diff --git a/charts/atlas-operator-crds/templates/atlas.mongodb.com_atlasnetworkcontainers.yaml b/charts/atlas-operator-crds/templates/atlas.mongodb.com_atlasnetworkcontainers.yaml new file mode 100644 index 0000000..2f61413 --- /dev/null +++ b/charts/atlas-operator-crds/templates/atlas.mongodb.com_atlasnetworkcontainers.yaml @@ -0,0 +1,189 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.1 + name: atlasnetworkcontainers.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + categories: + - atlas + kind: AtlasNetworkContainer + listKind: AtlasNetworkContainerList + plural: atlasnetworkcontainers + shortNames: + - anc + singular: atlasnetworkcontainer + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .spec.provider + name: Provider + type: string + - jsonPath: .status.id + name: Id + type: string + - jsonPath: .status.provisioned + name: Provisioned + type: string + name: v1 + schema: + openAPIV3Schema: + description: AtlasNetworkContainer is the Schema for the AtlasNetworkContainer + API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: AtlasNetworkContainerSpec defines the desired state of an + AtlasNetworkContainer + properties: + cidrBlock: + description: Atlas CIDR. It needs to be set if ContainerID is not + set. + type: string + connectionSecret: + description: Name of the secret containing Atlas API private and public + keys + properties: + name: + description: |- + Name of the resource being referred to + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + required: + - name + type: object + externalProjectRef: + description: |- + "externalProjectRef" holds the parent Atlas project ID. + Mutually exclusive with the "projectRef" field + properties: + id: + description: ID is the Atlas project ID + type: string + required: + - id + type: object + projectRef: + description: |- + "projectRef" is a reference to the parent AtlasProject resource. + Mutually exclusive with the "externalProjectRef" field + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes Resource + type: string + required: + - name + type: object + provider: + description: Provider is the name of the cloud provider hosting the + network container + enum: + - AWS + - GCP + - AZURE + type: string + region: + description: |- + ContainerRegion is the provider region name of Atlas network peer container in Atlas region format + This is required by AWS and Azure, but not used by GCP + type: string + required: + - cidrBlock + - provider + type: object + x-kubernetes-validations: + - message: must define only one project reference through externalProjectRef + or projectRef + rule: (has(self.externalProjectRef) && !has(self.projectRef)) || (!has(self.externalProjectRef) + && has(self.projectRef)) + - message: must define a local connection secret when referencing an external + project + rule: (has(self.externalProjectRef) && has(self.connectionSecret)) || + !has(self.externalProjectRef) + - message: must not set region for GCP containers + rule: (self.provider == 'GCP' && !has(self.region)) || (self.provider + != 'GCP') + - message: must set region for AWS and Azure containers + rule: ((self.provider == 'AWS' || self.provider == 'Azure') && has(self.region)) + || (self.provider == 'GCP') + status: + description: |- + AtlasNetworkContainerStatus is a status for the AtlasNetworkContainer Custom resource. + Not the one included in the AtlasProject + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + containerProvisioned: + description: Provisioned is true when the container has been provisioned + in Atlas + type: boolean + id: + description: ID record the identifier of the container in Atlas + type: string + observedGeneration: + description: |- + ObservedGeneration indicates the generation of the resource specification that the Atlas Operator is aware of. + The Atlas Operator updates this field to the 'metadata.generation' as soon as it starts reconciliation of the resource. + format: int64 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/atlas-operator-crds/templates/atlas.mongodb.com_atlasnetworkpeerings.yaml b/charts/atlas-operator-crds/templates/atlas.mongodb.com_atlasnetworkpeerings.yaml new file mode 100644 index 0000000..38220cc --- /dev/null +++ b/charts/atlas-operator-crds/templates/atlas.mongodb.com_atlasnetworkpeerings.yaml @@ -0,0 +1,287 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.1 + name: atlasnetworkpeerings.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + categories: + - atlas + kind: AtlasNetworkPeering + listKind: AtlasNetworkPeeringList + plural: atlasnetworkpeerings + shortNames: + - anp + singular: atlasnetworkpeering + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .spec.providerName + name: Provider + type: string + - jsonPath: .spec.containerId + name: Container ID + type: string + - jsonPath: .spec.projectIDRef.id + name: Project ID + type: string + name: v1 + schema: + openAPIV3Schema: + description: AtlasNetworkPeering is the Schema for the AtlasNetworkPeering + API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: AtlasNetworkPeeringSpec defines the desired state of AtlasNetworkPeering + properties: + atlasCidrBlock: + description: Atlas CIDR. It needs to be set if ContainerID is not + set. + type: string + awsConfiguration: + description: AWSConfiguration is the specific AWS settings for network + peering + properties: + accepterRegionName: + description: AccepterRegionName is the provider region name of + user's vpc. + type: string + awsAccountId: + description: AccountID of the user's vpc. + type: string + routeTableCidrBlock: + description: User VPC CIDR. + type: string + vpcId: + description: AWS VPC