Update MSSQLServer API

Signed-off-by: Neaj Morshad <[email protected]>

apis/kubedb/v1alpha2/mssqlserver_helpers.go

@@ -333,9 +333,9 @@ func (m *MSSQLServer) SetDefaults() {
 		if m.Spec.Replicas == nil {
 			m.Spec.Replicas = pointer.Int32P(1)
 		}
-	} else {
-		if m.Spec.LeaderElection == nil {
-			m.Spec.LeaderElection = &MSSQLServerLeaderElectionConfig{
+	} else if m.IsAvailabilityGroup() {
+		if m.Spec.Topology.AvailabilityGroup.LeaderElection == nil {
+			m.Spec.Topology.AvailabilityGroup.LeaderElection = &MSSQLServerLeaderElectionConfig{
 				// The upper limit of election timeout is 50000ms (50s), which should only be used when deploying a
 				// globally-distributed etcd cluster. A reasonable round-trip time for the continental United States is around 130-150ms,
 				// and the time between US and Japan is around 350-400ms. If the network has uneven performance or regular packet
@@ -350,11 +350,11 @@ func (m *MSSQLServer) SetDefaults() {
 				HeartbeatTick: 1,
 			}
 		}
-		if m.Spec.LeaderElection.TransferLeadershipInterval == nil {
-			m.Spec.LeaderElection.TransferLeadershipInterval = &meta.Duration{Duration: 1 * time.Second}
+		if m.Spec.Topology.AvailabilityGroup.LeaderElection.TransferLeadershipInterval == nil {
+			m.Spec.Topology.AvailabilityGroup.LeaderElection.TransferLeadershipInterval = &meta.Duration{Duration: 1 * time.Second}
 		}
-		if m.Spec.LeaderElection.TransferLeadershipTimeout == nil {
-			m.Spec.LeaderElection.TransferLeadershipTimeout = &meta.Duration{Duration: 60 * time.Second}
+		if m.Spec.Topology.AvailabilityGroup.LeaderElection.TransferLeadershipTimeout == nil {
+			m.Spec.Topology.AvailabilityGroup.LeaderElection.TransferLeadershipTimeout = &meta.Duration{Duration: 60 * time.Second}
 		}
 	}
 
@@ -498,8 +498,6 @@ func (m *MSSQLServer) setDefaultContainerResourceLimits(podTemplate *ofst.PodTem
 }
 
 func (m *MSSQLServer) SetTLSDefaults() {
-	m.SetTLSDefaultsForInternalAuth()
-
 	if m.Spec.TLS == nil || m.Spec.TLS.IssuerRef == nil {
 		return
 	}
@@ -546,34 +544,30 @@ func (m *MSSQLServer) SetTLSDefaults() {
 			OrganizationalUnits: defaultClientOrgUnit,
 		},
 	})
-}
-
-func (m *MSSQLServer) SetTLSDefaultsForInternalAuth() {
-	if m.Spec.InternalAuth == nil || m.Spec.InternalAuth.EndpointCert == nil || m.Spec.InternalAuth.EndpointCert.IssuerRef == nil {
-		return
-	}
 
-	// Endpoint-cert
-	defaultServerOrg := []string{kubedb.KubeDBOrganization}
-	defaultServerOrgUnit := []string{string(MSSQLServerEndpointCert)}
-	_, cert := kmapi.GetCertificate(m.Spec.InternalAuth.EndpointCert.Certificates, string(MSSQLServerEndpointCert))
-	if cert != nil && cert.Subject != nil {
-		if cert.Subject.Organizations != nil {
-			defaultServerOrg = cert.Subject.Organizations
-		}
-		if cert.Subject.OrganizationalUnits != nil {
-			defaultServerOrgUnit = cert.Subject.OrganizationalUnits
+	if m.IsAvailabilityGroup() {
+		// Endpoint-cert
+		defaultEndpointOrg := []string{kubedb.KubeDBOrganization}
+		defaultEndpointOrgUnit := []string{string(MSSQLServerEndpointCert)}
+		_, cert = kmapi.GetCertificate(m.Spec.TLS.Certificates, string(MSSQLServerEndpointCert))
+		if cert != nil && cert.Subject != nil {
+			if cert.Subject.Organizations != nil {
+				defaultEndpointOrg = cert.Subject.Organizations
+			}
+			if cert.Subject.OrganizationalUnits != nil {
+				defaultEndpointOrgUnit = cert.Subject.OrganizationalUnits
+			}
 		}
-	}
 
