From 7618578aec43efa032686613d087af37106a7001 Mon Sep 17 00:00:00 2001 From: AWS Controllers for Kubernetes Bot <82905295+ack-bot@users.noreply.github.com> Date: Fri, 22 Dec 2023 15:01:46 -0600 Subject: [PATCH] operator ack-opensearchservice-controller (0.0.19) --- .../0.0.19/bundle.Dockerfile | 21 + ...vice-controller.clusterserviceversion.yaml | 265 ++++++++++ ...rchservice-metrics-service_v1_service.yaml | 16 + ...der_rbac.authorization.k8s.io_v1_role.yaml | 14 + ...ter_rbac.authorization.k8s.io_v1_role.yaml | 26 + ...earchservice.services.k8s.aws_domains.yaml | 475 ++++++++++++++++++ .../0.0.19/metadata/annotations.yaml | 15 + .../0.0.19/tests/scorecard/config.yaml | 50 ++ 8 files changed, 882 insertions(+) create mode 100644 operators/ack-opensearchservice-controller/0.0.19/bundle.Dockerfile create mode 100644 operators/ack-opensearchservice-controller/0.0.19/manifests/ack-opensearchservice-controller.clusterserviceversion.yaml create mode 100644 operators/ack-opensearchservice-controller/0.0.19/manifests/ack-opensearchservice-metrics-service_v1_service.yaml create mode 100644 operators/ack-opensearchservice-controller/0.0.19/manifests/ack-opensearchservice-reader_rbac.authorization.k8s.io_v1_role.yaml create mode 100644 operators/ack-opensearchservice-controller/0.0.19/manifests/ack-opensearchservice-writer_rbac.authorization.k8s.io_v1_role.yaml create mode 100644 operators/ack-opensearchservice-controller/0.0.19/manifests/opensearchservice.services.k8s.aws_domains.yaml create mode 100644 operators/ack-opensearchservice-controller/0.0.19/metadata/annotations.yaml create mode 100644 operators/ack-opensearchservice-controller/0.0.19/tests/scorecard/config.yaml diff --git a/operators/ack-opensearchservice-controller/0.0.19/bundle.Dockerfile b/operators/ack-opensearchservice-controller/0.0.19/bundle.Dockerfile new file mode 100644 index 00000000000..7af9121d082 --- /dev/null +++ b/operators/ack-opensearchservice-controller/0.0.19/bundle.Dockerfile @@ -0,0 +1,21 @@ +FROM scratch + +# Core bundle labels. +LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 +LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ +LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ +LABEL operators.operatorframework.io.bundle.package.v1=ack-opensearchservice-controller +LABEL operators.operatorframework.io.bundle.channels.v1=alpha +LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha +LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.28.0 +LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 +LABEL operators.operatorframework.io.metrics.project_layout=unknown + +# Labels for testing. +LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1 +LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/ + +# Copy files to locations specified by labels. +COPY bundle/manifests /manifests/ +COPY bundle/metadata /metadata/ +COPY bundle/tests/scorecard /tests/scorecard/ diff --git a/operators/ack-opensearchservice-controller/0.0.19/manifests/ack-opensearchservice-controller.clusterserviceversion.yaml b/operators/ack-opensearchservice-controller/0.0.19/manifests/ack-opensearchservice-controller.clusterserviceversion.yaml new file mode 100644 index 00000000000..4d80b3c939a --- /dev/null +++ b/operators/ack-opensearchservice-controller/0.0.19/manifests/ack-opensearchservice-controller.clusterserviceversion.yaml @@ -0,0 +1,265 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "opensearchservice.services.k8s.aws/v1alpha1", + "kind": "Domain", + "metadata": { + "name": "example" + }, + "spec": {} + } + ] + capabilities: Basic Install + categories: Cloud Provider + certified: "false" + containerImage: public.ecr.aws/aws-controllers-k8s/opensearchservice-controller:0.0.19 + createdAt: "2023-12-22T20:51:20Z" + description: AWS OpenSearch Service controller is a service controller for managing + OpenSearch Service resources in Kubernetes + operatorframework.io/suggested-namespace: ack-system + operators.operatorframework.io/builder: operator-sdk-v1.28.0 + operators.operatorframework.io/project_layout: unknown + repository: https://github.com/aws-controllers-k8s + support: Community + name: ack-opensearchservice-controller.v0.0.19 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: Domain represents the state of an AWS opensearchservice Domain + resource. + displayName: Domain + kind: Domain + name: domains.opensearchservice.services.k8s.aws + version: v1alpha1 + description: |- + Manage OpenSearch Service resources in AWS from within your Kubernetes cluster. + + **About Amazon OpenSearch Service** + + Amazon OpenSearch Service (successor to Amazon Elasticsearch Service) is a managed service that makes it easy to deploy, operate, and scale OpenSearch clusters in the AWS Cloud. Amazon OpenSearch Service supports OpenSearch and legacy Elasticsearch OSS. When you create a cluster, you have the option of which search engine to use. OpenSearch Service offers broad compatibility with Elasticsearch OSS 7.10, the final open source version of the software. For information about what changed with the recent service renaming, and the actions you might need to take, see [Amazon OpenSearch Service - Summary of changes](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/rename.html). + + **About the AWS Controllers for Kubernetes** + + This controller is a component of the [AWS Controller for Kubernetes](https://github.com/aws/aws-controllers-k8s) project. This project is currently in **developer preview**. + + **Pre-Installation Steps** + + Please follow the following link: [Red Hat OpenShift](https://aws-controllers-k8s.github.io/community/docs/user-docs/openshift/) + displayName: AWS Controllers for Kubernetes - Amazon OpenSearch Service + icon: + - base64data: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDE5LjAuMSwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IkxheWVyXzEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IiB2aWV3Qm94PSIwIDAgMzA0IDE4MiIgc3R5bGU9ImVuYWJsZS1iYWNrZ3JvdW5kOm5ldyAwIDAgMzA0IDE4MjsiIHhtbDpzcGFjZT0icHJlc2VydmUiPgo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgoJLnN0MHtmaWxsOiMyNTJGM0U7fQoJLnN0MXtmaWxsLXJ1bGU6ZXZlbm9kZDtjbGlwLXJ1bGU6ZXZlbm9kZDtmaWxsOiNGRjk5MDA7fQo8L3N0eWxlPgo8Zz4KCTxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik04Ni40LDY2LjRjMCwzLjcsMC40LDYuNywxLjEsOC45YzAuOCwyLjIsMS44LDQuNiwzLjIsNy4yYzAuNSwwLjgsMC43LDEuNiwwLjcsMi4zYzAsMS0wLjYsMi0xLjksM2wtNi4zLDQuMiAgIGMtMC45LDAuNi0xLjgsMC45LTIuNiwwLjljLTEsMC0yLTAuNS0zLTEuNEM3Ni4yLDkwLDc1LDg4LjQsNzQsODYuOGMtMS0xLjctMi0zLjYtMy4xLTUuOWMtNy44LDkuMi0xNy42LDEzLjgtMjkuNCwxMy44ICAgYy04LjQsMC0xNS4xLTIuNC0yMC03LjJjLTQuOS00LjgtNy40LTExLjItNy40LTE5LjJjMC04LjUsMy0xNS40LDkuMS0yMC42YzYuMS01LjIsMTQuMi03LjgsMjQuNS03LjhjMy40LDAsNi45LDAuMywxMC42LDAuOCAgIGMzLjcsMC41LDcuNSwxLjMsMTEuNSwyLjJ2LTcuM2MwLTcuNi0xLjYtMTIuOS00LjctMTZjLTMuMi0zLjEtOC42LTQuNi0xNi4zLTQuNmMtMy41LDAtNy4xLDAuNC0xMC44LDEuM2MtMy43LDAuOS03LjMsMi0xMC44LDMuNCAgIGMtMS42LDAuNy0yLjgsMS4xLTMuNSwxLjNjLTAuNywwLjItMS4yLDAuMy0xLjYsMC4zYy0xLjQsMC0yLjEtMS0yLjEtMy4xdi00LjljMC0xLjYsMC4yLTIuOCwwLjctMy41YzAuNS0wLjcsMS40LTEuNCwyLjgtMi4xICAgYzMuNS0xLjgsNy43LTMuMywxMi42LTQuNWM0LjktMS