try to support both config styles

charts/postgres-operator/templates/configmap.yaml

@@ -9,13 +9,18 @@ metadata:
     app.kubernetes.io/instance: {{ .Release.Name }}
 data:
   pod_service_account_name: {{ template "postgres-operator.fullname" . }}
-{{ toYaml .Values.config | indent 2 }}
+  docker_image: {{ toYaml .Values.docker_image }}
+  debug_logging: "{{ toYaml .Values.configDebug.debug_logging }}"
+  enable_database_access: "{{ toYaml .Values.configDebug.enable_database_access }}"
+  repair_period: {{ toYaml .Values.repair_period }}
+  resync_period: {{ toYaml .Values.resync_period }}
+  spilo_privileged: "{{ toYaml .Values.spilo_privileged }}"
+{{ toYaml .Values.configMap | indent 2 }}
 {{ toYaml .Values.configUsers | indent 2 }}
 {{ toYaml .Values.configKubernetes | indent 2 }}
 {{ toYaml .Values.configNamespace | indent 2 }}
 {{ toYaml .Values.configTimeouts | indent 2 }}
 {{ toYaml .Values.configLoadBalancer | indent 2 }}
 {{ toYaml .Values.configAwsOrGcp | indent 2 }}
-{{ toYaml .Values.configDebug | indent 2 }}
 {{ toYaml .Values.configTeamsApi | indent 2 }}
 {{ toYaml .Values.configLoggingRestApi | indent 2 }}

charts/postgres-operator/templates/deployment.yaml

@@ -18,7 +18,7 @@ spec:
       annotations:
         checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
         # In order to use the checksum of CRD OperatorConfiguration instead, use the following line instead
-        # checksum/config: {{ include (print $.Template.BasePath "/operatorconfiguration.yaml") . | sha256sum }}
+        # {{ include (print $.Template.BasePath "/operatorconfiguration.yaml") . | sha256sum }}
     {{- if .Values.podAnnotations }}
 {{ toYaml .Values.podAnnotations | indent 8 }}
     {{- end }}

charts/postgres-operator/templates/operatorconfiguration.yaml

@@ -9,18 +9,22 @@ metadata:
     app.kubernetes.io/instance: {{ .Release.Name }}
 configuration:
   pod_service_account_name: operator
-{{ toYaml .Values.config | indent 2 }}
+  docker_image: {{ toYaml .Values.docker_image }}
+  repair_period: {{ toYaml .Values.repair_period }}
+  resync_period: {{ toYaml .Values.resync_period }}
 {{ toYaml .Values.configCRD | indent 2 }}
   users:
 {{ toYaml .Values.configUsers | indent 4 }}
   kubernetes:
+    spilo_privileged: {{ toYaml .Values.spilo_privileged }}
 {{ toYaml .Values.configKubernetes | indent 4 }}
+{{ toYaml .Values.configKubernetesCRD | indent 4 }}
   postgres_pod_resources:
 {{ toYaml .Values.configPostgresPodResources | indent 4 }}
   timeouts:
 {{ toYaml .Values.configTimeouts | indent 4 }}
   load_balancer:
-{{ toYaml .Values.configLoadBalancer | indent 4 }}
+{{ toYaml .Values.configLoadBalancerCRD | indent 4 }}
   aws_or_gcp:
 {{ toYaml .Values.configAwsOrGcp | indent 4 }}
   debug:
@@ -28,6 +32,6 @@ configuration:
   teams_api:
 {{ toYaml .Values.configTeamsApiCRD | indent 4 }}
   logging_rest_api:
-{{ toYaml .Values.configLoggingRestApi | indent 4 }}
+{{ toYaml .Values.configLoggingRestApiCRD | indent 4 }}
   scalyr:
 {{ toYaml .Values.configScalyr | indent 4 }}

charts/postgres-operator/values.yaml

@@ -10,40 +10,52 @@ image:
 # imagePullSecrets:
   # - name: myRegistryKeySecretName
 
+docker_image: registry.opensource.zalan.do/acid/spilo-cdp-11:1.5-p70
 podAnnotations: {}
 podLabels: {}
+repair_period: 5m
+resync_period: 5m
+spilo_privileged: false
 
-config:
+configMap:
   cluster_labels: application:spilo
   cluster_name_label: version
-  docker_image: registry.opensource.zalan.do/acid/spilo-cdp-11:1.5-p70
   workers: "4"
 
 configCRD:
   etcd_host: ""
   min_instances: -1
   max_instances: -1
-  #sidecar_docker_images
-  # example: "exampleimage:exampletag"
+  workers: 4
+  # sidecar_docker_images
+  #  example: "exampleimage:exampletag"
 
 configUsers:
   replication_username: standby
   super_username: postgres
 
 configKubernetes:
-  cluster_labels: application:spilo
-  enable_pod_antiaffinity: "false"
   # inherited_labels: ""
   # infrastructure_roles_secret_name: postgresql-infrastructure-roles
   # node_readiness_label: ""
   # oauth_token_secret_name: postgresql-operator
   # pod_environment_configmap: ""
-  pod_antiaffinity_topology_key: "kubernetes.io/hostname"
   pod_management_policy: "ordered_ready"
   pdb_name_format: "postgres-{cluster}-pdb"
   pod_role_label: spilo-role
+  pod_terminate_grace_period: 5m
   secret_name_template: '{username}.{cluster}.credentials'
-  spilo_privileged: "false"
+
+configKubernetesCRD:
+  cluster_labels:
+      application: spilo
+  cluster_name_label: cluster-name
+  enable_pod_antiaffinity: false
+  pod_antiaffinity_topology_key: "kubernetes.io/hostname"
+  secret_name_template: "{username}.{cluster}.credentials.{tprkind}.{tprgroup}"
+  # inherited_labels:
+  # - application
+  # - app
 
 configNamespace:
   watched_namespace: "*" # listen to all namespaces
@@ -53,28 +65,38 @@ configPostgresPodResources:
   default_memory_request: 100Mi
   default_cpu_limit: "3"
   default_memory_limit: 1Gi
-  # set_memory_request_to_limit: "true"
+  # set_memory_request_to_limit: true
 
 configTimeouts:
   # master_pod_move_timeout: 10m
   pod_deletion_wait_timeout: 10m
   pod_label_wait_timeout: 10m
-  pod_terminate_grace_period: 5m
   ready_wait_interval: 3s
   ready_wait_timeout: 30s
-  resync_period: 5m
-  repair_period: 5m
   resource_check_interval: 3s
   resource_check_timeout: 10m
 
 configLoadBalancer:
   # custom_service_annotations:
-  # "keyx:valuez,keya:valuea"
-  enable_master_load_balancer: "false"
+  #   "keyx:valuez,keya:valuea"
+  enable_master_load_balancer: "true"
   enable_replica_load_balancer: "false"
   master_dns_name_format: '{cluster}.{team}.staging.{hostedzone}'
   replica_dns_name_format: '{cluster}-repl.{team}.staging.{hostedzone}'
 
+configLoadBalancerCRD:
+  # custom_service_annotations:
+  #   keyx: valuez
+  #   keya: valuea
+  enable_master_load_balancer: false
+  enable_replica_load_balancer: false
+  master_dns_name_format: "{cluster}.{team}.{hostedzone}"
+  replica_dns_name_format: "{cluster}-repl.{team}.{hostedzone}"
+
+configDebug:
+  debug_logging: true
+  enable_database_access: true
+
 configAwsOrGcp:
   aws_region: eu-central-1
   db_hosted_zone: db.example.com
@@ -82,13 +104,9 @@ configAwsOrGcp:
   # log_s3_bucket: ""
   # wal_s3_bucket: ""
 
-configDebug:
-  debug_logging: "true"
-  enable_database_access: "true"
-
 configTeamsApi:
-  # enable_admin_role_for_users: "true"
   enable_teams_api: "false"
+  # enable_admin_role_for_users: "true"
   # enable_team_superuser: "false"
   # pam_configuration: https://info.example.com/oauth2/tokeninfo?access_token= uid realm=/employees
   # pam_role_name: zalandos
@@ -98,20 +116,28 @@ configTeamsApi:
   # teams_api_url: http://fake-teams-api.default.svc.cluster.local
 
 configTeamsApiCRD:
-  enable_team_superuser: "false"
+  enable_teams_api: false
+  enable_team_superuser: false
   # pam_configuration: ""
-  pam_role_name: "zalandos"
-  #postgres_superuser_teams: "postgres_superusers"
-  protected_role_names: "admin"
-  team_admin_role: "admin"
-  # team_api_role_configuration: "log_statement:all"
-  # teams_api_url: http://fake-teams-api.default.svc.cluster.local
+  pam_role_name: zalandos
+  # postgres_superuser_teams: "postgres_superusers"
+  protected_role_names:
+  - admin
+  team_admin_role: admin
+  team_api_role_configuration:
+    log_statement: all
+  # teams_api_url: ""
 
 configLoggingRestApi:
   api_port: "8080"
   cluster_history_entries: "1000"
   ring_log_lines: "100"
 
+configLoggingRestApiCRD:
+  api_port: 8080
+  cluster_history_entries: 1000
+  ring_log_lines: 100
+
 scalyr:
   scalyr_cpu_request: 100m
   scalyr_memory_request: 50Mi