Merge branch 'master' into mi-doc-update

Makefile

@@ -71,7 +71,9 @@ test-existing-managers: generate fmt vet manifests
 	./pkg/resourcemanager/psql/firewallrule/... \
 	./pkg/resourcemanager/appinsights/... \
 	./pkg/resourcemanager/vnet/... \
-	./pkg/resourcemanager/apim/apimgmt...
+	./pkg/resourcemanager/apim/apimgmt... \
+	./pkg/secrets/...
+
 
 # Cleanup resource groups azure created by tests using pattern matching 't-rg-'
 test-cleanup-azure-resources: 	

PROJECT

@@ -71,3 +71,12 @@ resources:
 - group: azure
   version: v1alpha1
   kind: AzureSQLVNetRule
+- group: azure
+  version: v1alpha1
+  kind: MySQLServer
+- group: azure
+  version: v1alpha1
+  kind: MySQLDatabase
+- group: azure
+  version: v1alpha1
+  kind: MySQLFirewallRule

README.md

@@ -32,8 +32,17 @@ This project maintains [releases of the Azure Service Operator](https://github.c
 1. [Resource Group](/docs/resourcegroup/resourcegroup.md)
 2. [EventHub](/docs/eventhub/eventhub.md)
 3. [Azure SQL](/docs/azuresql/azuresql.md)
-
-For more information on troubleshooting resources, refer to [this](/docs/viewresources.md) link
+4. [Azure Keyvault](/docs/keyvault/keyvault.md)
+5. [Azure Rediscache](/docs/rediscache/rediscache.md)
+6. [Storage Account](/docs/storage/storageaccount.md)
+7. [Blob container](/docs/storage/blobcontainer.md)
+8. [Azure Database for PostgreSQL](/docs/postgresql/postgresql.md)
+9. [Virtual Network](/docs/virtualnetwork/virtualnetwork.md)
+10.[Application Insights](/docs/appinsights/appinsights.md)
+11.[API Management](/docs/apimgmt/apimgmt.md)
+12.[Cosmos DB](/docs/cosmosdb/cosmosdb.md)
+
+For more information on deploying, troubleshooting & deleting resources, refer to [this](/docs/customresource.md) link
 
 ## Building the operators
 

api/v1alpha1/aso_types.go

@@ -15,6 +15,7 @@ type ASOStatus struct {
 	State              string       `json:"state,omitempty"`
 	Message            string       `json:"message,omitempty"`
 	ResourceId         string       `json:"resourceId,omitempty"`
+	PollingURL         string       `json:"pollingUrl,omitempty"`
 	SpecHash           string       `json:"specHash,omitempty"`
 	ContainsUpdate     bool         `json:"containsUpdate,omitempty"`
 	RequestedAt        *metav1.Time `json:"requested,omitempty"`

api/v1alpha1/keyvault_types.go

@@ -14,6 +14,7 @@ type KeyVaultSpec struct {
 	EnableSoftDelete bool                 `json:"enableSoftDelete,omitempty"`
 	NetworkPolicies  *NetworkRuleSet      `json:"networkPolicies,omitempty"`
 	AccessPolicies   *[]AccessPolicyEntry `json:"accessPolicies,omitempty"`
+	Sku              KeyVaultSku          `json:"sku,omitempty"`
 }
 
 type NetworkRuleSet struct {
@@ -38,6 +39,13 @@ type AccessPolicyEntry struct {
 	Permissions *Permissions `json:"permissions,omitempty"`
 }
 
+// KeyVaultSku the SKU of the Key Vault
+type KeyVaultSku struct {
+	// Name - The SKU name. Required for account creation; optional for update.
+	// Possible values include: 'Premium', `Standard`
+	Name string `json:"name,omitempty"`
+}
+
 type Permissions struct {
 	Keys         *[]string `json:"keys,omitempty"`
 	Secrets      *[]string `json:"secrets,omitempty"`

api/v1alpha1/mysqldatabase_types.go

@@ -0,0 +1,42 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
+
+// MySQLDatabaseSpec defines the desired state of MySQLDatabase
+type MySQLDatabaseSpec struct {
+	ResourceGroup string `json:"resourceGroup,omitempty"`
+	Server        string `json:"server,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:subresource:status
+
+// MySQLDatabase is the Schema for the mysqldatabases API
+type MySQLDatabase struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   MySQLDatabaseSpec `json:"spec,omitempty"`
+	Status ASOStatus         `json:"status,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// MySQLDatabaseList contains a list of MySQLDatabase
+type MySQLDatabaseList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []MySQLDatabase `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&MySQLDatabase{}, &MySQLDatabaseList{})
+}

api/v1alpha1/mysqlfirewallrule_types.go

@@ -0,0 +1,44 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
+
+// MySQLFirewallRuleSpec defines the desired state of MySQLFirewallRule
+type MySQLFirewallRuleSpec struct {
+	ResourceGroup  string `json:"resourceGroup"`
+	Server         string `json:"server"`
+	StartIPAddress string `json:"startIpAddress"`
+	EndIPAddress   string `json:"endIpAddress"`
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:subresource:status
+
+// MySQLFirewallRule is the Schema for the mysqlfirewallrules API
+type MySQLFirewallRule struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   MySQLFirewallRuleSpec `json:"spec,omitempty"`
+	Status ASOStatus             `json:"status,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// MySQLFirewallRuleList contains a list of MySQLFirewallRule
+type MySQLFirewallRuleList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []MySQLFirewallRule `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&MySQLFirewallRule{}, &MySQLFirewallRuleList{})
+}

api/v1alpha1/mysqlserver_types.go

@@ -0,0 +1,68 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
+
+// MySQLServerSpec defines the desired state of MySQLServer
+type MySQLServerSpec struct {
+	Location               string             `json:"location"`
+	ResourceGroup          string             `json:"resourceGroup,omitempty"`
+	Sku                    AzureDBsSQLSku     `json:"sku,omitempty"`
+	ServerVersion          ServerVersion      `json:"serverVersion,omitempty"`
+	SSLEnforcement         SslEnforcementEnum `json:"sslEnforcement,omitempty"`
+	KeyVaultToStoreSecrets string             `json:"keyVaultToStoreSecrets,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:subresource:status
+
+// MySQLServer is the Schema for the mysqlservers API
+type MySQLServer struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   MySQLServerSpec `json:"spec,omitempty"`
+	Status ASOStatus       `json:"status,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// MySQLServerList contains a list of MySQLServer
+type MySQLServerList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []MySQLServer `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&MySQLServer{}, &MySQLServerList{})
+}
+
+func NewDefaultMySQLServer(name, resourceGroup, location string) *MySQLServer {
+	return &MySQLServer{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      name,
+			Namespace: "default",
+		},
+		Spec: MySQLServerSpec{
+			Location:      location,
+			ResourceGroup: resourceGroup,
+			Sku: AzureDBsSQLSku{
+				Name:     "B_Gen5_2",
+				Tier:     SkuTier("Basic"),
+				Family:   "Gen5",
+				Size:     "51200",
+				Capacity: 2,
+			},
+			ServerVersion:  ServerVersion("8.0"),
+			SSLEnforcement: SslEnforcementEnumEnabled,
+		},
+	}
+}

api/v1alpha1/postgresqlserver_types.go

@@ -14,13 +14,13 @@ import (
 type PostgreSQLServerSpec struct {
 	Location               string             `json:"location"`
 	ResourceGroup          string             `json:"resourceGroup,omitempty"`
-	Sku                    PSQLSku            `json:"sku,omitempty"`
+	Sku                    AzureDBsSQLSku     `json:"sku,omitempty"`
 	ServerVersion          ServerVersion      `json:"serverVersion,omitempty"`
 	SSLEnforcement         SslEnforcementEnum `json:"sslEnforcement,omitempty"`
 	KeyVaultToStoreSecrets string             `json:"keyVaultToStoreSecrets,omitempty"`
 }
 
-type PSQLSku struct {
+type AzureDBsSQLSku struct {
 	// Name - The name of the sku, typically, tier + family + cores, e.g. B_Gen4_1, GP_Gen5_8.
 	Name string `json:"name,omitempty"`
 	// Tier - The tier of the particular SKU, e.g. Basic. Possible values include: 'Basic', 'GeneralPurpose', 'MemoryOptimized'

config/crd/kustomization.yaml

@@ -28,6 +28,9 @@ resources:
 
 - bases/azure.microsoft.com_keyvaultkeys.yaml
 - bases/azure.microsoft.com_azuresqlvnetrules.yaml
+- bases/azure.microsoft.com_mysqlservers.yaml
+- bases/azure.microsoft.com_mysqldatabases.yaml
+- bases/azure.microsoft.com_mysqlfirewallrules.yaml
 # +kubebuilder:scaffold:crdkustomizeresource
 
 #patches:
@@ -54,6 +57,9 @@ resources:
 #- patches/webhook_in_virtualnetworks.yaml
 #- patches/webhook_in_keyvaultkeys.yaml
 #- patches/webhook_in_azuresqlvnetrules.yaml
+#- patches/webhook_in_mysqlservers.yaml
+#- patches/webhook_in_mysqldatabases.yaml
+#- patches/webhook_in_mysqlfirewallrules.yaml
 # +kubebuilder:scaffold:crdkustomizewebhookpatch
 
