7 @@ When a new schema is issued on the API, a cron job fetches it, parses, patches, and saves in a shared library — [go-api-schemas][go-api-schemas]. When the library is updated, -the GitHub [dependabot](https://github.com/dependabot) creates PRs to the dependant repositories, +the GitHub [dependabot](https://github.com/dependabot) creates PRs to the dependent repositories, like Aiven Kubernetes Operator and Aiven Terraform Provider. Then the [`make generate`](#make-generate) command is called by GitHub action. diff --git a/docs/docs/troubleshooting.md b/docs/docs/troubleshooting.md index d78076b8..f9fdbbe3 100644 --- a/docs/docs/troubleshooting.md +++ b/docs/docs/troubleshooting.md @@ -47,7 +47,7 @@ Use the following command to visualize all the logs from the operator. kubectl logs -n aiven-operator-system -l control-plane=controller-manager ``` -### Verifing the operator version +### Verifying the operator version ```shell kubectl get pod -n aiven-operator-system -l control-plane=controller-manager -o jsonpath="{.items[0].spec.containers[0].image}" diff --git a/generators/userconfigs/generator_test_source.yml b/generators/userconfigs/generator_test_source.yml index eb21fff2..4228ecbc 100644 --- a/generators/userconfigs/generator_test_source.yml +++ b/generators/userconfigs/generator_test_source.yml @@ -9,7 +9,7 @@ properties: max_length: 256 pattern: ^[a-z0-9-]+$ example: aws-eu-central-1 - user_error: Must consist of lower-case alpha-numeric characters or dashes + user_error: Must consist of lower-case alphanumeric characters or dashes max_items: 1 admin_password: title: Custom password for admin user. Defaults to random string. This must be set only when a new service is being created. @@ -21,7 +21,7 @@ properties: create_only: true pattern: ^[a-zA-Z0-9-_]+$ example: z66o9QXqKM - user_error: Must consist of alpha-numeric characters, underscores or dashes + user_error: Must consist of alphanumeric characters, underscores or dashes admin_username: title: Custom username for admin user. This must be set only when a new service is being created. type: @@ -31,7 +31,7 @@ properties: create_only: true pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ example: avnadmin - user_error: Must consist of alpha-numeric characters, dots, underscores or dashes, may not start with dash or dot, max 64 characters + user_error: Must consist of alphanumeric characters, dots, underscores or dashes, may not start with dash or dot, max 64 characters backup_hour: title: The hour of day (in UTC) when backup for the service is started. New backup is only started if previous backup has already completed. type: @@ -376,7 +376,7 @@ properties: max_length: 64 pattern: ^[_A-Za-z0-9][-._A-Za-z0-9]{0,63}$ example: myrolename - user_error: Must consist of alpha-numeric characters, dots, underscores or dashes, may not start with dash or dot, max 64 characters + user_error: Must consist of alphanumeric characters, dots, underscores or dashes, may not start with dash or dot, max 64 characters pg_stat_monitor.pgsm_enable_query_plan: title: pg_stat_monitor.pgsm_enable_query_plan description: Enables or disables query plan monitoring From 91beb9864d66ef2705c92788a55b40f7a8929e26 Mon Sep 17 00:00:00 2001 From: Timo Riski Date: Thu, 21 Dec 2023 16:39:42 +0200 Subject: [PATCH 6/8] chore(lint): fix 'postgresSQL' -> 'postgreSQL' --- controllers/postgresql_controller.go | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/controllers/postgresql_controller.go b/controllers/postgresql_controller.go index b2d90a86..4d123ceb 100644 --- a/controllers/postgresql_controller.go +++ b/controllers/postgresql_controller.go @@ -25,7 +25,7 @@ type PostgreSQLReconciler struct { //+kubebuilder:rbac:groups=aiven.io,resources=postgresqls/finalizers,verbs=get;list;watch;create;update;patch;delete func (r *PostgreSQLReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { - return r.reconcileInstance(ctx, req, newGenericServiceHandler(newPostgresSQLAdapter), &v1alpha1.PostgreSQL{}) + return r.reconcileInstance(ctx, req, newGenericServiceHandler(newPostgreSQLAdapter), &v1alpha1.PostgreSQL{}) } func (r *PostgreSQLReconciler) SetupWithManager(mgr ctrl.Manager) error { @@ -35,36 +35,36 @@ func (r *PostgreSQLReconciler) SetupWithManager(mgr ctrl.Manager) error { Complete(r) } -func newPostgresSQLAdapter(_ *aiven.Client, object client.Object) (serviceAdapter, error) { +func newPostgreSQLAdapter(_ *aiven.Client, object client.Object) (serviceAdapter, error) { pg, ok := object.