diff --git a/Makefile b/Makefile index df54f2121..18d65b2e9 100644 --- a/Makefile +++ b/Makefile @@ -118,7 +118,11 @@ generate-restore-yaml: generate-backup-yaml: ./cmd/example-gen/scripts/generate.sh ps-backup -manifests: kustomize generate generate-cr-yaml generate-restore-yaml generate-backup-yaml ## Generate Kubernetes manifests (CRDs, RBAC, operator deployment) +.PHONY: generate-helm-chart +generate-helm-chart: + ./cmd/example-gen/scripts/generate.sh chart + +manifests: kustomize generate generate-cr-yaml generate-restore-yaml generate-backup-yaml generate-helm-chart ## Generate Kubernetes manifests (CRDs, RBAC, operator deployment) $(KUSTOMIZE) build config/crd/ > $(DEPLOYDIR)/crd.yaml echo "---" >> $(DEPLOYDIR)/crd.yaml diff --git a/cmd/example-gen/cmd/chart-gen/main.go b/cmd/example-gen/cmd/chart-gen/main.go new file mode 100644 index 000000000..9806add31 --- /dev/null +++ b/cmd/example-gen/cmd/chart-gen/main.go @@ -0,0 +1,63 @@ +package main + +import ( + "embed" + "fmt" + "os" + + "github.com/elastic/crd-ref-docs/config" + "github.com/elastic/crd-ref-docs/processor" + "github.com/pkg/errors" + + "github.com/percona/percona-server-mysql-operator/cmd/example-gen/internal/render" +) + +//go:embed templates/*.tpl +var templates embed.FS + +func main() { + if len(os.Args) != 2 { + fmt.Printf("Expected 1 argument (source path). Got %d\n", len(os.Args)-1) + os.Exit(1) + } + if err := printHelm(os.Args[1]); err != nil { + panic(err) + } +} + +func printHelm(sourcePath string) error { + conf := &config.Config{ + Processor: config.ProcessorConfig{ + IgnoreTypes: []string{ + "PerconaServerMySQLStatus", + "PiTRSpec", + }, + IgnoreFields: []string{ + // Deprecated field + "initImage", + }, + }, + Flags: config.Flags{ + SourcePath: sourcePath, + MaxDepth: 20, + }, + } + + gvd, err := processor.Process(conf) + if err != nil { + return errors.Wrap(err, "process") + } + if len(gvd) != 1 { + return errors.New("unexpected gvd length") + } + + t, ok := gvd[0].Types["PerconaServerMySQL"] + if !ok { + return errors.New("PerconaServerMySQL type is not found") + } + if err := render.Helm(os.Stdout, t, templates); err != nil { + return errors.Wrap(err, "render") + } + + return nil +} diff --git a/cmd/example-gen/cmd/chart-gen/templates/helm.tpl b/cmd/example-gen/cmd/chart-gen/templates/helm.tpl new file mode 100644 index 000000000..799917e6b --- /dev/null +++ b/cmd/example-gen/cmd/chart-gen/templates/helm.tpl @@ -0,0 +1,61 @@ +{{/* vim: filetype=gotmpl */}} +{{- define "main" -}} +{{ "{{/* vim: filetype=helm */}}" }} +{{ "{{/* AUTOGENERATED FILE — DO NOT EDIT */}}\n" }} +{{- range $m := .Members }} + {{- template "member" (list $m 0 "") }} +{{- end }} +{{- end -}} + +{{- define "member" -}} +{{- $field := index . 0 -}} +{{- $depth := index . 1 -}} +{{- $prefix := index . 2 -}} +{{- $width := mul $depth 2 -}} +{{- $pad := printf "%*s" $width "" -}} + +{{- $path := $field.Name -}} +{{- if and (ne $prefix "") -}} + {{- $path = printf "%s.%s" $prefix $field.Name -}} +{{- end -}} + +{{- if and (ne $width 0) (not (helmIsRequired $field)) -}} + {{- printf "%s" $pad -}} + {{- printf "{{- if .Values.%s }}\n" (trimPrefix "spec." $path) -}} +{{- end -}} + +{{- printf "%s%s: " $pad $field.Name -}} + +{{- if ne (helmCustomValue $path) "" }} + {{- helmCustomValue $path -}}{{- printf "\n" -}} +{{- else -}} + {{- if helmShouldRenderInner $field.Type }} + {{- printf "\n" -}} + {{- range $child := $field.Type.Members }} + {{- template "member" (list $child (add $depth 1) $path) }} + {{- end }} + {{- else }} + {{- if gt (len $field.Type.Members) 0 }} + {{- $innerPad := printf "%*s" (add $width 2) "" -}} + {{- if eq $prefix "" -}} + {{- printf "\n%s{{- .Values.%s | toYaml | nindent %d }}\n" $innerPad (trimPrefix "spec." $path) $width -}} + {{- else -}} + {{- printf "\n%s{{- .Values.%s | toYaml | nindent %d }}\n" $innerPad (trimPrefix "spec." $path) (add $width 2) -}} + {{- end -}} + {{- else -}} + {{- printf "{{ .Values.%s }}\n" (trimPrefix "spec." $path) -}} + {{- if and (ne $width 0) (not (helmIsRequired $field)) (ne (helmDefault $path) "") -}} + {{- printf "%s{{- else }}\n" $pad -}} + {{- printf "%s%s: %s\n" $pad $field.Name (helmDefault $path) -}} + {{- end -}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{- if and (ne $width 0) (not (helmIsRequired $field)) -}} + {{- printf "%s" $pad -}} + {{- printf "{{- end }}\n" -}} +{{- end -}} + +{{- end -}} + diff --git a/cmd/example-gen/main.go b/cmd/example-gen/cmd/cr-gen/main.go similarity index 100% rename from cmd/example-gen/main.go rename to cmd/example-gen/cmd/cr-gen/main.go diff --git a/cmd/example-gen/internal/render/helm.go b/cmd/example-gen/internal/render/helm.go new file mode 100644 index 000000000..e508683ce --- /dev/null +++ b/cmd/example-gen/internal/render/helm.go @@ -0,0 +1,101 @@ +package render + +import ( + "io" + "io/fs" + "maps" + "text/template" + + "github.com/Masterminds/sprig" + "github.com/elastic/crd-ref-docs/types" + "github.com/pkg/errors" +) + +func Helm(wr io.Writer, t *types.Type, f fs.FS) error { + tplFS, err := fs.Sub(f, "templates") + if err != nil { + return errors.Wrap(err, "sub") + } + + tmpl, err := template.New("").Funcs(funcMap()).ParseFS(tplFS, "*.tpl") + if err != nil { + return errors.Wrap(err, "parse fs") + } + + if err := tmpl.ExecuteTemplate(wr, "main", t); err != nil { + return errors.Wrap(err, "execute template") + } + return nil +} + +func funcMap() template.FuncMap { + fm := template.FuncMap{ + "helmShouldRenderInner": shouldRenderInner, + "helmIsRequired": isRequired, + "helmCustomValue": customValue, + "helmDefault": defaultValue, + } + maps.Copy(fm, sprig.TxtFuncMap()) + return fm +} + +func shouldRenderInner(t *types.Type) bool { + return t != nil && t.Package == "github.com/percona/percona-server-mysql-operator/api/v1" && len(t.Members()) > 0 +} + +func isRequired(t *types.Field) bool { + if t == nil { + return false + } + _, ok := t.Markers["kubebuilder:validation:Required"] + return ok +} + +func customValue(keyPath string) string { + switch keyPath { + case "spec.mysql.image": + return `"{{ .Values.mysql.image.repository }}:{{ .Values.mysql.image.tag }}"` + case "spec.proxy.haproxy.image": + return `"{{ .Values.proxy.haproxy.image.repository }}:{{ .Values.proxy.haproxy.image.tag }}"` + case "spec.proxy.router.image": + return `"{{ .Values.proxy.router.image.repository }}:{{ .Values.proxy.router.image.tag }}"` + case "spec.orchestrator.image": + return `"{{ .Values.orchestrator.image.repository }}:{{ .Values.orchestrator.image.tag }}"` + case "spec.toolkit.image": + return `"{{ .Values.toolkit.image.repository }}:{{ .Values.toolkit.image.tag }}"` + case "spec.pmm.image": + return `"{{ .Values.pmm.image.repository }}:{{ .Values.pmm.image.tag }}"` + case "spec.crVersion": + return `{{ .Chart.AppVersion }}` + case "apiVersion": + return `ps.percona.com/v1alpha1` + case "kind": + return `PerconaServerMySQL` + case "metadata": + return ` + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"ps.percona.com/v1alpha1","kind":"PerconaServerMySQL"} + name: {{ include "ps-database.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: +{{ include "ps-database.labels" . | indent 4 }} + finalizers: +{{ .Values.finalizers | toYaml | indent 4 }}` + default: + return "" + } +} + +func defaultValue(keyPath string) string { + switch keyPath { + case "spec.secretsName": + return `{{ include "ps-database.fullname" . }}-secrets` + case "spec.sslSecretName": + return `{{ include "ps-database.fullname" . }}-ssl` + case "spec.proxy.haproxy.initContainer.image", "spec.backup.initContainer.image", "spec.initContainer.image", "spec.mysql.initContainer.image": + return `{{ include "ps-database.operator-image" . }}` + default: + return "" + } +} diff --git a/cmd/example-gen/scripts/generate.sh b/cmd/example-gen/scripts/generate.sh index 4850e60bb..597afffb5 100755 --- a/cmd/example-gen/scripts/generate.sh +++ b/cmd/example-gen/scripts/generate.sh @@ -17,13 +17,36 @@ case "$resource" in # shellcheck source=cmd/example-gen/scripts/lib/ps-restore.sh . "$SCRIPT_DIR/lib/ps-restore.sh" ;; + chart) + # shellcheck source=cmd/example-gen/scripts/lib/chart.sh + . "$SCRIPT_DIR/lib/chart.sh" + + go run cmd/example-gen/cmd/cr-gen/main.go "ps" \ + | remove_fields \ + | yq 'del(.kind) | del(.apiVersion) | del(.status)' \ + | yq '.finalizers = .metadata.finalizers | del(.metadata)' \ + | yq '. = (. + .spec) | del(.spec)' \ + | yq '.nameOverride = ""' \ + | yq '.fullnameOverride = ""' \ + | replace_image ".mysql" \ + | replace_image ".orchestrator" \ + | replace_image ".proxy.haproxy" \ + | replace_image ".proxy.router" \ + | replace_image ".toolkit" \ + | replace_image ".pmm" \ + | sort_yaml '.' \ + | comment_fields '.' >deploy/chart/values.yaml + + go run cmd/example-gen/cmd/chart-gen/main.go api/v1 >deploy/chart/templates/cluster.yaml + exit 0 + ;; *) - echo "Usage: $0 {ps|ps-backup|ps-restore}" >&2 + echo "Usage: $0 {ps|ps-backup|ps-restore|chart}" >&2 exit 2 ;; esac -go run cmd/example-gen/main.go "$resource" \ +go run cmd/example-gen/cmd/cr-gen/main.go "$resource" \ | sort_yaml \ | remove_fields \ | comment_fields \ diff --git a/cmd/example-gen/scripts/lib/chart.sh b/cmd/example-gen/scripts/lib/chart.sh new file mode 100644 index 000000000..41b5fdafe --- /dev/null +++ b/cmd/example-gen/scripts/lib/chart.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash + +# shellcheck source=cmd/example-gen/scripts/lib/ps.sh +. "$SCRIPT_DIR/lib/ps.sh" + +replace_image() { + local path=$1 + + local image + local repository + local tag + + tmp="$(mktemp)" + cat >"$tmp" + + image=$(yq "$path.image" "$tmp") + + tag="${image##*:}" + repository="${image%:*}" + + yq "del($path.image) | $path.image.repository=\"$repository\" | $path.image.tag=\"$tag\"" "$tmp" + + rm -f "$tmp" +} diff --git a/cmd/example-gen/scripts/lib/ps.sh b/cmd/example-gen/scripts/lib/ps.sh index 1f0243ef9..3837cbc4b 100644 --- a/cmd/example-gen/scripts/lib/ps.sh +++ b/cmd/example-gen/scripts/lib/ps.sh @@ -6,7 +6,9 @@ export RESOURCE_PATH="deploy/cr.yaml" sort_yaml() { - GENERAL_ORDER='"metadata", "unsafeFlags", "pause", "crVersion", "enableVolumeExpansion", "secretsName", "sslSecretName", "updateStrategy", "upgradeOptions", "initContainer", "ignoreAnnotations", "ignoreLabels", "tls", "mysql", "proxy", "orchestrator", "pmm", "backup", "toolkit"' + local prefix="${1:-.spec}" + + GENERAL_ORDER='"nameOverride", "fullnameOverride", "finalizers", "metadata", "unsafeFlags", "pause", "crVersion", "enableVolumeExpansion", "secretsName", "sslSecretName", "updateStrategy", "upgradeOptions", "initContainer", "ignoreAnnotations", "ignoreLabels", "tls", "mysql", "proxy", "orchestrator", "pmm", "backup", "toolkit"' POD_SPEC_ORDER='"size", "image", "imagePullPolicy","imagePullSecrets", "runtimeClassName", "tolerations", "annotations", "labels", "nodeSelector", "priorityClassName", "schedulerName", "serviceAccountName","gracePeriod", "initContainer", "env", "envFrom", "podDisruptionBudget", "resources","startupProbe", "readinessProbe", "livenessProbe", "affinity", "topologySpreadConstraints", "containerSecurityContext", "podSecurityContext"' MYSQL_ORDER='"clusterType", "autoRecovery", "vaultSecretName", '"$POD_SPEC_ORDER"',"exposePrimary", "expose", "volumeSpec", "configuration", "sidecars", "sidecarVolumes", "sidecarPVCs"' @@ -18,15 +20,21 @@ sort_yaml() { BACKUP_ORDER='"enabled","pitr","sourcePod","image","imagePullPolicy","imagePullSecrets","schedule","backoffLimit", "serviceAccountName", "initContainer", "containerSecurityContext", "resources","storages","pitr"' TOOLKIT_ORDER='"image","imagePullPolicy","imagePullSecrets","env","envFrom","resources","containerSecurityContext", "startupProbe", "readinessProbe", "livenessProbe"' + local base_path=$prefix + + if [[ $prefix == '.' ]]; then + prefix='' + fi + yq - \ - | yq '.spec |= pick((['"$GENERAL_ORDER"'] + keys) | unique)' \ - | yq '.spec.mysql |= pick((['"$MYSQL_ORDER"'] + keys) | unique)' \ - | yq '.spec.proxy.haproxy |= pick((['"$HAPROXY_ORDER"'] + keys) | unique)' \ - | yq '.spec.proxy.router |= pick((['"$ROUTER_ORDER"'] + keys) | unique)' \ - | yq '.spec.orchestrator |= pick((['"$ORCHESTRATOR_ORDER"'] + keys) | unique)' \ - | yq '.spec.pmm |= pick((['"$PMM_ORDER"'] + keys) | unique)' \ - | yq '.spec.backup |= pick((['"$BACKUP_ORDER"'] + keys) | unique)' \ - | yq '.spec.toolkit |= pick((['"$TOOLKIT_ORDER"'] + keys) | unique)' + | yq "$base_path"' |= pick((['"$GENERAL_ORDER"'] + keys) | unique)' \ + | yq "$prefix"'.mysql |= pick((['"$MYSQL_ORDER"'] + keys) | unique)' \ + | yq "$prefix"'.proxy.haproxy |= pick((['"$HAPROXY_ORDER"'] + keys) | unique)' \ + | yq "$prefix"'.proxy.router |= pick((['"$ROUTER_ORDER"'] + keys) | unique)' \ + | yq "$prefix"'.orchestrator |= pick((['"$ORCHESTRATOR_ORDER"'] + keys) | unique)' \ + | yq "$prefix"'.pmm |= pick((['"$PMM_ORDER"'] + keys) | unique)' \ + | yq "$prefix"'.backup |= pick((['"$BACKUP_ORDER"'] + keys) | unique)' \ + | yq "$prefix"'.toolkit |= pick((['"$TOOLKIT_ORDER"'] + keys) | unique)' } remove_fields() { @@ -58,156 +66,165 @@ remove_fields() { } del_fields_to_comment() { + local prefix="${1:-.spec}" + + local metadata_path=".metadata" + + if [[ $prefix == '.' ]]; then + metadata_path='' + prefix='' + fi + yq - \ - | yq "del(.metadata.finalizers[1])" \ - | yq "del(.metadata.finalizers[1])" \ - | yq "del(.spec.metadata)" \ - | yq "del(.spec.unsafeFlags)" \ - | yq "del(.spec.pause)" \ - | yq "del(.spec.enableVolumeExpansion)" \ - | yq "del(.spec.initContainer)" \ - | yq "del(.spec.ignoreAnnotations)" \ - | yq "del(.spec.ignoreLabels)" \ - | yq "del(.spec.tls)" \ - | yq "del(.spec.mysql.runtimeClassName)" \ - | yq "del(.spec.mysql.tolerations)" \ - | yq "del(.spec.mysql.annotations)" \ - | yq "del(.spec.mysql.labels)" \ - | yq "del(.spec.mysql.nodeSelector)" \ - | yq "del(.spec.mysql.priorityClassName)" \ - | yq "del(.spec.mysql.schedulerName)" \ - | yq "del(.spec.mysql.serviceAccountName)" \ - | yq "del(.spec.mysql.imagePullSecrets)" \ - | yq "del(.spec.mysql.initContainer)" \ - | yq "del(.spec.mysql.vaultSecretName)" \ - | yq "del(.spec.mysql.env)" \ - | yq "del(.spec.mysql.envFrom)" \ - | yq "del(.spec.mysql.podDisruptionBudget.minAvailable)" \ - | yq "del(.spec.mysql.startupProbe)" \ - | yq "del(.spec.mysql.readinessProbe)" \ - | yq "del(.spec.mysql.livenessProbe)" \ - | yq "del(.spec.mysql.affinity.advanced)" \ - | yq "del(.spec.mysql.topologySpreadConstraints)" \ - | yq "del(.spec.mysql.expose)" \ - | yq "del(.spec.mysql.exposePrimary.annotations)" \ - | yq "del(.spec.mysql.exposePrimary.labels)" \ - | yq "del(.spec.mysql.exposePrimary.loadBalancerSourceRanges)" \ - | yq "del(.spec.mysql.exposePrimary.type)" \ - | yq "del(.spec.mysql.exposePrimary.internalTrafficPolicy)" \ - | yq "del(.spec.mysql.exposePrimary.externalTrafficPolicy)" \ - | yq "del(.spec.mysql.containerSecurityContext)" \ - | yq "del(.spec.mysql.podSecurityContext)" \ - | yq "del(.spec.mysql.configuration)" \ - | yq "del(.spec.mysql.sidecars)" \ - | yq "del(.spec.mysql.sidecarVolumes)" \ - | yq "del(.spec.mysql.sidecarPVCs)" \ - | yq "del(.spec.mysql.volumeSpec.emptyDir)" \ - | yq "del(.spec.mysql.volumeSpec.hostPath)" \ - | yq "del(.spec.mysql.volumeSpec.persistentVolumeClaim.storageClassName)" \ - | yq "del(.spec.mysql.volumeSpec.persistentVolumeClaim.accessModes)" \ - | yq "del(.spec.proxy.haproxy.runtimeClassName)" \ - | yq "del(.spec.proxy.haproxy.tolerations)" \ - | yq "del(.spec.proxy.haproxy.annotations)" \ - | yq "del(.spec.proxy.haproxy.labels)" \ - | yq "del(.spec.proxy.haproxy.nodeSelector)" \ - | yq "del(.spec.proxy.haproxy.priorityClassName)" \ - | yq "del(.spec.proxy.haproxy.schedulerName)" \ - | yq "del(.spec.proxy.haproxy.serviceAccountName)" \ - | yq "del(.spec.proxy.haproxy.imagePullSecrets)" \ - | yq "del(.spec.proxy.haproxy.podDisruptionBudget.minAvailable)" \ - | yq "del(.spec.proxy.haproxy.resources.limits)" \ - | yq "del(.spec.proxy.haproxy.env)" \ - | yq "del(.spec.proxy.haproxy.envFrom)" \ - | yq "del(.spec.proxy.haproxy.startupProbe)" \ - | yq "del(.spec.proxy.haproxy.readinessProbe)" \ - | yq "del(.spec.proxy.haproxy.livenessProbe)" \ - | yq "del(.spec.proxy.haproxy.affinity.advanced)" \ - | yq "del(.spec.proxy.haproxy.expose)" \ - | yq "del(.spec.proxy.haproxy.topologySpreadConstraints)" \ - | yq "del(.spec.proxy.haproxy.initContainer)" \ - | yq "del(.spec.proxy.haproxy.containerSecurityContext)" \ - | yq "del(.spec.proxy.haproxy.podSecurityContext)" \ - | yq "del(.spec.proxy.haproxy.configuration)" \ - | yq "del(.spec.proxy.router.runtimeClassName)" \ - | yq "del(.spec.proxy.router.tolerations)" \ - | yq "del(.spec.proxy.router.annotations)" \ - | yq "del(.spec.proxy.router.labels)" \ - | yq "del(.spec.proxy.router.nodeSelector)" \ - | yq "del(.spec.proxy.router.priorityClassName)" \ - | yq "del(.spec.proxy.router.schedulerName)" \ - | yq "del(.spec.proxy.router.serviceAccountName)" \ - | yq "del(.spec.proxy.router.imagePullSecrets)" \ - | yq "del(.spec.proxy.router.podDisruptionBudget.minAvailable)" \ - | yq "del(.spec.proxy.router.env)" \ - | yq "del(.spec.proxy.router.envFrom)" \ - | yq "del(.spec.proxy.router.startupProbe)" \ - | yq "del(.spec.proxy.router.readinessProbe)" \ - | yq "del(.spec.proxy.router.livenessProbe)" \ - | yq "del(.spec.proxy.router.affinity.advanced)" \ - | yq "del(.spec.proxy.router.expose)" \ - | yq "del(.spec.proxy.router.topologySpreadConstraints)" \ - | yq "del(.spec.proxy.router.initContainer)" \ - | yq "del(.spec.proxy.router.containerSecurityContext)" \ - | yq "del(.spec.proxy.router.podSecurityContext)" \ - | yq "del(.spec.proxy.router.configuration)" \ - | yq "del(.spec.proxy.router.ports)" \ - | yq "del(.spec.orchestrator.runtimeClassName)" \ - | yq "del(.spec.orchestrator.tolerations)" \ - | yq "del(.spec.orchestrator.annotations)" \ - | yq "del(.spec.orchestrator.labels)" \ - | yq "del(.spec.orchestrator.nodeSelector)" \ - | yq "del(.spec.orchestrator.priorityClassName)" \ - | yq "del(.spec.orchestrator.schedulerName)" \ - | yq "del(.spec.orchestrator.serviceAccountName)" \ - | yq "del(.spec.orchestrator.imagePullSecrets)" \ - | yq "del(.spec.orchestrator.podDisruptionBudget.minAvailable)" \ - | yq "del(.spec.orchestrator.env)" \ - | yq "del(.spec.orchestrator.envFrom)" \ - | yq "del(.spec.orchestrator.startupProbe)" \ - | yq "del(.spec.orchestrator.readinessProbe)" \ - | yq "del(.spec.orchestrator.livenessProbe)" \ - | yq "del(.spec.orchestrator.affinity.advanced)" \ - | yq "del(.spec.orchestrator.expose)" \ - | yq "del(.spec.orchestrator.topologySpreadConstraints)" \ - | yq "del(.spec.orchestrator.initContainer)" \ - | yq "del(.spec.orchestrator.containerSecurityContext)" \ - | yq "del(.spec.orchestrator.podSecurityContext)" \ - | yq "del(.spec.pmm.mysqlParams)" \ - | yq "del(.spec.pmm.readinessProbes)" \ - | yq "del(.spec.pmm.livenessProbes)" \ - | yq "del(.spec.pmm.containerSecurityContext)" \ - | yq "del(.spec.pmm.resources.limits)" \ - | yq "del(.spec.backup.sourcePod)" \ - | yq "del(.spec.backup.schedule)" \ - | yq "del(.spec.backup.backoffLimit)" \ - | yq "del(.spec.backup.imagePullSecrets)" \ - | yq "del(.spec.backup.initContainer)" \ - | yq "del(.spec.backup.containerSecurityContext)" \ - | yq "del(.spec.backup.resources)" \ - | yq "del(.spec.backup.serviceAccountName)" \ - | yq "del(.spec.backup.storages.azure-blob)" \ - | yq "del(.spec.backup.storages.s3-us-west.resources)" \ - | yq "del(.spec.backup.storages.s3-us-west.topologySpreadConstraints)" \ - | yq "del(.spec.backup.storages.s3-us-west.tolerations)" \ - | yq "del(.spec.backup.storages.s3-us-west.containerSecurityContext)" \ - | yq "del(.spec.backup.storages.s3-us-west.labels)" \ - | yq "del(.spec.backup.storages.s3-us-west.nodeSelector)" \ - | yq "del(.spec.backup.storages.s3-us-west.podSecurityContext)" \ - | yq "del(.spec.backup.storages.s3-us-west.priorityClassName)" \ - | yq "del(.spec.backup.storages.s3-us-west.annotations)" \ - | yq "del(.spec.backup.storages.s3-us-west.containerOptions)" \ - | yq "del(.spec.backup.storages.s3-us-west.volumeSpec)" \ - | yq "del(.spec.backup.storages.s3-us-west.affinity)" \ - | yq "del(.spec.backup.storages.s3-us-west.s3.prefix)" \ - | yq "del(.spec.backup.storages.s3-us-west.s3.endpointUrl)" \ - | yq "del(.spec.backup.storages.s3-us-west.schedulerName)" \ - | yq "del(.spec.backup.storages.s3-us-west.runtimeClassName)" \ - | yq "del(.spec.toolkit.imagePullSecrets)" \ - | yq "del(.spec.toolkit.env)" \ - | yq "del(.spec.toolkit.envFrom)" \ - | yq "del(.spec.toolkit.resources)" \ - | yq "del(.spec.toolkit.containerSecurityContext)" \ - | yq "del(.spec.toolkit.startupProbe)" \ - | yq "del(.spec.toolkit.readinessProbe)" \ - | yq "del(.spec.toolkit.livenessProbe)" + | yq "del($metadata_path.finalizers[1])" \ + | yq "del($metadata_path.finalizers[1])" \ + | yq "del($prefix.metadata)" \ + | yq "del($prefix.unsafeFlags)" \ + | yq "del($prefix.pause)" \ + | yq "del($prefix.enableVolumeExpansion)" \ + | yq "del($prefix.initContainer)" \ + | yq "del($prefix.ignoreAnnotations)" \ + | yq "del($prefix.ignoreLabels)" \ + | yq "del($prefix.tls)" \ + | yq "del($prefix.mysql.runtimeClassName)" \ + | yq "del($prefix.mysql.tolerations)" \ + | yq "del($prefix.mysql.annotations)" \ + | yq "del($prefix.mysql.labels)" \ + | yq "del($prefix.mysql.nodeSelector)" \ + | yq "del($prefix.mysql.priorityClassName)" \ + | yq "del($prefix.mysql.schedulerName)" \ + | yq "del($prefix.mysql.serviceAccountName)" \ + | yq "del($prefix.mysql.imagePullSecrets)" \ + | yq "del($prefix.mysql.initContainer)" \ + | yq "del($prefix.mysql.vaultSecretName)" \ + | yq "del($prefix.mysql.env)" \ + | yq "del($prefix.mysql.envFrom)" \ + | yq "del($prefix.mysql.podDisruptionBudget.minAvailable)" \ + | yq "del($prefix.mysql.startupProbe)" \ + | yq "del($prefix.mysql.readinessProbe)" \ + | yq "del($prefix.mysql.livenessProbe)" \ + | yq "del($prefix.mysql.affinity.advanced)" \ + | yq "del($prefix.mysql.topologySpreadConstraints)" \ + | yq "del($prefix.mysql.expose)" \ + | yq "del($prefix.mysql.exposePrimary.annotations)" \ + | yq "del($prefix.mysql.exposePrimary.labels)" \ + | yq "del($prefix.mysql.exposePrimary.loadBalancerSourceRanges)" \ + | yq "del($prefix.mysql.exposePrimary.type)" \ + | yq "del($prefix.mysql.exposePrimary.internalTrafficPolicy)" \ + | yq "del($prefix.mysql.exposePrimary.externalTrafficPolicy)" \ + | yq "del($prefix.mysql.containerSecurityContext)" \ + | yq "del($prefix.mysql.podSecurityContext)" \ + | yq "del($prefix.mysql.configuration)" \ + | yq "del($prefix.mysql.sidecars)" \ + | yq "del($prefix.mysql.sidecarVolumes)" \ + | yq "del($prefix.mysql.sidecarPVCs)" \ + | yq "del($prefix.mysql.volumeSpec.emptyDir)" \ + | yq "del($prefix.mysql.volumeSpec.hostPath)" \ + | yq "del($prefix.mysql.volumeSpec.persistentVolumeClaim.storageClassName)" \ + | yq "del($prefix.mysql.volumeSpec.persistentVolumeClaim.accessModes)" \ + | yq "del($prefix.proxy.haproxy.runtimeClassName)" \ + | yq "del($prefix.proxy.haproxy.tolerations)" \ + | yq "del($prefix.proxy.haproxy.annotations)" \ + | yq "del($prefix.proxy.haproxy.labels)" \ + | yq "del($prefix.proxy.haproxy.nodeSelector)" \ + | yq "del($prefix.proxy.haproxy.priorityClassName)" \ + | yq "del($prefix.proxy.haproxy.schedulerName)" \ + | yq "del($prefix.proxy.haproxy.serviceAccountName)" \ + | yq "del($prefix.proxy.haproxy.imagePullSecrets)" \ + | yq "del($prefix.proxy.haproxy.podDisruptionBudget.minAvailable)" \ + | yq "del($prefix.proxy.haproxy.resources.limits)" \ + | yq "del($prefix.proxy.haproxy.env)" \ + | yq "del($prefix.proxy.haproxy.envFrom)" \ + | yq "del($prefix.proxy.haproxy.startupProbe)" \ + | yq "del($prefix.proxy.haproxy.readinessProbe)" \ + | yq "del($prefix.proxy.haproxy.livenessProbe)" \ + | yq "del($prefix.proxy.haproxy.affinity.advanced)" \ + | yq "del($prefix.proxy.haproxy.expose)" \ + | yq "del($prefix.proxy.haproxy.topologySpreadConstraints)" \ + | yq "del($prefix.proxy.haproxy.initContainer)" \ + | yq "del($prefix.proxy.haproxy.containerSecurityContext)" \ + | yq "del($prefix.proxy.haproxy.podSecurityContext)" \ + | yq "del($prefix.proxy.haproxy.configuration)" \ + | yq "del($prefix.proxy.router.runtimeClassName)" \ + | yq "del($prefix.proxy.router.tolerations)" \ + | yq "del($prefix.proxy.router.annotations)" \ + | yq "del($prefix.proxy.router.labels)" \ + | yq "del($prefix.proxy.router.nodeSelector)" \ + | yq "del($prefix.proxy.router.priorityClassName)" \ + | yq "del($prefix.proxy.router.schedulerName)" \ + | yq "del($prefix.proxy.router.serviceAccountName)" \ + | yq "del($prefix.proxy.router.imagePullSecrets)" \ + | yq "del($prefix.proxy.router.podDisruptionBudget.minAvailable)" \ + | yq "del($prefix.proxy.router.env)" \ + | yq "del($prefix.proxy.router.envFrom)" \ + | yq "del($prefix.proxy.router.startupProbe)" \ + | yq "del($prefix.proxy.router.readinessProbe)" \ + | yq "del($prefix.proxy.router.livenessProbe)" \ + | yq "del($prefix.proxy.router.affinity.advanced)" \ + | yq "del($prefix.proxy.router.expose)" \ + | yq "del($prefix.proxy.router.topologySpreadConstraints)" \ + | yq "del($prefix.proxy.router.initContainer)" \ + | yq "del($prefix.proxy.router.containerSecurityContext)" \ + | yq "del($prefix.proxy.router.podSecurityContext)" \ + | yq "del($prefix.proxy.router.configuration)" \ + | yq "del($prefix.proxy.router.ports)" \ + | yq "del($prefix.orchestrator.runtimeClassName)" \ + | yq "del($prefix.orchestrator.tolerations)" \ + | yq "del($prefix.orchestrator.annotations)" \ + | yq "del($prefix.orchestrator.labels)" \ + | yq "del($prefix.orchestrator.nodeSelector)" \ + | yq "del($prefix.orchestrator.priorityClassName)" \ + | yq "del($prefix.orchestrator.schedulerName)" \ + | yq "del($prefix.orchestrator.serviceAccountName)" \ + | yq "del($prefix.orchestrator.imagePullSecrets)" \ + | yq "del($prefix.orchestrator.podDisruptionBudget.minAvailable)" \ + | yq "del($prefix.orchestrator.env)" \ + | yq "del($prefix.orchestrator.envFrom)" \ + | yq "del($prefix.orchestrator.startupProbe)" \ + | yq "del($prefix.orchestrator.readinessProbe)" \ + | yq "del($prefix.orchestrator.livenessProbe)" \ + | yq "del($prefix.orchestrator.affinity.advanced)" \ + | yq "del($prefix.orchestrator.expose)" \ + | yq "del($prefix.orchestrator.topologySpreadConstraints)" \ + | yq "del($prefix.orchestrator.initContainer)" \ + | yq "del($prefix.orchestrator.containerSecurityContext)" \ + | yq "del($prefix.orchestrator.podSecurityContext)" \ + | yq "del($prefix.pmm.mysqlParams)" \ + | yq "del($prefix.pmm.readinessProbes)" \ + | yq "del($prefix.pmm.livenessProbes)" \ + | yq "del($prefix.pmm.containerSecurityContext)" \ + | yq "del($prefix.pmm.resources.limits)" \ + | yq "del($prefix.backup.sourcePod)" \ + | yq "del($prefix.backup.schedule)" \ + | yq "del($prefix.backup.backoffLimit)" \ + | yq "del($prefix.backup.imagePullSecrets)" \ + | yq "del($prefix.backup.initContainer)" \ + | yq "del($prefix.backup.containerSecurityContext)" \ + | yq "del($prefix.backup.resources)" \ + | yq "del($prefix.backup.serviceAccountName)" \ + | yq "del($prefix.backup.storages.azure-blob)" \ + | yq "del($prefix.backup.storages.s3-us-west.resources)" \ + | yq "del($prefix.backup.storages.s3-us-west.topologySpreadConstraints)" \ + | yq "del($prefix.backup.storages.s3-us-west.tolerations)" \ + | yq "del($prefix.backup.storages.s3-us-west.containerSecurityContext)" \ + | yq "del($prefix.backup.storages.s3-us-west.labels)" \ + | yq "del($prefix.backup.storages.s3-us-west.nodeSelector)" \ + | yq "del($prefix.backup.storages.s3-us-west.podSecurityContext)" \ + | yq "del($prefix.backup.storages.s3-us-west.priorityClassName)" \ + | yq "del($prefix.backup.storages.s3-us-west.annotations)" \ + | yq "del($prefix.backup.storages.s3-us-west.containerOptions)" \ + | yq "del($prefix.backup.storages.s3-us-west.volumeSpec)" \ + | yq "del($prefix.backup.storages.s3-us-west.affinity)" \ + | yq "del($prefix.backup.storages.s3-us-west.s3.prefix)" \ + | yq "del($prefix.backup.storages.s3-us-west.s3.endpointUrl)" \ + | yq "del($prefix.backup.storages.s3-us-west.schedulerName)" \ + | yq "del($prefix.backup.storages.s3-us-west.runtimeClassName)" \ + | yq "del($prefix.toolkit.imagePullSecrets)" \ + | yq "del($prefix.toolkit.env)" \ + | yq "del($prefix.toolkit.envFrom)" \ + | yq "del($prefix.toolkit.resources)" \ + | yq "del($prefix.toolkit.containerSecurityContext)" \ + | yq "del($prefix.toolkit.startupProbe)" \ + | yq "del($prefix.toolkit.readinessProbe)" \ + | yq "del($prefix.toolkit.livenessProbe)" } diff --git a/cmd/example-gen/scripts/lib/util.sh b/cmd/example-gen/scripts/lib/util.sh index 3821eb702..a5be78d8a 100644 --- a/cmd/example-gen/scripts/lib/util.sh +++ b/cmd/example-gen/scripts/lib/util.sh @@ -1,6 +1,8 @@ #!/usr/bin/env bash comment_fields() { + local prefix="${1:-.spec}" + local tmp_old tmp_new tmp_diff tmp_out tmp_old=$(mktemp) @@ -9,7 +11,7 @@ comment_fields() { tmp_out=$(mktemp) yq - >"$tmp_old" - del_fields_to_comment <"$tmp_old" >"$tmp_new" + del_fields_to_comment "$prefix" <"$tmp_old" >"$tmp_new" diff "$tmp_old" "$tmp_new" >"$tmp_diff" diff --git a/deploy/chart/Chart.yaml b/deploy/chart/Chart.yaml new file mode 100644 index 000000000..78dd9f56d --- /dev/null +++ b/deploy/chart/Chart.yaml @@ -0,0 +1,13 @@ +apiVersion: v2 +appVersion: "1.0.0" +description: A Helm chart for installing Percona Server Databases using the PS Operator. +name: ps-db +home: https://www.percona.com/doc/kubernetes-operator-for-mysql/ps +version: 1.0.0 +maintainers: + - name: jvpasinatto + email: julio.pasinatto@percona.com + - name: nmarukovich + email: natalia.marukovich@percona.com + - name: eleo007 + email: eleonora.zinchenko@percona.com diff --git a/deploy/chart/templates/_helpers.tpl b/deploy/chart/templates/_helpers.tpl new file mode 100644 index 000000000..f6b3b2157 --- /dev/null +++ b/deploy/chart/templates/_helpers.tpl @@ -0,0 +1,52 @@ +{{/* vim: filetype=helm */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "ps-database.name" -}} + {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ps-database.fullname" -}} + {{- if .Values.fullnameOverride -}} + {{- .Values.fullnameOverride | trunc 21 | trimSuffix "-" -}} + {{- else -}} + {{- $name := default .Chart.Name .Values.nameOverride -}} + {{- if contains $name .Release.Name -}} + {{- .Release.Name | trunc 21 | trimSuffix "-" -}} + {{- else -}} + {{- printf "%s-%s" .Release.Name $name | trunc 21 | trimSuffix "-" -}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ps-database.chart" -}} + {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 21 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "ps-database.labels" -}} +app.kubernetes.io/name: {{ include "ps-database.name" . }} +helm.sh/chart: {{ include "ps-database.chart" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Returns image URI according to parameters set +*/}} +{{- define "ps-database.operator-image" -}} + {{- printf "%s:%s" .Values.operatorImageRepository .Chart.AppVersion }} +{{- end -}} diff --git a/deploy/chart/templates/cluster-secret.yaml b/deploy/chart/templates/cluster-secret.yaml new file mode 100644 index 000000000..05da21dca --- /dev/null +++ b/deploy/chart/templates/cluster-secret.yaml @@ -0,0 +1,17 @@ +{{/* vim: filetype=helm */}} +{{- if .Values.passwords }} +apiVersion: v1 +kind: Secret +metadata: + {{- if hasKey .Values "secretsName" }} + name: {{ .Values.secretsName }} + {{- else }} + name: {{ include "ps-database.fullname" . }}-secrets + {{- end }} + namespace: {{ .Release.Namespace }} + labels: +{{ include "ps-database.labels" . | indent 4 }} +type: Opaque +stringData: +{{ .Values.passwords | toYaml | indent 2 }} +{{- end -}} diff --git a/deploy/chart/templates/cluster.yaml b/deploy/chart/templates/cluster.yaml new file mode 100644 index 000000000..8afc50e82 --- /dev/null +++ b/deploy/chart/templates/cluster.yaml @@ -0,0 +1,869 @@ +{{/* vim: filetype=helm */}} +{{/* AUTOGENERATED FILE — DO NOT EDIT */}} +kind: PerconaServerMySQL +apiVersion: ps.percona.com/v1alpha1 +metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"ps.percona.com/v1alpha1","kind":"PerconaServerMySQL"} + name: {{ include "ps-database.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: +{{ include "ps-database.labels" . | indent 4 }} + finalizers: +{{ .Values.finalizers | toYaml | indent 4 }} +spec: + {{- if .Values.metadata }} + metadata: + {{- if .Values.metadata.labels }} + labels: {{ .Values.metadata.labels }} + {{- end }} + {{- if .Values.metadata.annotations }} + annotations: {{ .Values.metadata.annotations }} + {{- end }} + {{- end }} + {{- if .Values.crVersion }} + crVersion: {{ .Chart.AppVersion }} + {{- end }} + {{- if .Values.pause }} + pause: {{ .Values.pause }} + {{- end }} + {{- if .Values.enableVolumeExpansion }} + enableVolumeExpansion: {{ .Values.enableVolumeExpansion }} + {{- end }} + {{- if .Values.secretsName }} + secretsName: {{ .Values.secretsName }} + {{- else }} + secretsName: {{ include "ps-database.fullname" . }}-secrets + {{- end }} + {{- if .Values.sslSecretName }} + sslSecretName: {{ .Values.sslSecretName }} + {{- else }} + sslSecretName: {{ include "ps-database.fullname" . }}-ssl + {{- end }} + {{- if .Values.unsafeFlags }} + unsafeFlags: + {{- if .Values.unsafeFlags.mysqlSize }} + mysqlSize: {{ .Values.unsafeFlags.mysqlSize }} + {{- end }} + {{- if .Values.unsafeFlags.proxy }} + proxy: {{ .Values.unsafeFlags.proxy }} + {{- end }} + {{- if .Values.unsafeFlags.proxySize }} + proxySize: {{ .Values.unsafeFlags.proxySize }} + {{- end }} + {{- if .Values.unsafeFlags.orchestrator }} + orchestrator: {{ .Values.unsafeFlags.orchestrator }} + {{- end }} + {{- if .Values.unsafeFlags.orchestratorSize }} + orchestratorSize: {{ .Values.unsafeFlags.orchestratorSize }} + {{- end }} + {{- end }} + {{- if .Values.ignoreAnnotations }} + ignoreAnnotations: {{ .Values.ignoreAnnotations }} + {{- end }} + {{- if .Values.ignoreLabels }} + ignoreLabels: {{ .Values.ignoreLabels }} + {{- end }} + {{- if .Values.mysql }} + mysql: + {{- if .Values.mysql.clusterType }} + clusterType: {{ .Values.mysql.clusterType }} + {{- end }} + {{- if .Values.mysql.exposePrimary }} + exposePrimary: + {{- if .Values.mysql.exposePrimary.enabled }} + enabled: {{ .Values.mysql.exposePrimary.enabled }} + {{- end }} + {{- if .Values.mysql.exposePrimary.type }} + type: {{ .Values.mysql.exposePrimary.type }} + {{- end }} + {{- if .Values.mysql.exposePrimary.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{ .Values.mysql.exposePrimary.loadBalancerSourceRanges }} + {{- end }} + {{- if .Values.mysql.exposePrimary.annotations }} + annotations: {{ .Values.mysql.exposePrimary.annotations }} + {{- end }} + {{- if .Values.mysql.exposePrimary.labels }} + labels: {{ .Values.mysql.exposePrimary.labels }} + {{- end }} + {{- if .Values.mysql.exposePrimary.internalTrafficPolicy }} + internalTrafficPolicy: {{ .Values.mysql.exposePrimary.internalTrafficPolicy }} + {{- end }} + {{- if .Values.mysql.exposePrimary.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.mysql.exposePrimary.externalTrafficPolicy }} + {{- end }} + {{- end }} + {{- if .Values.mysql.expose }} + expose: + {{- if .Values.mysql.expose.enabled }} + enabled: {{ .Values.mysql.expose.enabled }} + {{- end }} + {{- if .Values.mysql.expose.type }} + type: {{ .Values.mysql.expose.type }} + {{- end }} + {{- if .Values.mysql.expose.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{ .Values.mysql.expose.loadBalancerSourceRanges }} + {{- end }} + {{- if .Values.mysql.expose.annotations }} + annotations: {{ .Values.mysql.expose.annotations }} + {{- end }} + {{- if .Values.mysql.expose.labels }} + labels: {{ .Values.mysql.expose.labels }} + {{- end }} + {{- if .Values.mysql.expose.internalTrafficPolicy }} + internalTrafficPolicy: {{ .Values.mysql.expose.internalTrafficPolicy }} + {{- end }} + {{- if .Values.mysql.expose.