adding securityEnabled flag in helm crd

api/v1/aerospikecluster_validating_webhook.go

@@ -1300,17 +1300,9 @@ func validateEnableSecurityConfig(newConfSpec, oldConfSpec *AerospikeConfigSpec)
 		oldSecFlag, oldEnableSecurityFlagFound := oldSec.(map[string]interface{})["enable-security"]
 		newSecFlag, newEnableSecurityFlagFound := newSec.(map[string]interface{})["enable-security"]
 
-		if oldEnableSecurityFlagFound && oldSecFlag.(bool) && !newEnableSecurityFlagFound {
+		if oldEnableSecurityFlagFound && oldSecFlag.(bool) && (!newEnableSecurityFlagFound || !newSecFlag.(bool)) {
 			return fmt.Errorf("cannot disable cluster security in running cluster")
 		}
-
-		if oldEnableSecurityFlagFound && newEnableSecurityFlagFound || !reflect.DeepEqual(
-			oldSecFlag, newSecFlag,
-		) {
-			if oldSecFlag.(bool) && !newSecFlag.(bool) {
-				return fmt.Errorf("cannot disable cluster security in running cluster")
-			}
-		}
 	}
 
 	return nil

helm-charts/aerospike-kubernetes-operator/crds/customresourcedefinition_aerospikeclusters.asdb.aerospike.com.yaml

@@ -14209,6 +14209,10 @@ spec:
                       description: PodSpecHash is ripemd160 hash of PodSpec used by
                         this pod
                       type: string
+                    securityEnabled:
+                      description: SecurityEnabled is true if security is enabled
+                        in the pod
+                      type: boolean
                     servicePort:
                       description: ServicePort is the port Aerospike clients outside
                         K8s can connect to.
@@ -14221,6 +14225,7 @@ spec:
                   - podIP
                   - podPort
                   - podSpecHash
+                  - securityEnabled
                   type: object
                 description: Pods has Aerospike specific status of the pods. This
                   is map instead of the conventional map as list convention to allow