ID. + type: string + required: + - accepterRegionName + type: object + azureConfiguration: + description: AzureConfiguration is the specific Azure settings for + network peering + properties: + azureDirectoryId: + description: AzureDirectoryID is the unique identifier for an + Azure AD directory. + type: string + azureSubscriptionId: + description: AzureSubscriptionID is the unique identifier of the + Azure subscription in which the VNet resides. + type: string + resourceGroupName: + description: ResourceGroupName is the name of your Azure resource + group. + type: string + vnetName: + description: VNetName is name of your Azure VNet. Its applicable + only for Azure. + type: string + type: object + connectionSecret: + description: Name of the secret containing Atlas API private and public + keys + properties: + name: + description: |- + Name of the resource being referred to + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + required: + - name + type: object + containerId: + description: ID of the network peer container. If not set, operator + will create a new container with ContainerRegion and AtlasCIDRBlock + input. + type: string + containerRegion: + description: ContainerRegion is the provider region name of Atlas + network peer container. + type: string + externalProjectRef: + description: |- + "externalProjectRef" holds the parent Atlas project ID. + Mutually exclusive with the "projectRef" field + properties: + id: + description: ID is the Atlas project ID + type: string + required: + - id + type: object + gcpConfiguration: + description: GCPConfiguration is the specific Google Cloud settings + for network peering + properties: + gcpProjectId: + description: User GCP Project ID. Its applicable only for GCP. + type: string + networkName: + description: GCP Network Peer Name. Its applicable only for GCP. + type: string + type: object + projectRef: + description: |- + "projectRef" is a reference to the parent AtlasProject resource. + Mutually exclusive with the "externalProjectRef" field + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes Resource + type: string + required: + - name + type: object + provider: + description: Name of the cloud service provider for which you want + to create the network peering service. + enum: + - AWS + - GCP + - AZURE + type: string + required: + - provider + type: object + x-kubernetes-validations: + - message: must define only one project reference through externalProjectRef + or projectRef + rule: (has(self.externalProjectRef) && !has(self.projectRef)) || (!has(self.externalProjectRef) + && has(self.projectRef)) + - message: must define a local connection secret when referencing an external + project + rule: (has(self.externalProjectRef) && has(self.connectionSecret)) || + !has(self.externalProjectRef) + status: + description: |- + AtlasNetworkPeeringStatus is a status for the AtlasNetworkPeering Custom resource. + Not the one included in the AtlasProject + properties: + awsStatus: + description: AWSStatus contains AWS only related status information + properties: + connectionId: + description: ConnectionID is the AWS VPC peering connection ID + type: string + containerVpcId: + description: ContainerVPCId is the AWS Container VPC ID on the + Atlas side + type: string + type: object + azureStatus: + description: AzureStatus contains Azure only related status information + properties: + azureSubscriptionId: + description: AzureSubscriptionID is the Azure subcription id on + the Atlas container + type: string + vnetName: + description: VnetName is the Azure network name on the Atlas container + type: string + type: object + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + containerId: + description: ContainerID records the ID of the container created by + atlas for this peering + type: string + containerProvisioned: + description: ContainerProvisioned is true when the container has been + provisioned in Atlas + type: boolean + containerStatus: + description: ContainerStatus records the last container status seen + for the network container + type: string + error: + description: Error refers to the last error seen in the network peering + setup + type: string + googleStatus: + description: GoogleStatus contains Google only related status information + properties: + gcpProjectId: + description: GCPProjectID is the Google Cloud Platform project + id on the Atlas container + type: string + networkName: + description: NetworkName is the Google network name on the Atlas + container + type: string + type: object + id: + description: ID recrods the identified of the peer created by Atlas + type: string + observedGeneration: + description: |- + ObservedGeneration indicates the generation of the resource specification that the Atlas Operator is aware of. + The Atlas Operator updates this field to the 'metadata.generation' as soon as it starts reconciliation of the resource. + format: int64 + type: integer + status: + description: Status describes the last status seen for the network + peering setup + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/atlas-operator/rbac.yaml b/charts/atlas-operator/rbac.yaml index 06559c0..bf85c13 100644 --- a/charts/atlas-operator/rbac.yaml +++ b/charts/atlas-operator/rbac.yaml @@ -35,6 +35,9 @@ - atlasstreamconnections - atlasstreaminstances - atlasteams + - atlascustomroles + - atlasnetworkcontainers + - atlasnetworkpeerings verbs: - create - delete @@ -61,6 +64,9 @@ - atlasstreamconnections/status - atlasstreaminstances/status - atlasteams/status + - atlascustomroles/status + - atlasnetworkcontainers/status + - atlasnetworkpeerings/status verbs: - get - patch