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.mysql.expose.externalTrafficPolicy }} + {{- end }} + {{- end }} + {{- if .Values.mysql.autoRecovery }} + autoRecovery: {{ .Values.mysql.autoRecovery }} + {{- end }} + {{- if .Values.mysql.sidecars }} + sidecars: + {{- .Values.mysql.sidecars | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.mysql.sidecarVolumes }} + sidecarVolumes: + {{- .Values.mysql.sidecarVolumes | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.mysql.sidecarPVCs }} + sidecarPVCs: + {{- if .Values.mysql.sidecarPVCs.name }} + name: {{ .Values.mysql.sidecarPVCs.name }} + {{- end }} + {{- if .Values.mysql.sidecarPVCs.spec }} + spec: + {{- .Values.mysql.sidecarPVCs.spec | toYaml | nindent 8 }} + {{- end }} + {{- end }} + {{- if .Values.mysql.vaultSecretName }} + vaultSecretName: {{ .Values.mysql.vaultSecretName }} + {{- end }} + {{- if .Values.mysql.volumeSpec }} + volumeSpec: + {{- if .Values.mysql.volumeSpec.emptyDir }} + emptyDir: + {{- .Values.mysql.volumeSpec.emptyDir | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.mysql.volumeSpec.hostPath }} + hostPath: + {{- .Values.mysql.volumeSpec.hostPath | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.mysql.volumeSpec.persistentVolumeClaim }} + persistentVolumeClaim: + {{- .Values.mysql.volumeSpec.persistentVolumeClaim | toYaml | nindent 8 }} + {{- end }} + {{- end }} + size: {{ .Values.mysql.size }} + {{- if .Values.mysql.annotations }} + annotations: {{ .Values.mysql.annotations }} + {{- end }} + {{- if .Values.mysql.labels }} + labels: {{ .Values.mysql.labels }} + {{- end }} + {{- if .Values.mysql.initContainer }} + initContainer: + {{- if .Values.mysql.initContainer.image }} + image: {{ .Values.mysql.initContainer.image }} + {{- else }} + image: {{ include "ps-database.operator-image" . }} + {{- end }} + {{- if .Values.mysql.initContainer.resources }} + resources: + {{- .Values.mysql.initContainer.resources | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.mysql.initContainer.containerSecurityContext }} + containerSecurityContext: + {{- .Values.mysql.initContainer.containerSecurityContext | toYaml | nindent 8 }} + {{- end }} + {{- end }} + {{- if .Values.mysql.affinity }} + affinity: + {{- if .Values.mysql.affinity.antiAffinityTopologyKey }} + antiAffinityTopologyKey: {{ .Values.mysql.affinity.antiAffinityTopologyKey }} + {{- end }} + {{- if .Values.mysql.affinity.advanced }} + advanced: + {{- .Values.mysql.affinity.advanced | toYaml | nindent 8 }} + {{- end }} + {{- end }} + {{- if .Values.mysql.topologySpreadConstraints }} + topologySpreadConstraints: + {{- .Values.mysql.topologySpreadConstraints | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.mysql.nodeSelector }} + nodeSelector: {{ .Values.mysql.nodeSelector }} + {{- end }} + {{- if .Values.mysql.tolerations }} + tolerations: + {{- .Values.mysql.tolerations | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.mysql.priorityClassName }} + priorityClassName: {{ .Values.mysql.priorityClassName }} + {{- end }} + {{- if .Values.mysql.gracePeriod }} + gracePeriod: {{ .Values.mysql.gracePeriod }} + {{- end }} + {{- if .Values.mysql.schedulerName }} + schedulerName: {{ .Values.mysql.schedulerName }} + {{- end }} + {{- if .Values.mysql.runtimeClassName }} + runtimeClassName: {{ .Values.mysql.runtimeClassName }} + {{- end }} + {{- if .Values.mysql.podSecurityContext }} + podSecurityContext: + {{- .Values.mysql.podSecurityContext | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.mysql.serviceAccountName }} + serviceAccountName: {{ .Values.mysql.serviceAccountName }} + {{- end }} + {{- if .Values.mysql.podDisruptionBudget }} + podDisruptionBudget: + {{- if .Values.mysql.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.mysql.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if .Values.mysql.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.mysql.podDisruptionBudget.maxUnavailable }} + {{- end }} + {{- end }} + {{- if .Values.mysql.configuration }} + configuration: {{ .Values.mysql.configuration }} + {{- end }} + {{- if .Values.mysql.image }} + image: "{{ .Values.mysql.image.repository }}:{{ .Values.mysql.image.tag }}" + {{- end }} + {{- if .Values.mysql.imagePullPolicy }} + imagePullPolicy: {{ .Values.mysql.imagePullPolicy }} + {{- end }} + {{- if .Values.mysql.imagePullSecrets }} + imagePullSecrets: + {{- .Values.mysql.imagePullSecrets | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.mysql.resources }} + resources: + {{- .Values.mysql.resources | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.mysql.startupProbe }} + startupProbe: + {{- .Values.mysql.startupProbe | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.mysql.readinessProbe }} + readinessProbe: + {{- .Values.mysql.readinessProbe | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.mysql.livenessProbe }} + livenessProbe: + {{- .Values.mysql.livenessProbe | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.mysql.containerSecurityContext }} + containerSecurityContext: + {{- .Values.mysql.containerSecurityContext | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.mysql.env }} + env: + {{- .Values.mysql.env | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.mysql.envFrom }} + envFrom: + {{- .Values.mysql.envFrom | toYaml | nindent 6 }} + {{- end }} + {{- end }} + {{- if .Values.orchestrator }} + orchestrator: + {{- if .Values.orchestrator.enabled }} + enabled: {{ .Values.orchestrator.enabled }} + {{- end }} + {{- if .Values.orchestrator.expose }} + expose: + {{- if .Values.orchestrator.expose.type }} + type: {{ .Values.orchestrator.expose.type }} + {{- end }} + {{- if .Values.orchestrator.expose.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{ .Values.orchestrator.expose.loadBalancerSourceRanges }} + {{- end }} + {{- if .Values.orchestrator.expose.annotations }} + annotations: {{ .Values.orchestrator.expose.annotations }} + {{- end }} + {{- if .Values.orchestrator.expose.labels }} + labels: {{ .Values.orchestrator.expose.labels }} + {{- end }} + {{- if .Values.orchestrator.expose.internalTrafficPolicy }} + internalTrafficPolicy: {{ .Values.orchestrator.expose.internalTrafficPolicy }} + {{- end }} + {{- if .Values.orchestrator.expose.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.orchestrator.expose.externalTrafficPolicy }} + {{- end }} + {{- end }} + size: {{ .Values.orchestrator.size }} + {{- if .Values.orchestrator.annotations }} + annotations: {{ .Values.orchestrator.annotations }} + {{- end }} + {{- if .Values.orchestrator.labels }} + labels: {{ .Values.orchestrator.labels }} + {{- end }} + {{- if .Values.orchestrator.initContainer }} + initContainer: + {{- if .Values.orchestrator.initContainer.image }} + image: {{ .Values.orchestrator.initContainer.image }} + {{- end }} + {{- if .Values.orchestrator.initContainer.resources }} + resources: + {{- .Values.orchestrator.initContainer.resources | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.orchestrator.initContainer.containerSecurityContext }} + containerSecurityContext: + {{- .Values.orchestrator.initContainer.containerSecurityContext | toYaml | nindent 8 }} + {{- end }} + {{- end }} + {{- if .Values.orchestrator.affinity }} + affinity: + {{- if .Values.orchestrator.affinity.antiAffinityTopologyKey }} + antiAffinityTopologyKey: {{ .Values.orchestrator.affinity.antiAffinityTopologyKey }} + {{- end }} + {{- if .Values.orchestrator.affinity.advanced }} + advanced: + {{- .Values.orchestrator.affinity.advanced | toYaml | nindent 8 }} + {{- end }} + {{- end }} + {{- if .Values.orchestrator.topologySpreadConstraints }} + topologySpreadConstraints: + {{- .Values.orchestrator.topologySpreadConstraints | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.orchestrator.nodeSelector }} + nodeSelector: {{ .Values.orchestrator.nodeSelector }} + {{- end }} + {{- if .Values.orchestrator.tolerations }} + tolerations: + {{- .Values.orchestrator.tolerations | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.orchestrator.priorityClassName }} + priorityClassName: {{ .Values.orchestrator.priorityClassName }} + {{- end }} + {{- if .Values.orchestrator.gracePeriod }} + gracePeriod: {{ .Values.orchestrator.gracePeriod }} + {{- end }} + {{- if .Values.orchestrator.schedulerName }} + schedulerName: {{ .Values.orchestrator.schedulerName }} + {{- end }} + {{- if .Values.orchestrator.runtimeClassName }} + runtimeClassName: {{ .Values.orchestrator.runtimeClassName }} + {{- end }} + {{- if .Values.orchestrator.podSecurityContext }} + podSecurityContext: + {{- .Values.orchestrator.podSecurityContext | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.orchestrator.serviceAccountName }} + serviceAccountName: {{ .Values.orchestrator.serviceAccountName }} + {{- end }} + {{- if .Values.orchestrator.podDisruptionBudget }} + podDisruptionBudget: + {{- if .Values.orchestrator.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.orchestrator.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if .Values.orchestrator.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.orchestrator.podDisruptionBudget.maxUnavailable }} + {{- end }} + {{- end }} + {{- if .Values.orchestrator.configuration }} + configuration: {{ .Values.orchestrator.configuration }} + {{- end }} + {{- if .Values.orchestrator.image }} + image: "{{ .Values.orchestrator.image.repository }}:{{ .Values.orchestrator.image.tag }}" + {{- end }} + {{- if .Values.orchestrator.imagePullPolicy }} + imagePullPolicy: {{ .Values.orchestrator.imagePullPolicy }} + {{- end }} + {{- if .Values.orchestrator.imagePullSecrets }} + imagePullSecrets: + {{- .Values.orchestrator.imagePullSecrets | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.orchestrator.resources }} + resources: + {{- .Values.orchestrator.resources | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.orchestrator.startupProbe }} + startupProbe: + {{- .Values.orchestrator.startupProbe | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.orchestrator.readinessProbe }} + readinessProbe: + {{- .Values.orchestrator.readinessProbe | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.orchestrator.livenessProbe }} + livenessProbe: + {{- .Values.orchestrator.livenessProbe | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.orchestrator.containerSecurityContext }} + containerSecurityContext: + {{- .Values.orchestrator.containerSecurityContext | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.orchestrator.env }} + env: + {{- .Values.orchestrator.env | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.orchestrator.envFrom }} + envFrom: + {{- .Values.orchestrator.envFrom | toYaml | nindent 6 }} + {{- end }} + {{- end }} + {{- if .Values.pmm }} + pmm: + {{- if .Values.pmm.enabled }} + enabled: {{ .Values.pmm.enabled }} + {{- end }} + {{- if .Values.pmm.image }} + image: "{{ .Values.pmm.image.repository }}:{{ .Values.pmm.image.tag }}" + {{- end }} + {{- if .Values.pmm.mysqlParams }} + mysqlParams: {{ .Values.pmm.mysqlParams }} + {{- end }} + {{- if .Values.pmm.serverHost }} + serverHost: {{ .Values.pmm.serverHost }} + {{- end }} + {{- if .Values.pmm.resources }} + resources: + {{- .Values.pmm.resources | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.pmm.containerSecurityContext }} + containerSecurityContext: + {{- .Values.pmm.containerSecurityContext | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.pmm.imagePullPolicy }} + imagePullPolicy: {{ .Values.pmm.imagePullPolicy }} + {{- end }} + {{- if .Values.pmm.livenessProbe }} + livenessProbe: + {{- .Values.pmm.livenessProbe | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.pmm.readinessProbe }} + readinessProbe: + {{- .Values.pmm.readinessProbe | toYaml | nindent 6 }} + {{- end }} + {{- end }} + {{- if .Values.backup }} + backup: + {{- if .Values.backup.enabled }} + enabled: {{ .Values.backup.enabled }} + {{- end }} + {{- if .Values.backup.sourcePod }} + sourcePod: {{ .Values.backup.sourcePod }} + {{- end }} + {{- if .Values.backup.image }} + image: {{ .Values.backup.image }} + {{- end }} + {{- if .Values.backup.imagePullSecrets }} + imagePullSecrets: + {{- .Values.backup.imagePullSecrets | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.backup.imagePullPolicy }} + imagePullPolicy: {{ .Values.backup.imagePullPolicy }} + {{- end }} + {{- if .Values.backup.serviceAccountName }} + serviceAccountName: {{ .Values.backup.serviceAccountName }} + {{- end }} + {{- if .Values.backup.containerSecurityContext }} + containerSecurityContext: + {{- .Values.backup.containerSecurityContext | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.backup.resources }} + resources: + {{- .Values.backup.resources | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.backup.storages }} + storages: {{ .Values.backup.storages }} + {{- end }} + {{- if .Values.backup.backoffLimit }} + backoffLimit: {{ .Values.backup.backoffLimit }} + {{- end }} + {{- if .Values.backup.schedule }} + schedule: + name: {{ .Values.backup.schedule.name }} + schedule: {{ .Values.backup.schedule.schedule }} + {{- if .Values.backup.schedule.keep }} + keep: {{ .Values.backup.schedule.keep }} + {{- end }} + storageName: {{ .Values.backup.schedule.storageName }} + {{- end }} + {{- if .Values.backup.initContainer }} + initContainer: + {{- if .Values.backup.initContainer.image }} + image: {{ .Values.backup.initContainer.image }} + {{- else }} + image: {{ include "ps-database.operator-image" . }} + {{- end }} + {{- if .Values.backup.initContainer.resources }} + resources: + {{- .Values.backup.initContainer.resources | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.backup.initContainer.containerSecurityContext }} + containerSecurityContext: + {{- .Values.backup.initContainer.containerSecurityContext | toYaml | nindent 8 }} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.proxy }} + proxy: + {{- if .Values.proxy.router }} + router: + {{- if .Values.proxy.router.enabled }} + enabled: {{ .Values.proxy.router.enabled }} + {{- end }} + {{- if .Values.proxy.router.expose }} + expose: + {{- if .Values.proxy.router.expose.type }} + type: {{ .Values.proxy.router.expose.type }} + {{- end }} + {{- if .Values.proxy.router.expose.