-	m.Spec.InternalAuth.EndpointCert.Certificates = kmapi.SetMissingSpecForCertificate(m.Spec.InternalAuth.EndpointCert.Certificates, kmapi.CertificateSpec{
-		Alias:      string(MSSQLServerEndpointCert),
-		SecretName: m.GetCertSecretName(MSSQLServerEndpointCert),
-		Subject: &kmapi.X509Subject{
-			Organizations:       defaultServerOrg,
-			OrganizationalUnits: defaultServerOrgUnit,
-		},
-	})
+		m.Spec.TLS.Certificates = kmapi.SetMissingSpecForCertificate(m.Spec.TLS.Certificates, kmapi.CertificateSpec{
+			Alias:      string(MSSQLServerEndpointCert),
+			SecretName: m.GetCertSecretName(MSSQLServerEndpointCert),
+			Subject: &kmapi.X509Subject{
+				Organizations:       defaultEndpointOrg,
+				OrganizationalUnits: defaultEndpointOrgUnit,
+			},
+		})
+	}
 }
 
 func (m *MSSQLServer) ReplicasAreReady(lister pslister.PetSetLister) (bool, string, error) {

apis/kubedb/v1alpha2/mssqlserver_types.go

@@ -95,11 +95,6 @@ type MSSQLServerSpec struct {
 	// +optional
 	ConfigSecret *core.LocalObjectReference `json:"configSecret,omitempty"`
 
-	// InternalAuth is used to authenticate endpoint
-	// +optional
-	// +nullable
-	InternalAuth *InternalAuthentication `json:"internalAuth,omitempty"`
-
 	// Init is used to initialize database
 	// +optional
 	Init *InitSpec `json:"init,omitempty"`
@@ -123,14 +118,6 @@ type MSSQLServerSpec struct {
 	// +optional
 	DeletionPolicy TerminationPolicy `json:"deletionPolicy,omitempty"`
 
-	// Coordinator defines attributes of the coordinator container
-	// +optional
-	Coordinator CoordinatorSpec `json:"coordinator,omitempty"`
-
-	// Leader election configuration
-	// +optional
-	LeaderElection *MSSQLServerLeaderElectionConfig `json:"leaderElection,omitempty"`
-
 	// HealthChecker defines attributes of the health checker
 	// +optional
 	// +kubebuilder:default={periodSeconds: 10, timeoutSeconds: 10, failureThreshold: 1}
@@ -145,12 +132,6 @@ type MSSQLServerSpec struct {
 	Archiver *Archiver `json:"archiver,omitempty"`
 }
 
-// InternalAuthentication provides different way of endpoint authentication
-type InternalAuthentication struct {
-	// EndpointCert is used for endpoint authentication of MSSql Server
-	EndpointCert *kmapi.TLSConfig `json:"endpointCert"`
-}
-
 type SQLServerTLSConfig struct {
 	kmapi.TLSConfig `json:",inline"`
 	ClientTLS       bool `json:"clientTLS"`
@@ -171,6 +152,10 @@ type MSSQLServerAvailabilityGroupSpec struct {
 	// AvailabilityDatabases is an array of databases to be included in the availability group
 	// +optional
 	Databases []string `json:"databases"`
+
+	// Leader election configuration
+	// +optional
+	LeaderElection *MSSQLServerLeaderElectionConfig `json:"leaderElection,omitempty"`
 }
 
 // MSSQLServerStatus defines the observed state of MSSQLServer

apis/kubedb/v1alpha2/mssqlserver_webhook.go

@@ -132,23 +132,6 @@ func (m *MSSQLServer) ValidateCreateOrUpdate() field.ErrorList {
 				m.Name,
 				"number of replicas can not be nil and can not be less than or equal to 0"))
 		}
-
-		if m.Spec.InternalAuth == nil {
-			allErr = append(allErr, field.Invalid(field.NewPath("spec").Child("internalAuth"),
-				m.Name, "spec.internalAuth is missing"))
-		} else if m.Spec.InternalAuth.EndpointCert == nil {
-			allErr = append(allErr, field.Invalid(field.NewPath("spec").Child("internalAuth").Child("endpointCert"),
-				m.Name, "spec.internalAuth.endpointCert is missing"))
-		} else {
-			if m.Spec.InternalAuth.EndpointCert.IssuerRef == nil {
-				allErr = append(allErr, field.Invalid(field.NewPath("spec").Child("internalAuth").Child("endpointCert").Child("issuerRef"),
-					m.Name, "spec.internalAuth.endpointCert.issuerRef' is missing"))
-			}
-			if len(m.Spec.InternalAuth.EndpointCert.Certificates) > 1 {
-				allErr = append(allErr, field.Invalid(field.NewPath("spec").Child("internalAuth").Child("endpointCert").Child("certificates"),
-					m.Name, "spec.internalAuth.endpointCert.certificates' can have only one certificate"))
-			}
-		}
 	}
 
 	if m.Spec.TLS == nil {
@@ -291,7 +274,6 @@ func mssqlValidateVolumesMountPaths(podTemplate *ofst.PodTemplateSpec) error {
 var forbiddenMSSQLServerEnvVars = []string{
 	kubedb.EnvMSSQLSAUsername,
 	kubedb.EnvMSSQLSAPassword,
-	kubedb.EnvAcceptEula,
 	kubedb.EnvMSSQLEnableHADR,
 	kubedb.EnvMSSQLAgentEnabled,
 	kubedb.EnvMSSQLVersion,