 # [CAINJECTION] patches here are for enabling the CA injection for each CRD
@@ -79,6 +85,9 @@ resources:
 #- patches/cainjection_in_virtualnetworks.yaml
 #- patches/cainjection_in_keyvaultkeys.yaml
 #- patches/cainjection_in_azuresqlvnetrules.yaml
+#- patches/cainjection_in_mysqlservers.yaml
+#- patches/cainjection_in_mysqldatabases.yaml
+#- patches/cainjection_in_mysqlfirewallrules.yaml
 # +kubebuilder:scaffold:crdkustomizecainjectionpatch
 
 # the following config is for teaching kustomize how to do kustomization for CRDs.

config/crd/patches/cainjection_in_mysqldatabases.yaml

@@ -0,0 +1,8 @@
+# The following patch adds a directive for certmanager to inject CA into the CRD
+# CRD conversion requires k8s 1.13 or later.
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+  name: mysqldatabases.azure.microsoft.com

config/crd/patches/cainjection_in_mysqlfirewallrules.yaml

@@ -0,0 +1,8 @@
+# The following patch adds a directive for certmanager to inject CA into the CRD
+# CRD conversion requires k8s 1.13 or later.
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+  name: mysqlfirewallrules.azure.microsoft.com

config/crd/patches/cainjection_in_mysqlservers.yaml

@@ -0,0 +1,8 @@
+# The following patch adds a directive for certmanager to inject CA into the CRD
+# CRD conversion requires k8s 1.13 or later.
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+  name: mysqlservers.azure.microsoft.com

config/crd/patches/webhook_in_mysqldatabases.yaml

@@ -0,0 +1,17 @@
+# The following patch enables conversion webhook for CRD
+# CRD conversion requires k8s 1.13 or later.
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: mysqldatabases.azure.microsoft.com
+spec:
+  conversion:
+    strategy: Webhook
+    webhookClientConfig:
+      # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
+      # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
+      caBundle: Cg==
+      service:
+        namespace: system
+        name: webhook-service
+        path: /convert

config/crd/patches/webhook_in_mysqlfirewallrules.yaml

@@ -0,0 +1,17 @@
+# The following patch enables conversion webhook for CRD
+# CRD conversion requires k8s 1.13 or later.
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: mysqlfirewallrules.azure.microsoft.com
+spec:
+  conversion:
+    strategy: Webhook
+    webhookClientConfig:
+      # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
+      # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
+      caBundle: Cg==
+      service:
+        namespace: system
+        name: webhook-service
+        path: /convert

config/crd/patches/webhook_in_mysqlservers.yaml

@@ -0,0 +1,17 @@
+# The following patch enables conversion webhook for CRD
+# CRD conversion requires k8s 1.13 or later.
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: mysqlservers.azure.microsoft.com
+spec:
+  conversion:
+    strategy: Webhook
+    webhookClientConfig:
+      # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
+      # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
+      caBundle: Cg==
+      service:
+        namespace: system
+        name: webhook-service
+        path: /convert

config/samples/azure_v1alpha1_keyvault.yaml

@@ -9,6 +9,9 @@ spec:
   resourceGroup: resourcegroup-azure-operators
   location: westus
   enableSoftDelete: false
+  # possible values for sku.Name are "Standard" or "Premium"  
+  sku:
+    name: standard
   networkPolicies: 
     bypass: AzureServices # AzureServices or None
     defaultAction: Allow # Allow or Deny

config/samples/azure_v1alpha1_keyvault_simple.yaml

@@ -9,3 +9,6 @@ spec:
   resourceGroup: resourcegroup-azure-operators
   location: westus
   enableSoftDelete: false
+  # Optional: possible values for sku.Name are "Standard" or "Premium". Default is "Standard"  
+  #sku:
+  #  name: standard

config/samples/azure_v1alpha1_mysqldatabase.yaml

@@ -0,0 +1,7 @@
+apiVersion: azure.microsoft.com/v1alpha1
+kind: MySQLDatabase
+metadata:
+  name: mysqldatabase-sample
+spec:
+  resourceGroup: resourcegroup-azure-operators
+  server: mysqlserver-sample

config/samples/azure_v1alpha1_mysqlfirewallrule.yaml

@@ -0,0 +1,9 @@
+apiVersion: azure.microsoft.com/v1alpha1
+kind: MySQLFirewallRule
+metadata:
+  name: mysqlfirewallrule-sample
+spec:
+  resourceGroup: resourcegroup-azure-operators
+  server: mysqlserver-sample
+  startIpAddress: 0.0.0.0
+  endIpAddress: 0.0.0.0