(*v1alpha1.PostgreSQL) if !ok { - return nil, fmt.Errorf("object is not of type v1alpha1.PostgresSQL") + return nil, fmt.Errorf("object is not of type v1alpha1.PostgreSQL") } - return &postgresSQLAdapter{pg}, nil + return &postgreSQLAdapter{pg}, nil } -// postgresSQLAdapter handles an Aiven PostgresSQL service -type postgresSQLAdapter struct { +// postgreSQLAdapter handles an Aiven PostgreSQL service +type postgreSQLAdapter struct { *v1alpha1.PostgreSQL } -func (a *postgresSQLAdapter) getObjectMeta() *metav1.ObjectMeta { +func (a *postgreSQLAdapter) getObjectMeta() *metav1.ObjectMeta { return &a.ObjectMeta } -func (a *postgresSQLAdapter) getServiceStatus() *v1alpha1.ServiceStatus { +func (a *postgreSQLAdapter) getServiceStatus() *v1alpha1.ServiceStatus { return &a.Status } -func (a *postgresSQLAdapter) getServiceCommonSpec() *v1alpha1.ServiceCommonSpec { +func (a *postgreSQLAdapter) getServiceCommonSpec() *v1alpha1.ServiceCommonSpec { return &a.Spec.ServiceCommonSpec } -func (a *postgresSQLAdapter) getUserConfig() any { +func (a *postgreSQLAdapter) getUserConfig() any { return &a.Spec.UserConfig } -func (a *postgresSQLAdapter) newSecret(ctx context.Context, s *aiven.Service) (*corev1.Secret, error) { +func (a *postgreSQLAdapter) newSecret(ctx context.Context, s *aiven.Service) (*corev1.Secret, error) { prefix := getSecretPrefix(a) stringData := map[string]string{ prefix + "HOST": s.URIParams["host"], @@ -87,10 +87,10 @@ func (a *postgresSQLAdapter) newSecret(ctx context.Context, s *aiven.Service) (* return newSecret(a, stringData, false), nil } -func (a *postgresSQLAdapter) getServiceType() string { +func (a *postgreSQLAdapter) getServiceType() string { return "pg" } -func (a *postgresSQLAdapter) getDiskSpace() string { +func (a *postgreSQLAdapter) getDiskSpace() string { return a.Spec.DiskSpace } From abf2a64faf5dad6287aaf232aed81c07eb43f9d6 Mon Sep 17 00:00:00 2001 From: Timo Riski Date: Thu, 21 Dec 2023 16:59:38 +0200 Subject: [PATCH 7/8] chore(lint): add and fix `hadolint` --- .trunk/configs/.hadolint.yaml | 4 ++++ .trunk/trunk.yaml | 1 + Dockerfile | 4 ++-- 3 files changed, 7 insertions(+), 2 deletions(-) create mode 100644 .trunk/configs/.hadolint.yaml diff --git a/.trunk/configs/.hadolint.yaml b/.trunk/configs/.hadolint.yaml new file mode 100644 index 00000000..98bf0cd2 --- /dev/null +++ b/.trunk/configs/.hadolint.yaml @@ -0,0 +1,4 @@ +# Following source doesn't work in most setups +ignored: + - SC1090 + - SC1091 diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml index 2a99601e..356bcb82 100644 --- a/.trunk/trunk.yaml +++ b/.trunk/trunk.yaml @@ -11,6 +11,7 @@ plugins: lint: enabled: + - hadolint@2.12.0 - codespell@2.2.6 - actionlint@1.6.26 - git-diff-check diff --git a/Dockerfile b/Dockerfile index ba07bb03..0266463d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # Build the manager binary -FROM --platform=$BUILDPLATFORM golang:1.21 as builder +FROM --platform=$BUILDPLATFORM golang:1.21 AS builder WORKDIR /workspace # Copy the Go Modules manifests @@ -18,7 +18,7 @@ COPY controllers/ controllers/ ARG TARGETOS ARG TARGETARCH ARG VERSION=dev -RUN CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH go build -trimpath \ +RUN CGO_ENABLED=0 GOOS="$TARGETOS" GOARCH="$TARGETARCH" go build -trimpath \ -ldflags="-s -w -X github.com/aiven/aiven-operator/controllers.version=${VERSION}" \ -a -o manager main.go From 0cd3ff12d5c9b82a5cee71e7dde291f961f26476 Mon Sep 17 00:00:00 2001 From: Timo Riski Date: Thu, 21 Dec 2023 16:43:01 +0200 Subject: [PATCH 8/8] chore(lint): remove deprecated linters CI run reported that the `deadcode` and `varcheck` linters are deprecated and replaced with `unused` which we are already using. --- .trunk/configs/.golangci.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.trunk/configs/.golangci.yml b/.trunk/configs/.golangci.yml index a2c611b4..37781d27 100644 --- a/.trunk/configs/.golangci.yml +++ b/.trunk/configs/.golangci.yml @@ -14,7 +14,6 @@ issues: linters: disable-all: true enable: - - deadcode - errcheck - gofmt - gosimple @@ -24,7 +23,6 @@ linters: - staticcheck - unconvert - unused - - varcheck - vet - goimports - gomnd