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{ .Values.proxy.router.expose.loadBalancerSourceRanges }} + {{- end }} + {{- if .Values.proxy.router.expose.annotations }} + annotations: {{ .Values.proxy.router.expose.annotations }} + {{- end }} + {{- if .Values.proxy.router.expose.labels }} + labels: {{ .Values.proxy.router.expose.labels }} + {{- end }} + {{- if .Values.proxy.router.expose.internalTrafficPolicy }} + internalTrafficPolicy: {{ .Values.proxy.router.expose.internalTrafficPolicy }} + {{- end }} + {{- if .Values.proxy.router.expose.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.proxy.router.expose.externalTrafficPolicy }} + {{- end }} + {{- end }} + {{- if .Values.proxy.router.ports }} + ports: + {{- .Values.proxy.router.ports | toYaml | nindent 8 }} + {{- end }} + size: {{ .Values.proxy.router.size }} + {{- if .Values.proxy.router.annotations }} + annotations: {{ .Values.proxy.router.annotations }} + {{- end }} + {{- if .Values.proxy.router.labels }} + labels: {{ .Values.proxy.router.labels }} + {{- end }} + {{- if .Values.proxy.router.initContainer }} + initContainer: + {{- if .Values.proxy.router.initContainer.image }} + image: {{ .Values.proxy.router.initContainer.image }} + {{- end }} + {{- if .Values.proxy.router.initContainer.resources }} + resources: + {{- .Values.proxy.router.initContainer.resources | toYaml | nindent 10 }} + {{- end }} + {{- if .Values.proxy.router.initContainer.containerSecurityContext }} + containerSecurityContext: + {{- .Values.proxy.router.initContainer.containerSecurityContext | toYaml | nindent 10 }} + {{- end }} + {{- end }} + {{- if .Values.proxy.router.affinity }} + affinity: + {{- if .Values.proxy.router.affinity.antiAffinityTopologyKey }} + antiAffinityTopologyKey: {{ .Values.proxy.router.affinity.antiAffinityTopologyKey }} + {{- end }} + {{- if .Values.proxy.router.affinity.advanced }} + advanced: + {{- .Values.proxy.router.affinity.advanced | toYaml | nindent 10 }} + {{- end }} + {{- end }} + {{- if .Values.proxy.router.topologySpreadConstraints }} + topologySpreadConstraints: + {{- .Values.proxy.router.topologySpreadConstraints | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.router.nodeSelector }} + nodeSelector: {{ .Values.proxy.router.nodeSelector }} + {{- end }} + {{- if .Values.proxy.router.tolerations }} + tolerations: + {{- .Values.proxy.router.tolerations | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.router.priorityClassName }} + priorityClassName: {{ .Values.proxy.router.priorityClassName }} + {{- end }} + {{- if .Values.proxy.router.gracePeriod }} + gracePeriod: {{ .Values.proxy.router.gracePeriod }} + {{- end }} + {{- if .Values.proxy.router.schedulerName }} + schedulerName: {{ .Values.proxy.router.schedulerName }} + {{- end }} + {{- if .Values.proxy.router.runtimeClassName }} + runtimeClassName: {{ .Values.proxy.router.runtimeClassName }} + {{- end }} + {{- if .Values.proxy.router.podSecurityContext }} + podSecurityContext: + {{- .Values.proxy.router.podSecurityContext | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.router.serviceAccountName }} + serviceAccountName: {{ .Values.proxy.router.serviceAccountName }} + {{- end }} + {{- if .Values.proxy.router.podDisruptionBudget }} + podDisruptionBudget: + {{- if .Values.proxy.router.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.proxy.router.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if .Values.proxy.router.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.proxy.router.podDisruptionBudget.maxUnavailable }} + {{- end }} + {{- end }} + {{- if .Values.proxy.router.configuration }} + configuration: {{ .Values.proxy.router.configuration }} + {{- end }} + {{- if .Values.proxy.router.image }} + image: "{{ .Values.proxy.router.image.repository }}:{{ .Values.proxy.router.image.tag }}" + {{- end }} + {{- if .Values.proxy.router.imagePullPolicy }} + imagePullPolicy: {{ .Values.proxy.router.imagePullPolicy }} + {{- end }} + {{- if .Values.proxy.router.imagePullSecrets }} + imagePullSecrets: + {{- .Values.proxy.router.imagePullSecrets | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.router.resources }} + resources: + {{- .Values.proxy.router.resources | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.router.startupProbe }} + startupProbe: + {{- .Values.proxy.router.startupProbe | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.router.readinessProbe }} + readinessProbe: + {{- .Values.proxy.router.readinessProbe | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.router.livenessProbe }} + livenessProbe: + {{- .Values.proxy.router.livenessProbe | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.router.containerSecurityContext }} + containerSecurityContext: + {{- .Values.proxy.router.containerSecurityContext | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.router.env }} + env: + {{- .Values.proxy.router.env | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.router.envFrom }} + envFrom: + {{- .Values.proxy.router.envFrom | toYaml | nindent 8 }} + {{- end }} + {{- end }} + {{- if .Values.proxy.haproxy }} + haproxy: + {{- if .Values.proxy.haproxy.enabled }} + enabled: {{ .Values.proxy.haproxy.enabled }} + {{- end }} + {{- if .Values.proxy.haproxy.expose }} + expose: + {{- if .Values.proxy.haproxy.expose.type }} + type: {{ .Values.proxy.haproxy.expose.type }} + {{- end }} + {{- if .Values.proxy.haproxy.expose.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{ .Values.proxy.haproxy.expose.loadBalancerSourceRanges }} + {{- end }} + {{- if .Values.proxy.haproxy.expose.annotations }} + annotations: {{ .Values.proxy.haproxy.expose.annotations }} + {{- end }} + {{- if .Values.proxy.haproxy.expose.labels }} + labels: {{ .Values.proxy.haproxy.expose.labels }} + {{- end }} + {{- if .Values.proxy.haproxy.expose.internalTrafficPolicy }} + internalTrafficPolicy: {{ .Values.proxy.haproxy.expose.internalTrafficPolicy }} + {{- end }} + {{- if .Values.proxy.haproxy.expose.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.proxy.haproxy.expose.externalTrafficPolicy }} + {{- end }} + {{- end }} + size: {{ .Values.proxy.haproxy.size }} + {{- if .Values.proxy.haproxy.annotations }} + annotations: {{ .Values.proxy.haproxy.annotations }} + {{- end }} + {{- if .Values.proxy.haproxy.labels }} + labels: {{ .Values.proxy.haproxy.labels }} + {{- end }} + {{- if .Values.proxy.haproxy.initContainer }} + initContainer: + {{- if .Values.proxy.haproxy.initContainer.image }} + image: {{ .Values.proxy.haproxy.initContainer.image }} + {{- else }} + image: {{ include "ps-database.operator-image" . }} + {{- end }} + {{- if .Values.proxy.haproxy.initContainer.resources }} + resources: + {{- .Values.proxy.haproxy.initContainer.resources | toYaml | nindent 10 }} + {{- end }} + {{- if .Values.proxy.haproxy.initContainer.containerSecurityContext }} + containerSecurityContext: + {{- .Values.proxy.haproxy.initContainer.containerSecurityContext | toYaml | nindent 10 }} + {{- end }} + {{- end }} + {{- if .Values.proxy.haproxy.affinity }} + affinity: + {{- if .Values.proxy.haproxy.affinity.antiAffinityTopologyKey }} + antiAffinityTopologyKey: {{ .Values.proxy.haproxy.affinity.antiAffinityTopologyKey }} + {{- end }} + {{- if .Values.proxy.haproxy.affinity.advanced }} + advanced: + {{- .Values.proxy.haproxy.affinity.advanced | toYaml | nindent 10 }} + {{- end }} + {{- end }} + {{- if .Values.proxy.haproxy.topologySpreadConstraints }} + topologySpreadConstraints: + {{- .Values.proxy.haproxy.topologySpreadConstraints | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.haproxy.nodeSelector }} + nodeSelector: {{ .Values.proxy.haproxy.nodeSelector }} + {{- end }} + {{- if .Values.proxy.haproxy.tolerations }} + tolerations: + {{- .Values.proxy.haproxy.tolerations | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.haproxy.priorityClassName }} + priorityClassName: {{ .Values.proxy.haproxy.priorityClassName }} + {{- end }} + {{- if .Values.proxy.haproxy.gracePeriod }} + gracePeriod: {{ .Values.proxy.haproxy.gracePeriod }} + {{- end }} + {{- if .Values.proxy.haproxy.schedulerName }} + schedulerName: {{ .Values.proxy.haproxy.schedulerName }} + {{- end }} + {{- if .Values.proxy.haproxy.runtimeClassName }} + runtimeClassName: {{ .Values.proxy.haproxy.runtimeClassName }} + {{- end }} + {{- if .Values.proxy.haproxy.podSecurityContext }} + podSecurityContext: + {{- .Values.proxy.haproxy.podSecurityContext | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.haproxy.serviceAccountName }} + serviceAccountName: {{ .Values.proxy.haproxy.serviceAccountName }} + {{- end }} + {{- if .Values.proxy.haproxy.podDisruptionBudget }} + podDisruptionBudget: + {{- if .Values.proxy.haproxy.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.proxy.haproxy.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if .Values.proxy.haproxy.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.proxy.haproxy.podDisruptionBudget.maxUnavailable }} + {{- end }} + {{- end }} + {{- if .Values.proxy.haproxy.configuration }} + configuration: {{ .Values.proxy.haproxy.configuration }} + {{- end }} + {{- if .Values.proxy.haproxy.image }} + image: "{{ .Values.proxy.haproxy.image.repository }}:{{ .Values.proxy.haproxy.image.tag }}" + {{- end }} + {{- if .Values.proxy.haproxy.imagePullPolicy }} + imagePullPolicy: {{ .Values.proxy.haproxy.imagePullPolicy }} + {{- end }} + {{- if .Values.proxy.haproxy.imagePullSecrets }} + imagePullSecrets: + {{- .Values.proxy.haproxy.imagePullSecrets | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.haproxy.resources }} + resources: + {{- .Values.proxy.haproxy.resources | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.haproxy.startupProbe }} + startupProbe: + {{- .Values.proxy.haproxy.startupProbe | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.haproxy.readinessProbe }} + readinessProbe: + {{- .Values.proxy.haproxy.readinessProbe | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.haproxy.livenessProbe }} + livenessProbe: + {{- .Values.proxy.haproxy.livenessProbe | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.haproxy.containerSecurityContext }} + containerSecurityContext: + {{- .Values.proxy.haproxy.containerSecurityContext | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.haproxy.env }} + env: + {{- .Values.proxy.haproxy.env | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.proxy.haproxy.envFrom }} + envFrom: + {{- .Values.proxy.haproxy.envFrom | toYaml | nindent 8 }} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.tls }} + tls: + {{- if .Values.tls.SANs }} + SANs: {{ .Values.tls.SANs }} + {{- end }} + {{- if .Values.tls.issuerConf }} + issuerConf: {{ .Values.tls.issuerConf }} + {{- end }} + {{- end }} + {{- if .Values.toolkit }} + toolkit: + {{- if .Values.toolkit.image }} + image: "{{ .Values.toolkit.image.repository }}:{{ .Values.toolkit.image.tag }}" + {{- end }} + {{- if .Values.toolkit.imagePullPolicy }} + imagePullPolicy: {{ .Values.toolkit.imagePullPolicy }} + {{- end }} + {{- if .Values.toolkit.imagePullSecrets }} + imagePullSecrets: + {{- .Values.toolkit.imagePullSecrets | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.toolkit.resources }} + resources: + {{- .Values.toolkit.resources | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.toolkit.startupProbe }} + startupProbe: + {{- .Values.toolkit.startupProbe | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.toolkit.readinessProbe }} + readinessProbe: + {{- .Values.toolkit.readinessProbe | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.toolkit.livenessProbe }} + livenessProbe: + {{- .Values.toolkit.livenessProbe | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.toolkit.containerSecurityContext }} + containerSecurityContext: + {{- .Values.toolkit.containerSecurityContext | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.toolkit.env }} + env: + {{- .Values.toolkit.env | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.toolkit.envFrom }} + envFrom: + {{- .Values.toolkit.envFrom | toYaml | nindent 6 }} + {{- end }} + {{- end }} + {{- if .Values.upgradeOptions }} + upgradeOptions: + {{- if .Values.upgradeOptions.versionServiceEndpoint }} + versionServiceEndpoint: {{ .Values.upgradeOptions.versionServiceEndpoint }} + {{- end }} + {{- if .Values.upgradeOptions.apply }} + apply: {{ .Values.upgradeOptions.apply }} + {{- end }} + {{- end }} + {{- if .Values.updateStrategy }} + updateStrategy: {{ .Values.updateStrategy }} + {{- end }} + {{- if .Values.initContainer }} + initContainer: + {{- if .Values.initContainer.image }} + image: {{ .Values.initContainer.image }} + {{- else }} + image: {{ include "ps-database.operator-image" . }} + {{- end }} + {{- if .Values.initContainer.resources }} + resources: + {{- .Values.initContainer.resources | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.initContainer.containerSecurityContext }} + containerSecurityContext: + {{- .Values.initContainer.containerSecurityContext | toYaml | nindent 6 }} + {{- end }} + {{- end }} diff --git a/deploy/chart/templates/role-binding.yaml b/deploy/chart/templates/role-binding.yaml new file mode 100644 index 000000000..3271fafd5 --- /dev/null +++ b/deploy/chart/templates/role-binding.yaml @@ -0,0 +1,21 @@ +{{/* vim: filetype=helm */}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ps-database.fullname" . }}-orchestrator + namespace: {{ .Release.Namespace }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "ps-database.fullname" . }}-orchestrator + namespace: {{ .Release.Namespace }} + labels: +{{ include "ps-database.labels" . | indent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "ps-database.fullname" . }}-orchestrator +subjects: +- kind: ServiceAccount + name: {{ include "ps-database.fullname" . }}-orchestrator diff --git a/deploy/chart/templates/role.yaml b/deploy/chart/templates/role.yaml new file mode 100644 index 000000000..e17de402a --- /dev/null +++ b/deploy/chart/templates/role.yaml @@ -0,0 +1,22 @@ +{{/* vim: filetype=helm */}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "ps-database.fullname" . }}-orchestrator + namespace: {{ .Release.Namespace }} + labels: +{{ include "ps-database.labels" . | indent 4 }} +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - list + - patch +- apiGroups: + - ps.percona.com + resources: + - perconaservermysqls + verbs: + - get diff --git a/deploy/chart/values.yaml b/deploy/chart/values.yaml new file mode 100644 index 000000000..9f1813608 --- /dev/null +++ b/deploy/chart/values.yaml @@ -0,0 +1,883 @@ +nameOverride: "" +fullnameOverride: "" +finalizers: + - percona.com/delete-mysql-pods-in-order +# - percona.com/delete-ssl +# - percona.com/delete-mysql-pvc +#metadata: +# annotations: +# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp +# service.beta.kubernetes.io/aws-load-balancer-type: nlb +# labels: +# rack: rack-22 +#unsafeFlags: +# mysqlSize: false +# orchestrator: false +# orchestratorSize: false +# proxy: false +# proxySize: false +#pause: false +crVersion: 1.0.0 +#enableVolumeExpansion: false +secretsName: ps-cluster1-secrets +sslSecretName: ps-cluster1-ssl +updateStrategy: SmartUpdate +upgradeOptions: + apply: disabled + versionServiceEndpoint: https://check.percona.com +#initContainer: +# containerSecurityContext: +# privileged: false +# runAsGroup: 1001 +# runAsUser: 1001 +# image: perconalab/percona-server-mysql-operator:main +# resources: +# limits: +# cpu: 100m +# memory: 100M +# requests: +# cpu: 200m +# memory: 200M +#ignoreAnnotations: +# - service.beta.kubernetes.io/aws-load-balancer-backend-protocol +#ignoreLabels: +# - rack +#tls: +# SANs: +# - mysql-1.example.com +# - mysql-2.example.com +# - mysql-3.example.com +# issuerConf: +# group: cert-manager.io +# kind: ClusterIssuer +# name: special-selfsigned-issuer +mysql: + clusterType: group-replication + autoRecovery: true +# vaultSecretName: ps-cluster1-vault + size: 3 + image: + repository: perconalab/percona-server-mysql-operator + tag: main-psmysql8.4 + imagePullPolicy: Always +# imagePullSecrets: +# - name: my-secret-1 +# - name: my-secret-2 +# runtimeClassName: image-rc +# tolerations: +# - effect: NoExecute +# key: node.alpha.kubernetes.io/unreachable +# operator: Exists +# tolerationSeconds: 6000 +# annotations: +# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp +# service.beta.kubernetes.io/aws-load-balancer-type: nlb +# labels: +# rack: rack-22 +# nodeSelector: +# topology.kubernetes.io/zone: us-east-1a +# priorityClassName: high-priority +# schedulerName: default-scheduler +# serviceAccountName: some-service-account + gracePeriod: 600 +# initContainer: +# containerSecurityContext: +# privileged: false +# runAsGroup: 1001 +# runAsUser: 1001 +# image: perconalab/percona-server-mysql-operator:main +# resources: +# limits: +# cpu: 100m +# memory: 100M +# requests: +# cpu: 200m +# memory: 200M +# env: +# - name: BOOTSTRAP_READ_TIMEOUT +# value: "600" +# envFrom: +# - secretRef: +# name: mysql-env-secret + podDisruptionBudget: + maxUnavailable: 1 +# minAvailable: 0 + resources: + limits: + memory: 4Gi + requests: + memory: 2Gi +# startupProbe: +# failureThreshold: 1 +# initialDelaySeconds: 15 +# periodSeconds: 10 +# successThreshold: 1 +# timeoutSeconds: 43200 +# readinessProbe: +# failureThreshold: 3 +# initialDelaySeconds: 30 +# periodSeconds: 5 +# successThreshold: 1 +# timeoutSeconds: 3 +# livenessProbe: +# failureThreshold: 3 +# initialDelaySeconds: 15 +# periodSeconds: 10 +# successThreshold: 1 +# timeoutSeconds: 10 + affinity: +# advanced: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.io/e2e-az-name +# operator: In +# values: +# - e2e-az1 +# - e2e-az2 + antiAffinityTopologyKey: kubernetes.io/hostname +# topologySpreadConstraints: +# - labelSelector: +# matchLabels: +# app.kubernetes.io/name: percona-server +# maxSkew: 1 +# topologyKey: kubernetes.io/hostname +# whenUnsatisfiable: DoNotSchedule +# containerSecurityContext: +# privileged: false +# runAsGroup: 1001 +# runAsUser: 1001 +# podSecurityContext: +# fsGroup: 1001 +# supplementalGroups: +# - 1001 +# - 1002 +# - 1003 + exposePrimary: +# annotations: +# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp +# service.beta.kubernetes.io/aws-load-balancer-type: nlb + enabled: true +# externalTrafficPolicy: Cluster +# internalTrafficPolicy: Cluster +# labels: +# rack: rack-22 +# loadBalancerSourceRanges: +# - 10.0.0.0/8 +# type: ClusterIP +# expose: +# annotations: +# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp +# service.beta.kubernetes.io/aws-load-balancer-type: nlb +# enabled: false +# externalTrafficPolicy: Cluster +# internalTrafficPolicy: Cluster +# labels: +# rack: rack-22 +# loadBalancerSourceRanges: +# - 10.0.0.0/8 +# type: ClusterIP + volumeSpec: +# emptyDir: {} +# hostPath: +# path: /data +# type: Directory + persistentVolumeClaim: +# accessModes: +# - ReadWriteOnce + resources: + requests: + storage: 2Gi +# storageClassName: standard +# configuration: |- +# max_connections=250 +# innodb_buffer_pool_size={{containerMemoryLimit * 3/4}} +# sidecars: +# - command: +# - sleep +# - 30d +# image: busybox +# imagePullPolicy: Always +# lifecycle: {} +# livenessProbe: {} +# name: noop-memory +# readinessProbe: {} +# resources: +# requests: +# memory: 16M +# securityContext: {} +# startupProbe: {} +# volumeMounts: +# - mountPath: /var/log/app/memory +# name: memory-vol +# - command: +# - sleep +# - 30d +# image: busybox +# imagePullPolicy: Always +# lifecycle: {} +# livenessProbe: {} +# name: noop-pvc +# readinessProbe: {} +# resources: +# requests: +# memory: 16M +# securityContext: {} +# startupProbe: {} +# volumeMounts: +# - mountPath: /var/log/app/memory +# name: memory-vol +# sidecarVolumes: +# - emptyDir: +# medium: Memory +# name: memory-vol +# sidecarPVCs: +# - name: pvc-vol +# spec: +# resources: +# requests: +# storage: 1Gi +proxy: + haproxy: + enabled: true +# expose: +# annotations: +# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp +# service.beta.kubernetes.io/aws-load-balancer-type: nlb +# externalTrafficPolicy: Cluster +# internalTrafficPolicy: Cluster +# labels: +# rack: rack-22 +# loadBalancerSourceRanges: +# - 10.0.0.0/8 +# type: ClusterIP + size: 3 + image: + repository: perconalab/percona-server-mysql-operator + tag: main-haproxy + imagePullPolicy: Always +# imagePullSecrets: +# - name: my-secret-1 +# - name: my-secret-2 +# runtimeClassName: image-rc +# tolerations: +# - effect: NoExecute +# key: node.alpha.kubernetes.io/unreachable +# operator: Exists +# tolerationSeconds: 6000 +# annotations: +# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp +# service.beta.kubernetes.io/aws-load-balancer-type: nlb +# labels: +# rack: rack-22 +# nodeSelector: +# topology.kubernetes.io/zone: us-east-1a +# priorityClassName: high-priority +# schedulerName: default-scheduler +# serviceAccountName: some-service-account + gracePeriod: 30 +# initContainer: +# containerSecurityContext: +# privileged: false +# runAsGroup: 1001 +# runAsUser: 1001 +# image: perconalab/percona-server-mysql-operator:main +# resources: +# limits: +# cpu: 100m +# memory: 100M +# requests: +# cpu: 200m +# memory: 200M +# env: +# - name: HA_CONNECTION_TIMEOUT +# value: "600" +# envFrom: +# - secretRef: +# name: haproxy-env-secret + podDisruptionBudget: + maxUnavailable: 1 +# minAvailable: 0 + resources: +# limits: +# cpu: 700m +# memory: 1Gi + requests: + cpu: 600m + memory: 1Gi +# startupProbe: +# failureThreshold: 3 +# periodSeconds: 5 +# successThreshold: 1 +# timeoutSeconds: 3 +# readinessProbe: +# failureThreshold: 3 +# initialDelaySeconds: 15 +# periodSeconds: 5 +# successThreshold: 1 +# timeoutSeconds: 1 +# livenessProbe: +# failureThreshold: 4 +# initialDelaySeconds: 60 +# periodSeconds: 30 +# successThreshold: 1 +# timeoutSeconds: 3 + affinity: +# advanced: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.io/e2e-az-name +# operator: In +# values: +# - e2e-az1 +# - e2e-az2 + antiAffinityTopologyKey: kubernetes.io/hostname +# topologySpreadConstraints: +# - labelSelector: +# matchLabels: +# app.kubernetes.io/name: percona-server +# maxSkew: 1 +# topologyKey: kubernetes.io/hostname +# whenUnsatisfiable: DoNotSchedule +# containerSecurityContext: +# privileged: false +# runAsGroup: 1001 +# runAsUser: 1001 +# podSecurityContext: +# fsGroup: 1001 +# supplementalGroups: +# - 1001 +# - 1002 +# - 1003 +# configuration: |- +# # the actual default configuration file can be found here https://github.com/percona/percona-server-mysql-operator/blob/main/build/haproxy-global.cfg +# +# global +# maxconn 2048 +# external-check +# insecure-fork-wanted +# stats socket /etc/haproxy/mysql/haproxy.sock mode 600 expose-fd listeners level admin +# +# defaults +# default-server init-addr last,libc,none +# log global +# mode tcp +# retries 10 +# timeout client 28800s +# timeout connect 100500 +# timeout server 28800s +# +# frontend mysql-primary-in +# bind *:3309 accept-proxy +# bind *:3306 +# mode tcp +# option clitcpka +# default_backend mysql-primary +# +# frontend mysql-replicas-in +# bind *:3307 +# mode tcp +# option clitcpka +# default_backend mysql-replicas +# +# frontend stats +# bind *:8404 +# mode http +# http-request use-service prometheus-exporter if { path /metrics } + router: + enabled: false +# expose: +# annotations: +# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp +# service.beta.kubernetes.io/aws-load-balancer-type: nlb +# externalTrafficPolicy: Cluster +# internalTrafficPolicy: Cluster +# labels: +# rack: rack-22 +# loadBalancerSourceRanges: +# - 10.0.0.0/8 +# type: ClusterIP + size: 3 + image: + repository: perconalab/percona-server-mysql-operator + tag: main-router8.4 + imagePullPolicy: Always +# imagePullSecrets: +# - name: my-secret-1 +# - name: my-secret-2 +# runtimeClassName: image-rc +# tolerations: +# - effect: NoExecute +# key: node.alpha.kubernetes.io/unreachable +# operator: Exists +# tolerationSeconds: 6000 +# annotations: +# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp +# service.beta.kubernetes.io/aws-load-balancer-type: nlb +# labels: +# rack: rack-22 +# nodeSelector: +# topology.kubernetes.io/zone: us-east-1a +# priorityClassName: high-priority +# schedulerName: default-scheduler +# serviceAccountName: some-service-account + gracePeriod: 30 +# initContainer: +# containerSecurityContext: +# privileged: false +# runAsGroup: 1001 +# runAsUser: 1001 +# image: perconalab/percona-server-mysql-operator:main +# resources: +# limits: +# cpu: 100m +# memory: 100M +# requests: +# cpu: 200m +# memory: 200M +# env: +# - name: ROUTER_ENV +# value: VALUE +# envFrom: +# - secretRef: +# name: router-env-secret + podDisruptionBudget: + maxUnavailable: 1 +# minAvailable: 0 + resources: + limits: + memory: 256M + requests: + memory: 256M +# startupProbe: +# failureThreshold: 1 +# initialDelaySeconds: 5 +# periodSeconds: 5 +# successThreshold: 1 +# timeoutSeconds: 3 +# readinessProbe: +# failureThreshold: 3 +# periodSeconds: 5 +# successThreshold: 1 +# timeoutSeconds: 3 +# livenessProbe: +# failureThreshold: 3 +# periodSeconds: 5 +# successThreshold: 1 +# timeoutSeconds: 3 + affinity: +# advanced: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.io/e2e-az-name +# operator: In +# values: +# - e2e-az1 +# - e2e-az2 + antiAffinityTopologyKey: kubernetes.io/hostname +# topologySpreadConstraints: +# - labelSelector: +# matchLabels: +# app.kubernetes.io/name: percona-server +# maxSkew: 1 +# topologyKey: kubernetes.io/hostname +# whenUnsatisfiable: DoNotSchedule +# containerSecurityContext: +# privileged: false +# runAsGroup: 1001 +# runAsUser: 1001 +# podSecurityContext: +# fsGroup: 1001 +# supplementalGroups: +# - 1001 +# - 1002 +# - 1003 +# ports: +# - name: http +# port: 8443 +# targetPort: 0 +# - name: rw-default +# port: 3306 +# targetPort: 6446 +# - name: read-write +# port: 6446 +# targetPort: 0 +# - name: read-only +# port: 6447 +# targetPort: 0 +# - name: x-read-write +# port: 6448 +# targetPort: 0 +# - name: x-read-only +# port: 6449 +# targetPort: 0 +# - name: x-default +# port: 33060 +# targetPort: 0 +# - name: rw-admin +# port: 33062 +# targetPort: 0 +# - name: custom-port +# port: 1111 +# targetPort: 6446 +# configuration: |- +# [default] +# logging_folder=/tmp/router/log +# [logger] +# level=DEBUG +orchestrator: + enabled: false +# expose: +# annotations: +# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp +# service.beta.kubernetes.io/aws-load-balancer-type: nlb +# externalTrafficPolicy: Cluster +# internalTrafficPolicy: Cluster +# labels: +# rack: rack-22 +# loadBalancerSourceRanges: +# - 10.0.0.0/8 +# type: ClusterIP + size: 3 + image: + repository: perconalab/percona-server-mysql-operator + tag: main-orchestrator + imagePullPolicy: Always +# imagePullSecrets: +# - name: my-secret-1 +# - name: my-secret-2 +# runtimeClassName: image-rc +# tolerations: +# - effect: NoExecute +# key: node.alpha.kubernetes.io/unreachable +# operator: Exists +# tolerationSeconds: 6000 +# annotations: +# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp +# service.beta.kubernetes.io/aws-load-balancer-type: nlb +# labels: +# rack: rack-22 +# nodeSelector: +# topology.kubernetes.io/zone: us-east-1a +# priorityClassName: high-priority +# schedulerName: default-scheduler +# serviceAccountName: percona-server-mysql-operator-orchestrator + gracePeriod: 30 +# initContainer: +# containerSecurityContext: +# privileged: false +# runAsGroup: 1001 +# runAsUser: 1001 +# image: perconalab/percona-server-mysql-operator:main +# resources: +# limits: +# cpu: 100m +# memory: 100M +# requests: +# cpu: 200m +# memory: 200M +# env: +# - name: ORC_ENV +# value: VALUE +# envFrom: +# - secretRef: +# name: orc-env-secret + podDisruptionBudget: + maxUnavailable: 1 +# minAvailable: 0 + resources: + limits: + memory: 256M + requests: + memory: 128M +# startupProbe: +# failureThreshold: 3 +# periodSeconds: 5 +# successThreshold: 1 +# timeoutSeconds: 3 +# readinessProbe: +# failureThreshold: 3 +# periodSeconds: 5 +# successThreshold: 1 +# timeoutSeconds: 3 +# livenessProbe: +# failureThreshold: 3 +# periodSeconds: 5 +# successThreshold: 1 +# timeoutSeconds: 3 + affinity: +# advanced: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.io/e2e-az-name +# operator: In +# values: +# - e2e-az1 +# - e2e-az2 + antiAffinityTopologyKey: kubernetes.io/hostname +# topologySpreadConstraints: +# - labelSelector: +# matchLabels: +# app.kubernetes.io/name: percona-server +# maxSkew: 1 +# topologyKey: kubernetes.io/hostname +# whenUnsatisfiable: DoNotSchedule +# containerSecurityContext: +# privileged: false +# runAsGroup: 1001 +# runAsUser: 1001 +# podSecurityContext: +# supplementalGroups: +# - 1001 + configuration: "" +pmm: + enabled: false + image: + repository: perconalab/pmm-client + tag: 3-dev-latest + imagePullPolicy: Always + serverHost: monitoring-service +# mysqlParams: PMM_ADMIN_CUSTOM_PARAMS +# containerSecurityContext: +# privileged: false +# runAsGroup: 1001 +# runAsUser: 1001 + resources: +# limits: +# cpu: 400m +# memory: 256M + requests: + cpu: 300m + memory: 150M + livenessProbe: + failureThreshold: 3 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 3 + readinessProbe: + failureThreshold: 3 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 3 +backup: + enabled: true + pitr: + enabled: false +# sourcePod: ps-cluster1-mysql-1 + image: perconalab/percona-server-mysql-operator:main-backup8.4 + imagePullPolicy: Always +# imagePullSecrets: +# - name: my-secret-1 +# - name: my-secret-2 +# schedule: +# - keep: 3 +# name: sat-night-backup +# schedule: 0 0 * * 6 +# storageName: s3-us-west +# - keep: 5 +# name: daily-backup +# schedule: 0 0 * * * +# storageName: s3 +# backoffLimit: 6 +# serviceAccountName: some-service-account +# initContainer: +# containerSecurityContext: +# privileged: false +# runAsGroup: 1001 +# runAsUser: 1001 +# image: perconalab/percona-server-mysql-operator:main +# resources: +# limits: +# cpu: 100m +# memory: 100M +# requests: +# cpu: 200m +# memory: 200M +# containerSecurityContext: +# privileged: false +# runAsGroup: 1001 +# runAsUser: 1001 +# resources: +# limits: +# cpu: 100m +# memory: 100M +# requests: +# cpu: 200m +# memory: 200M + storages: +# azure-blob: +# azure: +# container: CONTAINER-NAME +# credentialsSecret: SECRET-NAME +# endpointUrl: https://accountName.blob.core.windows.net +# prefix: PREFIX-NAME +# storageClass: Cool +# containerOptions: +# args: +# xbcloud: +# - --someflag=abc +# xbstream: +# - --someflag=abc +# xtrabackup: +# - --someflag=abc +# env: +# - name: CUSTOM_VAR +# value: "false" +# containerSecurityContext: +# privileged: false +# runAsGroup: 1001 +# runAsUser: 1001 +# podSecurityContext: +# fsGroup: 1001 +# supplementalGroups: +# - 1001 +# - 1002 +# - 1003 +# resources: +# limits: +# cpu: 100m +# memory: 100M +# requests: +# cpu: 200m +# memory: 200M +# tolerations: +# - effect: NoExecute +# key: node.alpha.kubernetes.io/unreachable +# operator: Exists +# tolerationSeconds: 6000 +# topologySpreadConstraints: +# - labelSelector: +# matchLabels: +# app.kubernetes.io/name: percona-server +# maxSkew: 1 +# topologyKey: kubernetes.io/hostname +# whenUnsatisfiable: DoNotSchedule +# type: azure +# verifyTLS: null + s3-us-west: +# affinity: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.io/e2e-az-name +# operator: In +# values: +# - e2e-az1 +# - e2e-az2 +# annotations: +# testName: scheduled-backup +# containerOptions: +# args: +# xbcloud: +# - --someflag=abc +# xbstream: +# - --someflag=abc +# xtrabackup: +# - --someflag=abc +# env: +# - name: CUSTOM_VAR +# value: "false" +# containerSecurityContext: +# privileged: false +# runAsGroup: 1001 +# runAsUser: 1001 +# labels: +# backupWorker: "True" +# nodeSelector: +# topology.kubernetes.io/zone: us-east-1a +# podSecurityContext: +# fsGroup: 1001 +# supplementalGroups: +# - 1001 +# - 1002 +# - 1003 +# priorityClassName: high-priority +# resources: +# limits: +# cpu: 100m +# memory: 100M +# requests: +# cpu: 200m +# memory: 200M +# runtimeClassName: image-rc + s3: + bucket: S3-BACKUP-BUCKET-NAME-HERE + credentialsSecret: ps-cluster1-s3-credentials +# endpointUrl: https://s3.amazonaws.com +# prefix: PREFIX_NAME + region: us-west-2 +# schedulerName: default-scheduler +# tolerations: +# - effect: NoExecute +# key: node.alpha.kubernetes.io/unreachable +# operator: Exists +# tolerationSeconds: 6000 +# topologySpreadConstraints: +# - labelSelector: +# matchLabels: +# app.kubernetes.io/name: percona-server +# maxSkew: 1 +# topologyKey: kubernetes.io/hostname +# whenUnsatisfiable: DoNotSchedule + type: s3 + verifyTLS: true +# volumeSpec: +# emptyDir: {} +# hostPath: +# path: /data +# type: Directory +# persistentVolumeClaim: +# accessModes: +# - ReadWriteOnce +# resources: +# requests: +# storage: 2Gi +# storageClassName: standard +toolkit: + image: + repository: perconalab/percona-server-mysql-operator + tag: main-toolkit + imagePullPolicy: Always +# imagePullSecrets: +# - name: my-secret-1 +# - name: my-secret-2 +# env: +# - name: TOOLKIT_ENV +# value: VALUE +# envFrom: +# - secretRef: +# name: toolkit-env-secret +# resources: +# limits: +# cpu: 400m +# memory: 256M +# requests: +# cpu: 100m +# memory: 150M +# containerSecurityContext: +# privileged: false +# runAsGroup: 1001 +# runAsUser: 1001 +# startupProbe: +# failureThreshold: 3 +# periodSeconds: 5 +# successThreshold: 1 +# timeoutSeconds: 3 +# readinessProbe: +# failureThreshold: 3 +# periodSeconds: 5 +# successThreshold: 1 +# timeoutSeconds: 3 +# livenessProbe: +# failureThreshold: 3 +# periodSeconds: 5 +# successThreshold: 1 +# timeoutSeconds: 3 diff --git a/go.mod b/go.mod index 5984cfe4b..ddd65bfd9 100644 --- a/go.mod +++ b/go.mod @@ -4,6 +4,7 @@ go 1.25.0 require ( github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.6.3 + github.com/Masterminds/sprig v2.22.0+incompatible github.com/cert-manager/cert-manager v1.19.1 github.com/flosch/pongo2 v0.0.0-20200913210552-0d938eb266f3 github.com/go-ini/ini v1.67.0 @@ -37,6 +38,8 @@ require ( ) require ( + github.com/Masterminds/goutils v1.1.1 // indirect + github.com/Masterminds/semver v1.5.0 // indirect github.com/Masterminds/semver/v3 v3.4.0 // indirect github.com/fsnotify/fsnotify v1.9.0 // indirect github.com/fxamacker/cbor/v2 v2.9.0 // indirect @@ -53,10 +56,16 @@ require ( github.com/go-openapi/swag/yamlutils v0.25.1 // indirect github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/go-viper/mapstructure/v2 v2.4.0 // indirect + github.com/gobuffalo/flect v1.0.3 // indirect github.com/goccy/go-json v0.10.5 // indirect + github.com/goccy/go-yaml v1.18.0 // indirect github.com/google/btree v1.1.3 // indirect github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.3.2 // indirect + github.com/huandu/xstrings v1.3.3 // indirect + github.com/imdario/mergo v0.3.11 // indirect github.com/minio/crc64nvme v1.0.2 // indirect + github.com/mitchellh/copystructure v1.2.0 // indirect + github.com/mitchellh/reflectwalk v1.0.2 // indirect github.com/philhofer/fwd v1.2.0 // indirect github.com/tinylib/msgp v1.3.0 // indirect github.com/x448/float16 v0.8.4 // indirect @@ -65,6 +74,8 @@ require ( go.yaml.in/yaml/v3 v3.0.4 // indirect golang.org/x/mod v0.28.0 // indirect gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect + gopkg.in/yaml.v2 v2.4.0 // indirect + sigs.k8s.io/controller-tools v0.19.0 // indirect sigs.k8s.io/randfill v1.0.0 // indirect sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect ) @@ -80,6 +91,7 @@ require ( github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/dustin/go-humanize v1.0.1 // indirect + github.com/elastic/crd-ref-docs v0.2.0 github.com/emicklei/go-restful/v3 v3.13.0 // indirect github.com/evanphx/json-patch/v5 v5.9.11 // indirect github.com/go-logr/stdr v1.2.2 // indirect diff --git a/go.sum b/go.sum index 164bc7bb1..98d5edfda 100644 --- a/go.sum +++ b/go.sum @@ -1,3 +1,5 @@ +cel.dev/expr v0.24.0 h1:56OvJKSH3hDGL0ml5uSxZmz3/3Pq4tJ+fb1unVLAFcY= +cel.dev/expr v0.24.0/go.mod h1:hLPLo1W4QUmuYdA72RBX06QTs6MXw941piREPl3Yfiw= filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA= filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.19.1 h1:5YTBM8QDVIBN3sxBil89WfdAAqDZbyJTgh688DSxX5w= @@ -12,20 +14,32 @@ github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.6.3 h1:ZJJNFaQ86GVKQ9ehw github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.6.3/go.mod h1:URuDvhmATVKqHBH9/0nOiNKk0+YcwfQ3WkK5PqHKxc8= github.com/AzureAD/microsoft-authentication-library-for-go v1.5.0 h1:XkkQbfMyuH2jTSjQjSoihryI8GINRcs4xp8lNawg0FI= github.com/AzureAD/microsoft-authentication-library-for-go v1.5.0/go.mod h1:HKpQxkWaGLJ+D/5H8QRpyQXA1eKjxkFlOMwck5+33Jk= +github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= +github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= +github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww= +github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= github.com/Masterminds/semver/v3 v3.4.0 h1:Zog+i5UMtVoCU8oKka5P7i9q9HgrJeGzI9SA1Xbatp0= github.com/Masterminds/semver/v3 v3.4.0/go.mod h1:4V+yj/TJE1HU9XfppCwVMZq3I84lprf4nC11bSS5beM= +github.com/Masterminds/sprig v2.22.0+incompatible h1:z4yfnGrZ7netVz+0EDJ0Wi+5VZCSYp4Z0m2dk6cEM60= +github.com/Masterminds/sprig v2.22.