From 37ac851d33fdd07f802a8f285bdea21001de47e5 Mon Sep 17 00:00:00 2001 From: Felix Kunde Date: Thu, 20 May 2021 15:53:55 +0200 Subject: [PATCH] some aligning in values.yaml files for teamAPI section --- charts/postgres-operator/values-crd.yaml | 14 +++++--------- charts/postgres-operator/values.yaml | 21 +++++++-------------- 2 files changed, 12 insertions(+), 23 deletions(-) diff --git a/charts/postgres-operator/values-crd.yaml b/charts/postgres-operator/values-crd.yaml index a51c63b4c..bd563a636 100644 --- a/charts/postgres-operator/values-crd.yaml +++ b/charts/postgres-operator/values-crd.yaml @@ -289,14 +289,13 @@ configLogicalBackup: # automate creation of human users with teams API service configTeamsApi: # team_admin_role will have the rights to grant roles coming from PG manifests - # enable_admin_role_for_users: true - + enable_admin_role_for_users: true # operator watches for PostgresTeam CRs to assign additional teams and members to clusters enable_postgres_team_crd: false # toogle to create additional superuser teams from PostgresTeam CRs enable_postgres_team_crd_superusers: false # toggle to automatically rename roles of former team members and deny LOGIN - enable_team_member_deprecation: "false" + enable_team_member_deprecation: false # toggle to grant superuser to team members created from the Teams API enable_team_superuser: false # toggles usage of the Teams API by the operator @@ -307,16 +306,13 @@ configTeamsApi: # operator will add all team member roles to this group and add a pg_hba line pam_role_name: zalandos # List of teams which members need the superuser role in each Postgres cluster - # postgres_superuser_teams: - # - postgres_superusers - + postgres_superuser_teams: + - postgres_superusers # List of roles that cannot be overwritten by an application, team or infrastructure role protected_role_names: - admin - # Suffix to add if members are removed from TeamsAPI or PostgresTeam CRD - # role_deletion_suffix: "_deleted" - + role_deletion_suffix: "_deleted" # role name to grant to team members created from the Teams API team_admin_role: admin # postgres config parameters to apply to each team member role diff --git a/charts/postgres-operator/values.yaml b/charts/postgres-operator/values.yaml index 87bae96fc..120f08c90 100644 --- a/charts/postgres-operator/values.yaml +++ b/charts/postgres-operator/values.yaml @@ -280,8 +280,7 @@ configLogicalBackup: # automate creation of human users with teams API service configTeamsApi: # team_admin_role will have the rights to grant roles coming from PG manifests - # enable_admin_role_for_users: "true" - + enable_admin_role_for_users: "true" # operator watches for PostgresTeam CRs to assign additional teams and members to clusters enable_postgres_team_crd: "false" # toogle to create additional superuser teams from PostgresTeam CRs @@ -296,23 +295,17 @@ configTeamsApi: # pam_configuration: https://info.example.com/oauth2/tokeninfo?access_token= uid realm=/employees # operator will add all team member roles to this group and add a pg_hba line - # pam_role_name: zalandos - + pam_role_name: zalandos # List of teams which members need the superuser role in each Postgres cluster - # postgres_superuser_teams: "postgres_superusers" - + postgres_superuser_teams: "postgres_superusers" # List of roles that cannot be overwritten by an application, team or infrastructure role - # protected_role_names: "admin" - + protected_role_names: "admin" # Suffix to add if members are removed from TeamsAPI or PostgresTeam CRD - # role_deletion_suffix: "_deleted" - + role_deletion_suffix: "_deleted" # role name to grant to team members created from the Teams API - # team_admin_role: "admin" - + team_admin_role: "admin" # postgres config parameters to apply to each team member role - # team_api_role_configuration: "log_statement:all" - + team_api_role_configuration: "log_statement:all" # URL of the Teams API service # teams_api_url: http://fake-teams-api.default.svc.cluster.local