Merge branch 'master' into rediscacheaction-reboot

Azure · Jun 3, 2020 · 75a17e6 · 75a17e6
2 parents c9d015d + 5505998
commit 75a17e6
Show file tree

Hide file tree

Showing 53 changed files with 1,249 additions and 56 deletions.
diff --git a/PROJECT b/PROJECT
@@ -53,9 +53,11 @@ resources:
 - group: azure
   version: v1alpha1
   kind: PostgreSQLFirewallRule
+- group: azure
+  kind: PostgreSQLUser
+  version: v1alpha1
 - group: azure
   version: v1alpha1
-  kind: APIMgmtAPI
 - group: azure
   version: v1alpha1
   kind: ApimService
@@ -130,4 +132,4 @@ resources:
   version: v1alpha1
 - group: azure
   kind: AzureVirtualMachineExtension
-  version: v1alpha1
+  version: v1alpha1
diff --git a/api/v1alpha1/aso_types.go b/api/v1alpha1/aso_types.go
@@ -22,6 +22,7 @@ type ASOStatus struct {
 	CompletedAt        *metav1.Time `json:"completed,omitempty"`
 	FailedProvisioning bool         `json:"failedProvisioning,omitempty"`
 	FlattenedSecrets   bool         `json:"flattenedSecrets,omitempty"`
+	Output             string       `json:"output,omitempty"`
 }
 
 // GenericSpec is a struct to help get the KeyVaultName from the Spec

diff --git a/api/v1alpha1/postgresqluser_types.go b/api/v1alpha1/postgresqluser_types.go
@@ -0,0 +1,59 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
+
+// PostgreSQLUserSpec defines the desired state of PostgreSqlUser
+type PostgreSQLUserSpec struct {
+	// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
+	// Important: Run "make" to regenerate code after modifying this file
+	Server        string   `json:"server"`
+	DbName        string   `json:"dbName"`
+	ResourceGroup string   `json:"resourceGroup,omitempty"`
+	Roles         []string `json:"roles"`
+	// optional
+	AdminSecret            string `json:"adminSecret,omitempty"`
+	AdminSecretKeyVault    string `json:"adminSecretKeyVault,omitempty"`
+	Username               string `json:"username,omitempty"`
+	KeyVaultToStoreSecrets string `json:"keyVaultToStoreSecrets,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:subresource:status
+
+// PostgreSQLUser is the Schema for the postgresqlusers API
+// +kubebuilder:resource:shortName=psqlu,path=psqluser
+// +kubebuilder:printcolumn:name="Provisioned",type="string",JSONPath=".status.provisioned"
+// +kubebuilder:printcolumn:name="Message",type="string",JSONPath=".status.message"
+type PostgreSQLUser struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   PostgreSQLUserSpec `json:"spec,omitempty"`
+	Status ASOStatus          `json:"status,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// PostgreSQLUserList contains a list of PostgreSQLUser
+type PostgreSQLUserList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []PostgreSQLUser `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&PostgreSQLUser{}, &PostgreSQLUserList{})
+}
+
+// IsSubmitted checks if psqluser is provisioning
+func (s *PostgreSQLUser) IsSubmitted() bool {
+	return s.Status.Provisioning || s.Status.Provisioned
+}
diff --git a/api/v1alpha1/rediscache_types.go b/api/v1alpha1/rediscache_types.go
@@ -30,6 +30,7 @@ type RedisCacheProperties struct {
 	EnableNonSslPort bool              `json:"enableNonSslPort,omitempty"`
 	SubnetID         string            `json:"subnetId,omitempty"`
 	StaticIP         string            `json:"staticIp,omitempty"`
+	ShardCount       *int32            `json:"shardCount,omitempty"`
 	Configuration    map[string]string `json:"configuration,omitempty"`
 }
 

diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
diff --git a/api/v1alpha2/aso_types.go b/api/v1alpha2/aso_types.go
@@ -22,6 +22,7 @@ type ASOStatus struct {
 	CompletedAt        *metav1.Time `json:"completed,omitempty"`
 	FailedProvisioning bool         `json:"failedProvisioning,omitempty"`
 	FlattenedSecrets   bool         `json:"flattenedSecrets,omitempty"`
+	Output             string       `json:"output,omitempty"`
 }
 
 // GenericSpec is a struct to help get the KeyVaultName from the Spec

diff --git a/api/v1beta1/aso_types.go b/api/v1beta1/aso_types.go
@@ -22,6 +22,7 @@ type ASOStatus struct {
 	CompletedAt        *metav1.Time `json:"completed,omitempty"`
 	FailedProvisioning bool         `json:"failedProvisioning,omitempty"`
 	FlattenedSecrets   bool         `json:"flattenedSecrets,omitempty"`
+	Output             string       `json:"output,omitempty"`
 }
 