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o= github.com/Percona-Lab/percona-version-service v0.0.0-20230324081000-27de445df239 h1:3A878XXdSJGu9JPeOQ7bPe3g7SLkghJqcMFWL8GulLA= github.com/Percona-Lab/percona-version-service v0.0.0-20230324081000-27de445df239/go.mod h1:2gW0U0FS5Bpl2cL9PrmeSb1Vp/5x0zmrN1o5iiiTd9k= +github.com/antlr4-go/antlr/v4 v4.13.1 h1:SqQKkuVZ+zWkMMNkjy5FZe5mr5WURWnlpmOuzYWrPrQ= +github.com/antlr4-go/antlr/v4 v4.13.1/go.mod h1:GKmUxMtwp6ZgGwZSva4eWPC5mS6vUAmOABFgjdkM7Nw= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= +github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM= +github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= github.com/bool64/dev v0.2.29 h1:x+syGyh+0eWtOzQ1ItvLzOGIWyNWnyjXpHIcpF2HvL4= github.com/bool64/dev v0.2.29/go.mod h1:iJbh1y/HkunEPhgebWRNcs8wfGq7sjvJ6W5iabL8ACg= github.com/bool64/shared v0.1.5 h1:fp3eUhBsrSjNCQPcSdQqZxxh9bBwrYiZ+zOKFkM0/2E= github.com/bool64/shared v0.1.5/go.mod h1:081yz68YC9jeFB3+Bbmno2RFWvGKv1lPKkMP6MHJlPs= +github.com/cenkalti/backoff/v5 v5.0.3 h1:ZN+IMa753KfX5hd8vVaMixjnqRZ3y8CuJKRKj1xcsSM= +github.com/cenkalti/backoff/v5 v5.0.3/go.mod h1:rkhZdG3JZukswDf7f0cwqPNk4K0sa+F97BxZthm/crw= github.com/cert-manager/cert-manager v1.19.1 h1:Txh8L/nLWTDcb7ZnXuXbTe15BxQnLbLirXmbNk0fGgY= github.com/cert-manager/cert-manager v1.19.1/go.mod h1:8Ps1VXCQRGKT8zNvLQlhDK1gFKWmYKdIPQFmvTS2JeA= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= @@ -36,12 +50,16 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= +github.com/elastic/crd-ref-docs v0.2.0 h1:U17MyGX71j4qfKTvYxbR4qZGoA1hc2thy7kseGYmP+o= +github.com/elastic/crd-ref-docs v0.2.0/go.mod h1:0bklkJhTG7nC6AVsdDi0wt5bGoqvzdZSzMMQkilZ6XM= github.com/emicklei/go-restful/v3 v3.13.0 h1:C4Bl2xDndpU6nJ4bc1jXd+uTmYPVUwkD6bFY/oTyCes= github.com/emicklei/go-restful/v3 v3.13.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.9.0+incompatible h1:fBXyNpNMuTTDdquAq/uisOr2lShz4oaXpDTX2bLe7ls= github.com/evanphx/json-patch v5.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.9.11 h1:/8HVnzMq13/3x9TPvjG08wUGqBTmZBsCWzjTM0wiaDU= github.com/evanphx/json-patch/v5 v5.9.11/go.mod h1:3j+LviiESTElxA4p3EMKAB9HXj3/XEtnUf6OZxqIQTM= +github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= +github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/flosch/pongo2 v0.0.0-20200913210552-0d938eb266f3 h1:fmFk0Wt3bBxxwZnu48jqMdaOR/IZ4vdtJFuaFV8MpIE= github.com/flosch/pongo2 v0.0.0-20200913210552-0d938eb266f3/go.mod h1:bJWSKrZyQvfTnb2OudyUjurSG4/edverV7n82+K3JiM= github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k= @@ -113,6 +131,8 @@ github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1v github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/go-viper/mapstructure/v2 v2.4.0 h1:EBsztssimR/CONLSZZ04E8qAkxNYq4Qp9LvH92wZUgs= github.com/go-viper/mapstructure/v2 v2.4.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= +github.com/gobuffalo/flect v1.0.3 h1:xeWBM2nui+qnVvNM4S3foBhCAL2XgPU+a7FdpelbTq4= +github.com/gobuffalo/flect v1.0.3/go.mod h1:A5msMlrHtLqh9umBSnvabjsMrCcCpAyzglnDvkbYKHs= github.com/gocarina/gocsv v0.0.0-20230616125104-99d496ca653d h1:KbPOUXFUDJxwZ04vbmDOc3yuruGvVO+LOa7cVER3yWw= github.com/gocarina/gocsv v0.0.0-20230616125104-99d496ca653d/go.mod h1:5YoVOkjYAQumqlV356Hj3xeYh4BdZuLE0/nRkf2NKkI= github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4= @@ -129,6 +149,8 @@ github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg= github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= +github.com/google/cel-go v0.26.0 h1:DPGjXackMpJWH680oGY4lZhYjIameYmR+/6RBdDGmaI= +github.com/google/cel-go v0.26.0/go.mod h1:A9O8OU9rdvrK5MQyrqfIxo1a0u4g3sF8KB6PUIaryMM= github.com/google/gnostic-models v0.7.0 h1:qwTtogB15McXDaNqTZdzPJRHvaVJlAl+HVQnLmJEJxo= github.com/google/gnostic-models v0.7.0/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= @@ -148,8 +170,14 @@ github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3 h1:NmZ1PKzSTQbuGHw9DGPFomqkkLW github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3/go.mod h1:zQrxl1YP88HQlA6i9c63DSVPFklWpGX4OWAc9bFuaH4= github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKeRZfjY= github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/huandu/xstrings v1.3.3 h1:/Gcsuc1x8JVbJ9/rlye4xZnVAbEkGauT8lbebqcQws4= +github.com/huandu/xstrings v1.3.3/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/iancoleman/orderedmap v0.3.0 h1:5cbR2grmZR/DiVt+VJopEhtVs9YGInGIxAoMJn+Ichc= github.com/iancoleman/orderedmap v0.3.0/go.mod h1:XuLcCUkdL5owUCQeF2Ue9uuw1EptkJDkXXS7VoV7XGE= +github.com/imdario/mergo v0.3.11 h1:3tnifQM4i+fbajXKBHXWEH+KvNHqojZ778UH75j3bGA= +github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= +github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= +github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/joshdk/go-junit v1.0.0 h1:S86cUKIdwBHWwA6xCmFlf3RTLfVXYQfvanM5Uh+K6GE= github.com/joshdk/go-junit v1.0.0/go.mod h1:TiiV0PqkaNfFXjEiyjWM3XXrhVyCa1K4Zfga6W52ung= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= @@ -184,6 +212,10 @@ github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34= github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM= github.com/minio/minio-go/v7 v7.0.95 h1:ywOUPg+PebTMTzn9VDsoFJy32ZuARN9zhB+K3IYEvYU= github.com/minio/minio-go/v7 v7.0.95/go.mod h1:wOOX3uxS334vImCNRVyIDdXX9OsXDm89ToynKgqUKlo= +github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= +github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= +github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= +github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/moby/spdystream v0.5.0 h1:7r0J1Si3QO/kjRitvSLVVFUjxMEb/YLj6S9FF62JBCU= github.com/moby/spdystream v0.5.0/go.mod h1:xBAYlnt/ay+11ShkdFKNAG7LsyK/tmNBVvVOwrfMgdI= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -201,8 +233,8 @@ github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= -github.com/onsi/ginkgo v1.15.2 h1:l77YT15o814C2qVL47NOyjV/6RbaP7kKdrvZnxQ3Org= -github.com/onsi/ginkgo v1.15.2/go.mod h1:Dd6YFfwBW84ETqqtL0CPyPXillHgY6XhQH3uuCCTr/o= +github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= +github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= github.com/onsi/ginkgo/v2 v2.27.2 h1:LzwLj0b89qtIy6SSASkzlNvX6WktqurSHwkk2ipF/Ns= github.com/onsi/ginkgo/v2 v2.27.2/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo= github.com/onsi/gomega v1.38.2 h1:eZCjf2xjZAqe+LeWvKb5weQ+NcPwX84kqJ0cZNxok2A= @@ -236,13 +268,22 @@ github.com/sjmudd/stopwatch v0.1.1 h1:x45OvxFB5OtCkjvYtzRF5fWB857Jzjjk84Oyd5C5eb github.com/sjmudd/stopwatch v0.1.1/go.mod h1:BLw0oIQJ1YLXBO/q9ufK/SgnKBVIkC2qrm6uy78Zw6U= github.com/spf13/afero v1.15.0 h1:b/YBCLWAJdFWJTN9cLhiXXcD7mzKn9Dm86dNnfyQw1I= github.com/spf13/afero v1.15.0/go.mod h1:NC2ByUVxtQs4b3sIUphxK0NioZnmxgyCrfzeuq8lxMg= +github.com/spf13/cobra v1.10.1 h1:lJeBwCfmrnXthfAupyUTzJ/J4Nc1RsHC/mSRU2dll/s= +github.com/spf13/cobra v1.10.1/go.mod h1:7SmJGaTHFVBY0jW4NXGluQoLvhqFQM+6XSKD+P4XaB0= github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk= github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stoewer/go-strcase v1.3.1 h1:iS0MdW+kVTxgMoE1LAZyMiYJFKlOzLooE4MxjirtkAs= +github.com/stoewer/go-strcase v1.3.1/go.mod h1:fAH5hQ5pehh+j3nZfvwdk2RgEgQjAoM8wodgtPmh1xo= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/objx v0.5.3 h1:jmXUvGomnU1o3W/V5h2VEradbpJDwGrzugQQvL0POH4= github.com/stretchr/objx v0.5.3/go.mod h1:rDQraq+vQZU7Fde9LOZLr8Tax6zZvy4kuNKF+QYS+U0= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= github.com/swaggest/assertjson v1.9.0 h1:dKu0BfJkIxv/xe//mkCrK5yZbs79jL7OVf9Ija7o2xQ= @@ -280,8 +321,14 @@ go.nhat.io/wait v0.1.0 h1:aQ4YDzaOgFbypiJ9c/eAfOIB1G25VOv7Gd2QS8uz1gw= go.nhat.io/wait v0.1.0/go.mod h1:+ijMghc9/9zXi+HDcs49HNReprvXOZha2Q3jTOtqJrE= go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64= go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 h1:F7Jx+6hwnZ41NSFTO5q4LYDtJRXBf2PD0rNBkeB/lus= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0/go.mod h1:UHB22Z8QsdRDrnAtX4PntOl36ajSxcdUMt1sF7Y6E7Q= go.opentelemetry.io/otel v1.38.0 h1:RkfdswUDRimDg0m2Az18RKOsnI8UDzppJAtj01/Ymk8= go.opentelemetry.io/otel v1.38.0/go.mod h1:zcmtmQ1+YmQM9wrNsTGV/q/uyusom3P8RxwExxkZhjM= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.37.0 h1:Ahq7pZmv87yiyn3jeFz/LekZmPLLdKejuO3NcK9MssM= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.37.0/go.mod h1:MJTqhM0im3mRLw1i8uGHnCvUEeS7VwRyxlLC78PA18M= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.37.0 h1:EtFWSnwW9hGObjkIdmlnWSydO+Qs8OwzfzXLUPg4xOc= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.37.0/go.mod h1:QjUEoiGCPkvFZ/MjK6ZZfNOS6mfVEVKYE99dFhuN2LI= go.opentelemetry.io/otel/metric v1.38.0 h1:Kl6lzIYGAh5M159u9NgiRkmoMKjvbsKtYRwgfrA6WpA= go.opentelemetry.io/otel/metric v1.38.0/go.mod h1:kB5n/QoRM8YwmUahxvI3bO34eVtQf2i4utNVLr9gEmI= go.opentelemetry.io/otel/sdk v1.38.0 h1:l48sr5YbNf2hpCUj/FoGhW9yDkl+Ma+LrVl8qaM5b+E= @@ -290,6 +337,8 @@ go.opentelemetry.io/otel/sdk/metric v1.37.0 h1:90lI228XrB9jCMuSdA0673aubgRobVZFh go.opentelemetry.io/otel/sdk/metric v1.37.0/go.mod h1:cNen4ZWfiD37l5NhS+Keb5RXVWZWpRE+9WyVCpbo5ps= go.opentelemetry.io/otel/trace v1.38.0 h1:Fxk5bKrDZJUH+AMyyIXGcFAPah0oRcT+LuNtJrmcNLE= go.opentelemetry.io/otel/trace v1.38.0/go.mod h1:j1P9ivuFsTceSWe1oY+EeW3sc+Pp42sO++GHkg4wwhs= +go.opentelemetry.io/proto/otlp v1.7.0 h1:jX1VolD6nHuFzOYso2E73H85i92Mv8JQYk0K9vz09os= +go.opentelemetry.io/proto/otlp v1.7.0/go.mod h1:fSKjH6YJ7HDlwzltzyMj036AJ3ejJLCgCSHGj4efDDo= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= @@ -305,6 +354,8 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.43.0 h1:dduJYIi3A3KOfdGOHX8AVZ/jGiyPa3IbBozJ5kNuE04= golang.org/x/crypto v0.43.0/go.mod h1:BFbav4mRNlXJL4wNeejLpWxB7wMbc79PdRGhWKncxR0= +golang.org/x/exp v0.0.0-20250718183923-645b1fa84792 h1:R9PFI6EUdfVKgwKjZef7QIwGcBKu86OEFpJ9nUEP2l4= +golang.org/x/exp v0.0.0-20250718183923-645b1fa84792/go.mod h1:A+z0yzpGtvnG90cToK5n2tu8UJVP2XUATh+r+sfOOOc= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= @@ -349,6 +400,10 @@ golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.37.0 h1:DVSRzp7FwePZW356yEAChSdNcQo6Nsp+fex1SUW09lE= golang.org/x/tools v0.37.0/go.mod h1:MBN5QPQtLMHVdvsbtarmTNukZDdgwdwlO5qGacAzF0w= +golang.org/x/tools/go/expect v0.1.1-deprecated h1:jpBZDwmgPhXsKZC6WhL20P4b/wmnpsEAGHaNy0n/rJM= +golang.org/x/tools/go/expect v0.1.1-deprecated/go.mod h1:eihoPOH+FgIqa3FpoTwguz/bVUSGBlGQU67vpBeOrBY= +golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated h1:1h2MnaIAIXISqTFKdENegdpAgUXz6NrPEsbIeWaBRvM= +golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated/go.mod h1:RVAQXBGNv1ib0J382/DPCRS/BPnsGebyM1Gj5VSDpG8= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -377,7 +432,10 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= k8s.io/api v0.34.1 h1:jC+153630BMdlFukegoEL8E/yT7aLyQkIVuwhmwDgJM= @@ -386,16 +444,24 @@ k8s.io/apiextensions-apiserver v0.34.1 h1:NNPBva8FNAPt1iSVwIE0FsdrVriRXMsaWFMqJb k8s.io/apiextensions-apiserver v0.34.1/go.mod h1:hP9Rld3zF5Ay2Of3BeEpLAToP+l4s5UlxiHfqRaRcMc= k8s.io/apimachinery v0.34.1 h1:dTlxFls/eikpJxmAC7MVE8oOeP1zryV7iRyIjB0gky4= k8s.io/apimachinery v0.34.1/go.mod h1:/GwIlEcWuTX9zKIg2mbw0LRFIsXwrfoVxn+ef0X13lw= +k8s.io/apiserver v0.34.1 h1:U3JBGdgANK3dfFcyknWde1G6X1F4bg7PXuvlqt8lITA= +k8s.io/apiserver v0.34.1/go.mod h1:eOOc9nrVqlBI1AFCvVzsob0OxtPZUCPiUJL45JOTBG0= k8s.io/client-go v0.34.1 h1:ZUPJKgXsnKwVwmKKdPfw4tB58+7/Ik3CrjOEhsiZ7mY= k8s.io/client-go v0.34.1/go.mod h1:kA8v0FP+tk6sZA0yKLRG67LWjqufAoSHA2xVGKw9Of8= +k8s.io/component-base v0.34.1 h1:v7xFgG+ONhytZNFpIz5/kecwD+sUhVE6HU7qQUiRM4A= +k8s.io/component-base v0.34.1/go.mod h1:mknCpLlTSKHzAQJJnnHVKqjxR7gBeHRv0rPXA7gdtQ0= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 h1:Y3gxNAuB0OBLImH611+UDZcmKS3g6CthxToOb37KgwE= k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ= k8s.io/utils v0.0.0-20250820121507-0af2bda4dd1d h1:wAhiDyZ4Tdtt7e46e9M5ZSAJ/MnPGPs+Ki1gHw4w1R0= k8s.io/utils v0.0.0-20250820121507-0af2bda4dd1d/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.33.0 h1:qPrZsv1cwQiFeieFlRqT627fVZ+tyfou/+S5S0H5ua0= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.33.0/go.mod h1:Ve9uj1L+deCXFrPOk1LpFXqTg7LCFzFso6PA48q/XZw= sigs.k8s.io/controller-runtime v0.22.4 h1:GEjV7KV3TY8e+tJ2LCTxUTanW4z/FmNB7l327UfMq9A= sigs.k8s.io/controller-runtime v0.22.4/go.mod h1:+QX1XUpTXN4mLoblf4tqr5CQcyHPAki2HLXqQMY6vh8= +sigs.k8s.io/controller-tools v0.19.0 h1:OU7jrPPiZusryu6YK0jYSjPqg8Vhf8cAzluP9XGI5uk= +sigs.k8s.io/controller-tools v0.19.0/go.mod h1:y5HY/iNDFkmFla2CfQoVb2AQXMsBk4ad84iR1PLANB0= sigs.k8s.io/gateway-api v1.4.0 h1:ZwlNM6zOHq0h3WUX2gfByPs2yAEsy/EenYJB78jpQfQ= sigs.k8s.io/gateway-api v1.4.0/go.mod h1:AR5RSqciWP98OPckEjOjh2XJhAe2Na4LHyXD2FUY7Qk= sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg=