From afbbfde5378364d87e75ae20c2e2da2257b29217 Mon Sep 17 00:00:00 2001 From: ako-releaser Date: Mon, 11 Nov 2024 13:59:21 +0000 Subject: [PATCH] [autogenerated] update CRDs and RBAC 11779962619 --- ...las.mongodb.com_atlasprivateendpoints.yaml | 320 ++++++++++++++++++ charts/atlas-operator/rbac.yaml | 236 +------------ 2 files changed, 336 insertions(+), 220 deletions(-) create mode 100644 charts/atlas-operator-crds/templates/atlas.mongodb.com_atlasprivateendpoints.yaml diff --git a/charts/atlas-operator-crds/templates/atlas.mongodb.com_atlasprivateendpoints.yaml b/charts/atlas-operator-crds/templates/atlas.mongodb.com_atlasprivateendpoints.yaml new file mode 100644 index 00000000..d915d9ac --- /dev/null +++ b/charts/atlas-operator-crds/templates/atlas.mongodb.com_atlasprivateendpoints.yaml @@ -0,0 +1,320 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.1 + creationTimestamp: null + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: mongodb-atlas-kubernetes-operator + app.kubernetes.io/name: mongodb-atlas-kubernetes-operator + name: atlasprivateendpoints.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + categories: + - atlas + kind: AtlasPrivateEndpoint + listKind: AtlasPrivateEndpointList + plural: atlasprivateendpoints + shortNames: + - pe + singular: atlasprivateendpoint + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.provider + name: Provider + type: string + - jsonPath: .spec.region + name: Region + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + name: v1 + schema: + openAPIV3Schema: + description: |- + The AtlasPrivateEndpoint custom resource definition (CRD) defines a desired [Private Endpoint](https://www.mongodb.com/docs/atlas/security-private-endpoint/#std-label-private-endpoint-overview) configuration for an Atlas project. + It allows a private connection between your cloud provider and Atlas that doesn't send information through a public network. + + You can use private endpoints to create a unidirectional connection to Atlas clusters from your virtual network. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: AtlasPrivateEndpointSpec is the specification of the desired + configuration of a project private endpoint + properties: + awsConfiguration: + description: AWSConfiguration is the specific AWS settings for the + private endpoint + items: + description: AWSPrivateEndpointConfiguration holds the AWS configuration + done on customer network + properties: + id: + description: ID that identifies the private endpoint's network + interface that someone added to this private endpoint service. + type: string + required: + - id + type: object + type: array + azureConfiguration: + description: AzureConfiguration is the specific Azure settings for + the private endpoint + items: + description: AzurePrivateEndpointConfiguration holds the Azure configuration + done on customer network + properties: + id: + description: ID that identifies the private endpoint's network + interface that someone added to this private endpoint service. + type: string + ipAddress: + description: IP address of the private endpoint in your Azure + VNet that someone added to this private endpoint service. + type: string + required: + - id + - ipAddress + type: object + type: array + connectionSecret: + description: LocalObjectReference is a reference to an object in the + same namespace as the referent + properties: + name: + description: |- + Name of the resource being referred to + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + required: + - name + type: object + externalProjectRef: + description: ExternalProject holds the Atlas project ID the user belongs + to + properties: + id: + description: ID is the Atlas project ID + type: string + required: + - id + type: object + gcpConfiguration: + description: GCPConfiguration is the specific Google Cloud settings + for the private endpoint + items: + description: GCPPrivateEndpointConfiguration holds the GCP configuration + done on customer network + properties: + endpoints: + description: Endpoints is the list of individual private endpoints + that comprise this endpoint group. + items: + description: GCPPrivateEndpoint holds the GCP forwarding rules + configured on customer network + properties: + ipAddress: + description: IP address to which this Google Cloud consumer + forwarding rule resolves. + type: string + name: + description: Name that identifies the Google Cloud consumer + forwarding rule that you created. + type: string + required: + - ipAddress + - name + type: object + type: array + groupName: + description: GroupName is the label that identifies a set of + endpoints. + type: string + projectId: + description: ProjectID that identifies the Google Cloud project + in which you created the endpoints. + type: string + required: + - endpoints + - groupName + - projectId + type: object + type: array + projectRef: + description: Project is a reference to AtlasProject resource the user + belongs to + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes Resource + type: string + required: + - name + type: object + provider: + description: Name of the cloud service provider for which you want + to create the private endpoint service. + enum: + - AWS + - GCP + - AZURE + type: string + region: + description: Region of the chosen cloud provider in which you want + to create the private endpoint service. + type: string + required: + - provider + - region + type: object + x-kubernetes-validations: + - message: must define only one project reference through externalProjectRef + or projectRef + rule: (has(self.externalProjectRef) && !has(self.projectRef)) || (!has(self.externalProjectRef) + && has(self.projectRef)) + - message: must define a local connection secret when referencing an external + project + rule: (has(self.externalProjectRef) && has(self.connectionSecret)) || + !has(self.externalProjectRef) + status: + description: AtlasPrivateEndpointStatus is the most recent observed status + of the AtlasPrivateEndpoint cluster. Read-only. + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + endpoints: + description: Endpoints are the status of the endpoints connected to + the service + items: + description: EndpointInterfaceStatus is the most recent observed + status the interfaces attached to the configured service. Read-only. + properties: + ID: + description: ID is the external identifier set on the specification + to configure the interface + type: string + InterfaceStatus: + description: InterfaceStatus is the state of the private endpoint + interface + type: string + connectionName: + description: ConnectionName is the label that Atlas generates + that identifies the Azure private endpoint connection + type: string + error: + description: Error is the description of the failure occurred + when configuring the private endpoint + type: string + gcpForwardingRules: + description: GCPForwardingRules is the status of the customer + GCP private endpoint(forwarding rules) + items: + description: GCPForwardingRule is the most recent observed + status the GCP forwarding rules configured for an interface. + Read-only. + properties: + name: + type: string + status: + type: string + type: object + type: array + type: object + type: array + error: + description: Error is the description of the failure occurred when + configuring the private endpoint + type: string + observedGeneration: + description: |- + ObservedGeneration indicates the generation of the resource specification that the Atlas Operator is aware of. + The Atlas Operator updates this field to the 'metadata.generation' as soon as it starts reconciliation of the resource. + format: int64 + type: integer + resourceId: + description: ResourceID is the root-relative path that identifies + of the Atlas Azure Private Link Service + type: string + serviceAttachmentNames: + description: ServiceAttachmentNames is the list of URLs that identifies + endpoints that Atlas can use to access one service across the private + connection + items: + type: string + type: array + serviceId: + description: ServiceID is the unique identifier of the private endpoint + service in Atlas + type: string + serviceName: + description: ServiceName is the unique identifier of the Amazon Web + Services (AWS) PrivateLink endpoint service or Azure Private Link + Service managed by Atlas + type: string + serviceStatus: + description: ServiceStatus is the state of the private endpoint service + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/charts/atlas-operator/rbac.yaml b/charts/atlas-operator/rbac.yaml index c39a3262..909770fd 100644 --- a/charts/atlas-operator/rbac.yaml +++ b/charts/atlas-operator/rbac.yaml @@ -20,47 +20,18 @@ - apiGroups: - atlas.mongodb.com resources: - - atlasdeployments - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - atlas.mongodb.com - resources: - - atlasdeployments/status - verbs: - - get - - patch - - update -- apiGroups: - - atlas.mongodb.com - resources: + - atlasbackupcompliancepolicies + - atlasbackuppolicies + - atlasbackupschedules - atlasdatabaseusers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - atlas.mongodb.com - resources: - - atlasdatabaseusers/status - verbs: - - get - - patch - - update -- apiGroups: - - atlas.mongodb.com - resources: + - atlasdatafederations + - atlasdeployments + - atlasfederatedauths - atlasprojects + - atlassearchindexconfigs + - atlasstreamconnections + - atlasstreaminstances + - atlasteams verbs: - create - delete @@ -72,194 +43,19 @@ - apiGroups: - atlas.mongodb.com resources: - - atlasprojects/finalizers - verbs: - - get - - patch - - update -- apiGroups: - - atlas.mongodb.com - resources: - - atlasprojects/status - verbs: - - get - - patch - - update -- apiGroups: - - atlas.mongodb.com - resources: - - atlasbackuppolicies - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - atlas.mongodb.com - resources: + - atlasbackupcompliancepolicies/status - atlasbackuppolicies/status - verbs: - - get - - patch - - update -- apiGroups: - - atlas.mongodb.com - resources: - - atlasbackupschedules - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - atlas.mongodb.com - resources: - atlasbackupschedules/status - verbs: - - get - - patch - - update -- apiGroups: - - atlas.mongodb.com - resources: - - atlasteams - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - atlas.mongodb.com - resources: - - atlasteams/status - verbs: - - get - - patch - - update -- apiGroups: - - atlas.mongodb.com - resources: - - atlasdatafederations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - atlas.mongodb.com - resources: + - atlasdatabaseusers/status - atlasdatafederations/status - verbs: - - get - - patch - - update -- apiGroups: - - atlas.mongodb.com - resources: - - atlasfederatedauths - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - atlas.mongodb.com - resources: + - atlasdeployments/status - atlasfederatedauths/status - verbs: - - get -- apiGroups: - - atlas.mongodb.com - resources: - - atlasstreamconnections - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - atlas.mongodb.com - resources: + - atlasprojects/status + - atlassearchindexconfigs/status - atlasstreamconnections/status - verbs: - - get - - patch - - update -- apiGroups: - - atlas.mongodb.com - resources: - - atlasstreaminstances - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - atlas.mongodb.com - resources: - atlasstreaminstances/status + - atlasteams/status verbs: - get - patch - update -- apiGroups: - - atlas.mongodb.com - resources: - - atlassearchindexconfigs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - atlas.mongodb.com - resources: - - atlassearchindexconfigs/status - verbs: - - get - - patch - - update -- apiGroups: - - atlas.mongodb.com - resources: - - atlasbackupcompliancepolicies - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - atlas.mongodb.com - resources: - - atlasbackupcompliancepolicies/status - verbs: - - get - - patch - - update \ No newline at end of file