diff --git a/charts/postgres-operator/templates/customrresourcedefinition.yaml b/charts/postgres-operator/templates/customrresourcedefinition.yaml index 18ce8af3b..02bedcc2c 100644 --- a/charts/postgres-operator/templates/customrresourcedefinition.yaml +++ b/charts/postgres-operator/templates/customrresourcedefinition.yaml @@ -56,9 +56,20 @@ spec: status: {} validation: openAPIV3Schema: + type: object required: + - kind + - apiVersion - spec properties: + kind: + type: string + enum: + - postgresql + apiVersion: + type: string + enum: + - acid.zalan.do/v1 spec: type: object required: @@ -68,6 +79,7 @@ spec: properties: allowedSourceRanges: type: array + nullable: true items: type: string pattern: '^(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\/(\d|[1-2]\d|3[0-2])$' @@ -148,6 +160,8 @@ spec: type: integer maximum_lag_on_failover: type: integer + pod_priority_class_name: # deprecated + type: string podPriorityClassName: type: string postgresql: @@ -375,15 +389,25 @@ spec: status: {} validation: openAPIV3Schema: + type: object required: + - kind + - apiVersion - configuration properties: + kind: + type: string + enum: + - OperatorConfiguration + apiVersion: + type: string + enum: + - acid.zalan.do/v1 configuration: type: object properties: etcd_host: type: string - nullable: true docker_image: type: string max_instances: @@ -466,7 +490,6 @@ spec: type: string watched_namespace: type: string - nullable: true postgres_pod_resources: type: object properties: diff --git a/manifests/operatorconfiguration.crd.yaml b/manifests/operatorconfiguration.crd.yaml index 9f622d1a3..4772bf1ca 100644 --- a/manifests/operatorconfiguration.crd.yaml +++ b/manifests/operatorconfiguration.crd.yaml @@ -16,15 +16,25 @@ spec: status: {} validation: openAPIV3Schema: + type: object required: + - kind + - apiVersion - configuration properties: + kind: + type: string + enum: + - OperatorConfiguration + apiVersion: + type: string + enum: + - acid.zalan.do/v1 configuration: type: object properties: etcd_host: type: string - nullable: true docker_image: type: string max_instances: @@ -107,7 +117,6 @@ spec: type: string watched_namespace: type: string - nullable: true postgres_pod_resources: type: object properties: diff --git a/manifests/postgresql-operator-default-configuration.yaml b/manifests/postgresql-operator-default-configuration.yaml index 8a730c503..37a18e8dd 100644 --- a/manifests/postgresql-operator-default-configuration.yaml +++ b/manifests/postgresql-operator-default-configuration.yaml @@ -36,7 +36,7 @@ configuration: oauth_token_secret_name: postgresql-operator pdb_name_format: "postgres-{cluster}-pdb" pod_antiaffinity_topology_key: "kubernetes.io/hostname" - # pod_environment_configmap: "" + pod_environment_configmap: "" pod_management_policy: "ordered_ready" pod_role_label: spilo-role pod_service_account_name: operator @@ -44,8 +44,8 @@ configuration: secret_name_template: "{username}.{cluster}.credentials.{tprkind}.{tprgroup}" # spilo_fsgroup: 103 spilo_privileged: false - # toleration: {} - # watched_namespace: "" + toleration: {} + watched_namespace: "" postgres_pod_resources: default_cpu_limit: "3" default_cpu_request: 100m @@ -59,7 +59,7 @@ configuration: resource_check_interval: 3s resource_check_timeout: 10m load_balancer: - # db_hosted_zone: "" + db_hosted_zone: "" enable_master_load_balancer: false enable_replica_load_balancer: false # custom_service_annotations: @@ -71,9 +71,9 @@ configuration: # additional_secret_mount: "some-secret-name" # additional_secret_mount_path: "/some/dir" aws_region: eu-central-1 - # kube_iam_role: "" - # log_s3_bucket: "" - # wal_s3_bucket: "" + kube_iam_role: "" + log_s3_bucket: "" + wal_s3_bucket: "" logical_backup: log_s3_bucket: "" logical_backup_docker_image: "registry.opensource.zalan.do/acid/logical-backup" @@ -90,7 +90,7 @@ configuration: # enable_admin_role_for_users: true enable_team_superuser: false enable_teams_api: false - # pam_configuration: "" + pam_configuration: "" pam_role_name: zalandos # postgres_superuser_teams: # - postgres_superusers diff --git a/manifests/postgresql.crd.yaml b/manifests/postgresql.crd.yaml index 57657f50e..faf1f8c10 100644 --- a/manifests/postgresql.crd.yaml +++ b/manifests/postgresql.crd.yaml @@ -16,18 +16,31 @@ spec: status: {} validation: openAPIV3Schema: + type: object required: + - kind + - apiVersion - spec properties: + kind: + type: string + enum: + - postgresql + apiVersion: + type: string + enum: + - acid.zalan.do/v1 spec: type: object required: - numberOfInstances - teamId - postgresql + additionalProperties: true properties: allowedSourceRanges: type: array + nullable: true items: type: string pattern: '^(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\/(\d|[1-2]\d|3[0-2])$' @@ -108,6 +121,8 @@ spec: type: integer maximum_lag_on_failover: type: integer + pod_priority_class_name: # deprecated + type: string podPriorityClassName: type: string postgresql: diff --git a/pkg/apis/acid.zalan.do/v1/crds.go b/pkg/apis/acid.zalan.do/v1/crds.go index 0b18319d8..d03100711 100644 --- a/pkg/apis/acid.zalan.do/v1/crds.go +++ b/pkg/apis/acid.zalan.do/v1/crds.go @@ -1,7 +1,7 @@ package v1 import ( - "github.com/zalando/postgres-operator/pkg/apis/acid.zalan.do" + acidzalando "github.com/zalando/postgres-operator/pkg/apis/acid.zalan.do" apiextv1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -110,14 +110,31 @@ var minDisable = -1.0 // PostgresCRDResourceValidation to check applied manifest parameters var PostgresCRDResourceValidation = apiextv1beta1.JSONSchemaProps{ Type: "object", - Required: []string{"spec"}, + Required: []string{"kind", "apiVersion", "spec"}, Properties: map[string]apiextv1beta1.JSONSchemaProps{ + "kind": { + Type: "string", + Enum: []apiextv1beta1.JSON{ + { + Raw: []byte(`"postgresql"`), + }, + }, + }, + "apiVersion": { + Type: "string", + Enum: []apiextv1beta1.JSON{ + { + Raw: []byte(`"acid.zalan.do/v1"`), + }, + }, + }, "spec": { Type: "object", Required: []string{"numberOfInstances", "teamId", "postgresql"}, Properties: map[string]apiextv1beta1.JSONSchemaProps{ "allowedSourceRanges": { - Type: "array", + Type: "array", + Nullable: true, Items: &apiextv1beta1.JSONSchemaPropsOrArray{ Schema: &apiextv1beta1.JSONSchemaProps{ Type: "string", @@ -524,14 +541,29 @@ var PostgresCRDResourceValidation = apiextv1beta1.JSONSchemaProps{ // OperatorConfigCRDResourceValidation to check applied manifest parameters var OperatorConfigCRDResourceValidation = apiextv1beta1.JSONSchemaProps{ Type: "object", - Required: []string{"configuration"}, + Required: []string{"kind", "apiVersion", "configuration"}, Properties: map[string]apiextv1beta1.JSONSchemaProps{ + "kind": { + Type: "string", + Enum: []apiextv1beta1.JSON{ + { + Raw: []byte(`"OperatorConfiguration"`), + }, + }, + }, + "apiVersion": { + Type: "string", + Enum: []apiextv1beta1.JSON{ + { + Raw: []byte(`"acid.zalan.do/v1"`), + }, + }, + }, "configuration": { Type: "object", Properties: map[string]apiextv1beta1.JSONSchemaProps{ "etcd_host": { - Type: "string", - Nullable: true, + Type: "string", }, "docker_image": { Type: "string", @@ -663,8 +695,7 @@ var OperatorConfigCRDResourceValidation = apiextv1beta1.JSONSchemaProps{ }, }, "watched_namespace": { - Type: "string", - Nullable: true, + Type: "string", }, }, }, @@ -808,8 +839,7 @@ var OperatorConfigCRDResourceValidation = apiextv1beta1.JSONSchemaProps{ Type: "string", }, "postgres_superuser_teams": { - Type: "array", - Nullable: true, + Type: "array", Items: &apiextv1beta1.JSONSchemaPropsOrArray{ Schema: &apiextv1beta1.JSONSchemaProps{ Type: "string", @@ -817,8 +847,7 @@ var OperatorConfigCRDResourceValidation = apiextv1beta1.JSONSchemaProps{ }, }, "protected_role_names": { - Type: "array", - Nullable: true, + Type: "array", Items: &apiextv1beta1.JSONSchemaPropsOrArray{ Schema: &apiextv1beta1.JSONSchemaProps{ Type: "string",