 // GenericSpec is a struct to help get the KeyVaultName from the Spec

diff --git a/charts/azure-service-operator-0.1.0.tgz b/charts/azure-service-operator-0.1.0.tgz
diff --git a/charts/index.yaml b/charts/index.yaml
@@ -3,19 +3,19 @@ entries:
   azure-service-operator:
   - apiVersion: v2
     appVersion: 0.1.0
-    created: "2020-06-01T12:41:48.174129-06:00"
+    created: "2020-06-02T09:40:24.98057+08:00"
     dependencies:
     - condition: azureUseMI
       name: aad-pod-identity
       repository: https://raw.githubusercontent.com/Azure/aad-pod-identity/master/charts
       version: 1.5.5
     description: Deploy components and dependencies of azure-service-operator
-    digest: ec95181a3e59179bfdb3bd92989613b1469104a39e6054acea90382795b1fe2d
+    digest: b549a78f07f6dca8a8f761cd65791ca8cad73b3bf90b03891101fa2cd70e3de8
     home: https://github.com/Azure/azure-service-operator
     name: azure-service-operator
     sources:
     - https://github.com/Azure/azure-service-operator
     urls:
     - azure-service-operator-0.1.0.tgz
     version: 0.1.0
-generated: "2020-06-01T12:41:48.169188-06:00"
+generated: "2020-06-02T09:40:24.976336+08:00"
diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml
@@ -22,6 +22,7 @@ resources:
 - bases/azure.microsoft.com_postgresqldatabases.yaml
 - bases/azure.microsoft.com_postgresqlfirewallrules.yaml
 - bases/azure.microsoft.com_postgresqlvnetrules.yaml
+- bases/azure.microsoft.com_postgresqlusers.yaml
 - bases/azure.microsoft.com_apimservices.yaml
 - bases/azure.microsoft.com_apimgmtapis.yaml
 - bases/azure.microsoft.com_virtualnetworks.yaml

diff --git a/config/crd/patches/cainjection_in_apimgmtapis.yaml b/config/crd/patches/cainjection_in_apimgmtapis.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
   name: apimgmtapis.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_apimservices.yaml b/config/crd/patches/cainjection_in_apimservices.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
   name: apimservices.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_azureloadbalancers.yaml b/config/crd/patches/cainjection_in_azureloadbalancers.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
   name: azureloadbalancers.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_azurenetworkinterfaces.yaml b/config/crd/patches/cainjection_in_azurenetworkinterfaces.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
   name: azurenetworkinterfaces.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_azurepublicipaddresses.yaml b/config/crd/patches/cainjection_in_azurepublicipaddresses.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
   name: azurepublicipaddresses.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_azuresqlmanagedusers.yaml b/config/crd/patches/cainjection_in_azuresqlmanagedusers.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
   name: azuresqlmanagedusers.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_azuresqlusers.yaml b/config/crd/patches/cainjection_in_azuresqlusers.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
   name: azuresqlusers.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_azuresqlvnetrules.yaml b/config/crd/patches/cainjection_in_azuresqlvnetrules.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
   name: azuresqlvnetrules.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_azurevirtualmachineextensions.yaml b/config/crd/patches/cainjection_in_azurevirtualmachineextensions.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
   name: azurevirtualmachineextensions.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_azurevirtualmachines.yaml b/config/crd/patches/cainjection_in_azurevirtualmachines.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
   name: azurevirtualmachines.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_azurevmscalesets.yaml b/config/crd/patches/cainjection_in_azurevmscalesets.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
   name: azurevmscalesets.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_cosmosdbs.yaml b/config/crd/patches/cainjection_in_cosmosdbs.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    ccert-manager.io/inject-ca-from: $(NAMESPACE)/$(CERTIFICATENAME)
+    cert-manager.io/inject-ca-from: $(NAMESPACE)/$(CERTIFICATENAME)
   name: cosmosdbs.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_keyvaultkeys.yaml b/config/crd/patches/cainjection_in_keyvaultkeys.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
   name: keyvaultkeys.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_mysqldatabases.yaml b/config/crd/patches/cainjection_in_mysqldatabases.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
   name: mysqldatabases.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_mysqlfirewallrules.yaml b/config/crd/patches/cainjection_in_mysqlfirewallrules.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
   name: mysqlfirewallrules.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_mysqlvnetrules.yaml b/config/crd/patches/cainjection_in_mysqlvnetrules.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
   name: mysqlvnetrules.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_postgresqlusers.yaml b/config/crd/patches/cainjection_in_postgresqlusers.yaml
@@ -0,0 +1,8 @@
+# The following patch adds a directive for certmanager to inject CA into the CRD
+# CRD conversion requires k8s 1.13 or later.
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+  name: psqlusers.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_postgresqlvnetrules.yaml b/config/crd/patches/cainjection_in_postgresqlvnetrules.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
   name: postgresqlvnetrules.azure.microsoft.com
diff --git a/config/crd/patches/cainjection_in_rediscacheactions.yaml b/config/crd/patches/cainjection_in_rediscacheactions.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    certmanager.k8s.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
   name: rediscacheactions.azure.microsoft.com
diff --git a/config/crd/patches/webhook_in_postgresqlusers.yaml b/config/crd/patches/webhook_in_postgresqlusers.yaml
@@ -0,0 +1,17 @@
+# The following patch enables conversion webhook for CRD
+# CRD conversion requires k8s 1.13 or later.
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: postgresqlusers.azure.microsoft.com
+spec:
+  conversion:
+    strategy: Webhook
+    webhookClientConfig:
+      # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
+      # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
+      caBundle: Cg==
+      service:
+        namespace: system
+        name: webhook-service
+        path: /convert