4zLDEwLjEtMS45LDE1LjYtMS45YzExLjksMCwyMC42LDIuNywyNi4yLDguMWM1LjUsNS40LDguMywxMy42LDguMywyNC42VjY2LjR6IE00NS44LDgxLjYgICBjMy4zLDAsNi43LTAuNiwxMC4zLTEuOGMzLjYtMS4yLDYuOC0zLjQsOS41LTYuNGMxLjYtMS45LDIuOC00LDMuNC02LjRjMC42LTIuNCwxLTUuMywxLTguN3YtNC4yYy0yLjktMC43LTYtMS4zLTkuMi0xLjcgICBjLTMuMi0wLjQtNi4zLTAuNi05LjQtMC42Yy02LjcsMC0xMS42LDEuMy0xNC45LDRjLTMuMywyLjctNC45LDYuNS00LjksMTEuNWMwLDQuNywxLjIsOC4yLDMuNywxMC42ICAgQzM3LjcsODAuNCw0MS4yLDgxLjYsNDUuOCw4MS42eiBNMTI2LjEsOTIuNGMtMS44LDAtMy0wLjMtMy44LTFjLTAuOC0wLjYtMS41LTItMi4xLTMuOUw5Ni43LDEwLjJjLTAuNi0yLTAuOS0zLjMtMC45LTQgICBjMC0xLjYsMC44LTIuNSwyLjQtMi41aDkuOGMxLjksMCwzLjIsMC4zLDMuOSwxYzAuOCwwLjYsMS40LDIsMiwzLjlsMTYuOCw2Ni4ybDE1LjYtNjYuMmMwLjUtMiwxLjEtMy4zLDEuOS0zLjljMC44LTAuNiwyLjItMSw0LTEgICBoOGMxLjksMCwzLjIsMC4zLDQsMWMwLjgsMC42LDEuNSwyLDEuOSwzLjlsMTUuOCw2N2wxNy4zLTY3YzAuNi0yLDEuMy0zLjMsMi0zLjljMC44LTAuNiwyLjEtMSwzLjktMWg5LjNjMS42LDAsMi41LDAuOCwyLjUsMi41ICAgYzAsMC41LTAuMSwxLTAuMiwxLjZjLTAuMSwwLjYtMC4zLDEuNC0wLjcsMi41bC0yNC4xLDc3LjNjLTAuNiwyLTEuMywzLjMtMi4xLDMuOWMtMC44LDAuNi0yLjEsMS0zLjgsMWgtOC42Yy0xLjksMC0zLjItMC4zLTQtMSAgIGMtMC44LTAuNy0xLjUtMi0xLjktNEwxNTYsMjNsLTE1LjQsNjQuNGMtMC41LDItMS4xLDMuMy0xLjksNGMtMC44LDAuNy0yLjIsMS00LDFIMTI2LjF6IE0yNTQuNiw5NS4xYy01LjIsMC0xMC40LTAuNi0xNS40LTEuOCAgIGMtNS0xLjItOC45LTIuNS0xMS41LTRjLTEuNi0wLjktMi43LTEuOS0zLjEtMi44Yy0wLjQtMC45LTAuNi0xLjktMC42LTIuOHYtNS4xYzAtMi4xLDAuOC0zLjEsMi4zLTMuMWMwLjYsMCwxLjIsMC4xLDEuOCwwLjMgICBjMC42LDAuMiwxLjUsMC42LDIuNSwxYzMuNCwxLjUsNy4xLDIuNywxMSwzLjVjNCwwLjgsNy45LDEuMiwxMS45LDEuMmM2LjMsMCwxMS4yLTEuMSwxNC42LTMuM2MzLjQtMi4yLDUuMi01LjQsNS4yLTkuNSAgIGMwLTIuOC0wLjktNS4xLTIuNy03Yy0xLjgtMS45LTUuMi0zLjYtMTAuMS01LjJMMjQ2LDUyYy03LjMtMi4zLTEyLjctNS43LTE2LTEwLjJjLTMuMy00LjQtNS05LjMtNS0xNC41YzAtNC4yLDAuOS03LjksMi43LTExLjEgICBjMS44LTMuMiw0LjItNiw3LjItOC4yYzMtMi4zLDYuNC00LDEwLjQtNS4yYzQtMS4yLDguMi0xLjcsMTIuNi0xLjdjMi4yLDAsNC41LDAuMSw2LjcsMC40YzIuMywwLjMsNC40LDAuNyw2LjUsMS4xICAgYzIsMC41LDMuOSwxLDUuNywxLjZjMS44LDAuNiwzLjIsMS4yLDQuMiwxLjhjMS40LDAuOCwyLjQsMS42LDMsMi41YzAuNiwwLjgsMC45LDEuOSwwLjksMy4zdjQuN2MwLDIuMS0wLjgsMy4yLTIuMywzLjIgICBjLTAuOCwwLTIuMS0wLjQtMy44LTEuMmMtNS43LTIuNi0xMi4xLTMuOS0xOS4yLTMuOWMtNS43LDAtMTAuMiwwLjktMTMuMywyLjhjLTMuMSwxLjktNC43LDQuOC00LjcsOC45YzAsMi44LDEsNS4yLDMsNy4xICAgYzIsMS45LDUuNywzLjgsMTEsNS41bDE0LjIsNC41YzcuMiwyLjMsMTIuNCw1LjUsMTUuNSw5LjZjMy4xLDQuMSw0LjYsOC44LDQuNiwxNGMwLDQuMy0wLjksOC4yLTIuNiwxMS42ICAgYy0xLjgsMy40LTQuMiw2LjQtNy4zLDguOGMtMy4xLDIuNS02LjgsNC4zLTExLjEsNS42QzI2NC40LDk0LjQsMjU5LjcsOTUuMSwyNTQuNiw5NS4xeiIvPgoJPGc+CgkJPHBhdGggY2xhc3M9InN0MSIgZD0iTTI3My41LDE0My43Yy0zMi45LDI0LjMtODAuNywzNy4yLTEyMS44LDM3LjJjLTU3LjYsMC0xMDkuNS0yMS4zLTE0OC43LTU2LjdjLTMuMS0yLjgtMC4zLTYuNiwzLjQtNC40ICAgIGM0Mi40LDI0LjYsOTQuNywzOS41LDE0OC44LDM5LjVjMzYuNSwwLDc2LjYtNy42LDExMy41LTIzLjJDMjc0LjIsMTMzLjYsMjc4LjksMTM5LjcsMjczLjUsMTQzLjd6Ii8+CgkJPHBhdGggY2xhc3M9InN0MSIgZD0iTTI4Ny4yLDEyOC4xYy00LjItNS40LTI3LjgtMi42LTM4LjUtMS4zYy0zLjIsMC40LTMuNy0yLjQtMC44LTQuNWMxOC44LTEzLjIsNDkuNy05LjQsNTMuMy01ICAgIGMzLjYsNC41LTEsMzUuNC0xOC42LDUwLjJjLTIuNywyLjMtNS4zLDEuMS00LjEtMS45QzI4Mi41LDE1NS43LDI5MS40LDEzMy40LDI4Ny4yLDEyOC4xeiIvPgoJPC9nPgo8L2c+Cjwvc3ZnPg== + mediatype: image/svg+xml + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - patch + - watch + - apiGroups: + - opensearchservice.services.k8s.aws + resources: + - domains + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - opensearchservice.services.k8s.aws + resources: + - domains/status + verbs: + - get + - patch + - update + - apiGroups: + - services.k8s.aws + resources: + - adoptedresources + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - services.k8s.aws + resources: + - adoptedresources/status + verbs: + - get + - patch + - update + - apiGroups: + - services.k8s.aws + resources: + - fieldexports + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - services.k8s.aws + resources: + - fieldexports/status + verbs: + - get + - patch + - update + serviceAccountName: ack-opensearchservice-controller + deployments: + - label: + app.kubernetes.io/name: ack-opensearchservice-controller + app.kubernetes.io/part-of: ack-system + name: ack-opensearchservice-controller + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: ack-opensearchservice-controller + strategy: {} + template: + metadata: + labels: + app.kubernetes.io/name: ack-opensearchservice-controller + spec: + containers: + - args: + - --aws-region + - $(AWS_REGION) + - --aws-endpoint-url + - $(AWS_ENDPOINT_URL) + - --enable-development-logging=$(ACK_ENABLE_DEVELOPMENT_LOGGING) + - --log-level + - $(ACK_LOG_LEVEL) + - --resource-tags + - $(ACK_RESOURCE_TAGS) + - --watch-namespace + - $(ACK_WATCH_NAMESPACE) + - --enable-leader-election=$(ENABLE_LEADER_ELECTION) + - --leader-election-namespace + - $(LEADER_ELECTION_NAMESPACE) + command: + - ./bin/controller + env: + - name: ACK_SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: ack-opensearchservice-user-config + optional: false + - secretRef: + name: ack-opensearchservice-user-secrets + optional: true + image: public.ecr.aws/aws-controllers-k8s/opensearchservice-controller:0.0.19 + name: controller + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 100m + memory: 300Mi + requests: + cpu: 100m + memory: 200Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + runAsNonRoot: true + dnsPolicy: ClusterFirst + securityContext: + seccompProfile: + type: RuntimeDefault + serviceAccountName: ack-opensearchservice-controller + terminationGracePeriodSeconds: 10 + permissions: + - rules: + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + serviceAccountName: ack-opensearchservice-controller + strategy: deployment + installModes: + - supported: true + type: AllNamespaces + keywords: + - opensearchservice + - aws + - amazon + - ack + links: + - name: AWS Controllers for Kubernetes + url: https://github.com/aws-controllers-k8s/community + - name: Documentation + url: https://aws-controllers-k8s.github.io/community/ + - name: Amazon OpenSearch Service Developer Resources + url: https://aws.amazon.com/opensearch-service/resources/ + maintainers: + - email: ack-maintainers@amazon.com + name: opensearch service maintainer team + maturity: alpha + provider: + name: Amazon, Inc. + url: https://aws.amazon.com + version: 0.0.19 diff --git a/operators/ack-opensearchservice-controller/0.0.19/manifests/ack-opensearchservice-metrics-service_v1_service.yaml b/operators/ack-opensearchservice-controller/0.0.19/manifests/ack-opensearchservice-metrics-service_v1_service.yaml new file mode 100644 index 00000000000..18d485852e5 --- /dev/null +++ b/operators/ack-opensearchservice-controller/0.0.19/manifests/ack-opensearchservice-metrics-service_v1_service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + name: ack-opensearchservice-metrics-service +spec: + ports: + - name: metricsport + port: 8080 + protocol: TCP + targetPort: http + selector: + app.kubernetes.io/name: ack-opensearchservice-controller + type: NodePort +status: + loadBalancer: {} diff --git a/operators/ack-opensearchservice-controller/0.0.19/manifests/ack-opensearchservice-reader_rbac.authorization.k8s.io_v1_role.yaml b/operators/ack-opensearchservice-controller/0.0.19/manifests/ack-opensearchservice-reader_rbac.authorization.k8s.io_v1_role.yaml new file mode 100644 index 00000000000..f2b11d6523f --- /dev/null +++ b/operators/ack-opensearchservice-controller/0.0.19/manifests/ack-opensearchservice-reader_rbac.authorization.k8s.io_v1_role.yaml @@ -0,0 +1,14 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: ack-opensearchservice-reader +rules: +- apiGroups: + - opensearchservice.services.k8s.aws + resources: + - domains + verbs: + - get + - list + - watch diff --git a/operators/ack-opensearchservice-controller/0.0.19/manifests/ack-opensearchservice-writer_rbac.authorization.k8s.io_v1_role.yaml b/operators/ack-opensearchservice-controller/0.0.19/manifests/ack-opensearchservice-writer_rbac.authorization.k8s.io_v1_role.yaml new file mode 100644 index 00000000000..e7b6171bddb --- /dev/null +++ b/operators/ack-opensearchservice-controller/0.0.19/manifests/ack-opensearchservice-writer_rbac.authorization.k8s.io_v1_role.yaml @@ -0,0 +1,26 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: ack-opensearchservice-writer +rules: +- apiGroups: + - opensearchservice.services.k8s.aws + resources: + - domains + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - opensearchservice.services.k8s.aws + resources: + - domains + verbs: + - get + - patch + - update diff --git a/operators/ack-opensearchservice-controller/0.0.19/manifests/opensearchservice.services.k8s.aws_domains.yaml b/operators/ack-opensearchservice-controller/0.0.19/manifests/opensearchservice.services.k8s.aws_domains.yaml new file mode 100644 index 00000000000..e3135c5d803 --- /dev/null +++ b/operators/ack-opensearchservice-controller/0.0.19/manifests/opensearchservice.services.k8s.aws_domains.yaml @@ -0,0 +1,475 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: domains.opensearchservice.services.k8s.aws +spec: + group: opensearchservice.services.k8s.aws + names: + kind: Domain + listKind: DomainList + plural: domains + singular: domain + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Domain is the Schema for the Domains API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DomainSpec defines the desired state of Domain. + properties: + accessPolicies: + description: IAM access policy as a JSON-formatted string. + type: string + advancedOptions: + additionalProperties: + type: string + description: Option to allow references to indices in an HTTP request + body. Must be false when configuring access to individual sub-resources. + By default, the value is true. See Advanced cluster parameters (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options) + for more information. + type: object + advancedSecurityOptions: + description: Specifies advanced security options. + properties: + anonymousAuthEnabled: + type: boolean + enabled: + type: boolean + internalUserDatabaseEnabled: + type: boolean + masterUserOptions: + description: 'Credentials for the master user: username and password, + ARN, or both.' + properties: + masterUserARN: + description: The Amazon Resource Name (ARN) of the domain. + See Identifiers for IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) + in Using AWS Identity and Access Management for more information. + type: string + masterUserName: + type: string + masterUserPassword: + description: SecretKeyReference combines a k8s corev1.SecretReference + with a specific key within the referred-to Secret + properties: + key: + description: Key is the key within the secret + type: string + name: + description: name is unique within a namespace to reference + a secret resource. + type: string + namespace: + description: namespace defines the space within which + the secret name must be unique. + type: string + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + sAMLOptions: + description: The SAML application configuration for the domain. + properties: + enabled: + type: boolean + idp: + description: The SAML identity povider's information. + properties: + entityID: + type: string + metadataContent: + type: string + type: object + masterBackendRole: + type: string + masterUserName: + type: string + rolesKey: + type: string + sessionTimeoutMinutes: + format: int64 + type: integer + subjectKey: + type: string + type: object + type: object + autoTuneOptions: + description: Specifies Auto-Tune options. + properties: + desiredState: + description: The Auto-Tune desired state. Valid values are ENABLED + and DISABLED. + type: string + maintenanceSchedules: + items: + description: Specifies the Auto-Tune maintenance schedule. See + Auto-Tune for Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html) + for more information. + properties: + cronExpressionForRecurrence: + type: string + duration: + description: 'The maintenance schedule duration: duration + value and duration unit. See Auto-Tune for Amazon OpenSearch + Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html) + for more information.' + properties: + unit: + description: The unit of a maintenance schedule duration. + Valid value is HOUR. See Auto-Tune for Amazon OpenSearch + Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html) + for more information. + type: string + value: + description: Integer to specify the value of a maintenance + schedule duration. See Auto-Tune for Amazon OpenSearch + Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html) + for more information. + format: int64 + type: integer + type: object + startAt: + format: date-time + type: string + type: object + type: array + type: object + clusterConfig: + description: Configuration options for a domain. Specifies the instance + type and number of instances in the domain. + properties: + coldStorageOptions: + description: Specifies the configuration for cold storage options + such as enabled + properties: + enabled: + type: boolean + type: object + dedicatedMasterCount: + format: int64 + type: integer + dedicatedMasterEnabled: + type: boolean + dedicatedMasterType: + type: string + instanceCount: + format: int64 + type: integer + instanceType: + type: string + warmCount: + format: int64 + type: integer + warmEnabled: + type: boolean + warmType: + type: string + zoneAwarenessConfig: + description: The zone awareness configuration for the domain cluster, + such as the number of availability zones. + properties: + availabilityZoneCount: + format: int64 + type: integer + type: object + zoneAwarenessEnabled: + type: boolean + type: object + cognitoOptions: + description: Options to specify the Cognito user and identity pools + for OpenSearch Dashboards authentication. For more information, + see Configuring Amazon Cognito authentication for OpenSearch Dashboards + (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html). + properties: + enabled: + type: boolean + identityPoolID: + type: string + roleARN: + type: string + userPoolID: + type: string + type: object + domainEndpointOptions: + description: Options to specify configurations that will be applied + to the domain endpoint. + properties: + customEndpoint: + type: string + customEndpointCertificateARN: + description: The Amazon Resource Name (ARN) of the domain. See + Identifiers for IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) + in Using AWS Identity and Access Management for more information. + type: string + customEndpointEnabled: + type: boolean + enforceHTTPS: + type: boolean + tlsSecurityPolicy: + type: string + type: object + ebsOptions: + description: Options to enable, disable, and specify the type and + size of EBS storage volumes. + properties: + ebsEnabled: + type: boolean + iops: + format: int64 + type: integer + throughput: + format: int64 + type: integer + volumeSize: + format: int64 + type: integer + volumeType: + description: The type of EBS volume, standard, gp2, gp3 or io1. + See Configuring EBS-based Storage (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/opensearch-createupdatedomains.html#opensearch-createdomain-configure-ebs) + for more information. + type: string + type: object + encryptionAtRestOptions: + description: Options for encryption of data at rest. + properties: + enabled: + type: boolean + kmsKeyID: + type: string + type: object + engineVersion: + description: String of format Elasticsearch_X.Y or OpenSearch_X.Y + to specify the engine version for the Amazon OpenSearch Service + domain. For example, "OpenSearch_1.0" or "Elasticsearch_7.9". For + more information, see Creating and managing Amazon OpenSearch Service + domains (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomains). + type: string + logPublishingOptions: + additionalProperties: + description: "Log Publishing option that is set for a given domain. + Attributes and their details: * CloudWatchLogsLogGroupArn: ARN + of the Cloudwatch log group to publish logs to. \n * Enabled: + Whether the log publishing for a given log type is enabled or + not." + properties: + cloudWatchLogsLogGroupARN: + description: ARN of the Cloudwatch log group to publish logs + to. + type: string + enabled: + type: boolean + type: object + description: Map of LogType and LogPublishingOption, each containing + options to publish a given type of OpenSearch log. + type: object + name: + description: 'The name of the Amazon OpenSearch Service domain you''re + creating. Domain names are unique across the domains owned by an + account within an AWS region. Domain names must start with a lowercase + letter and can contain the following characters: a-z (lowercase), + 0-9, and - (hyphen).' + type: string + nodeToNodeEncryptionOptions: + description: Node-to-node encryption options. + properties: + enabled: + type: boolean + type: object + tags: + description: A list of Tag added during domain creation. + items: + description: A key value pair for a resource tag. + properties: + key: + description: A string of length from 1 to 128 characters that + specifies the key for a tag. Tag keys must be unique for the + domain to which they're attached. + type: string + value: + description: A string of length from 0 to 256 characters that + specifies the value for a tag. Tag values can be null and + don't have to be unique in a tag set. + type: string + type: object + type: array + vpcOptions: + description: Options to specify the subnets and security groups for + a VPC endpoint. For more information, see Launching your Amazon + OpenSearch Service domains using a VPC (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html). + properties: + securityGroupIDs: + items: + type: string + type: array + subnetIDs: + items: + type: string + type: array + type: object + required: + - name + type: object + status: + description: DomainStatus defines the observed state of Domain + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + changeProgressDetails: + description: Specifies change details of the domain configuration + change. + properties: + changeID: + type: string + message: + type: string + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + created: + description: The domain creation status. True if the creation of a + domain is complete. False if domain creation is still in progress. + type: boolean + deleted: + description: The domain deletion status. True if a delete request + has been received for the domain but resource cleanup is still in + progress. False if the domain has not been deleted. Once domain + deletion is complete, the status of the domain is no longer returned. + type: boolean + domainID: + description: The unique identifier for the specified domain. + type: string + endpoint: + description: The domain endpoint that you use to submit index and + search requests. + type: string + endpoints: + additionalProperties: + type: string + description: 'Map containing the domain endpoints used to submit index + and search requests. Example key, value: ''vpc'',''vpc-endpoint-h2dsd34efgyghrtguk5gt6j2foh4.us-east-1.es.amazonaws.com''.' + type: object + processing: + description: The status of the domain configuration. True if Amazon + OpenSearch Service is processing configuration changes. False if + the configuration is active. + type: boolean + serviceSoftwareOptions: + description: The current status of the domain's service software. + properties: + automatedUpdateDate: + format: date-time + type: string + cancellable: + type: boolean + currentVersion: + type: string + description: + type: string + newVersion: + type: string + optionalDeployment: + type: boolean + updateAvailable: + type: boolean + updateStatus: + type: string + type: object + snapshotOptions: + description: The status of the SnapshotOptions. + properties: + automatedSnapshotStartHour: + format: int64 + type: integer + type: object + upgradeProcessing: + description: The status of a domain version upgrade. True if Amazon + OpenSearch Service is undergoing a version upgrade. False if the + configuration is active. + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-opensearchservice-controller/0.0.19/metadata/annotations.yaml b/operators/ack-opensearchservice-controller/0.0.19/metadata/annotations.yaml new file mode 100644 index 00000000000..3e37339fe93 --- /dev/null +++ b/operators/ack-opensearchservice-controller/0.0.19/metadata/annotations.yaml @@ -0,0 +1,15 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: ack-opensearchservice-controller + operators.operatorframework.io.bundle.channels.v1: alpha + operators.operatorframework.io.bundle.channel.default.v1: alpha + operators.operatorframework.io.metrics.builder: operator-sdk-v1.28.0 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: unknown + + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ diff --git a/operators/ack-opensearchservice-controller/0.0.19/tests/scorecard/config.yaml b/operators/ack-opensearchservice-controller/0.0.19/tests/scorecard/config.yaml new file mode 100644 index 00000000000..382ddefd156 --- /dev/null +++ b/operators/ack-opensearchservice-controller/0.0.19/tests/scorecard/config.yaml @@ -0,0 +1,50 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.7.1 + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.7.1 + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.7.1 + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.7.1 + labels: + suite: olm + test: olm-spec-descriptors-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {}