diff --git a/.gitignore b/.gitignore index cfdab2a..9aca73a 100644 --- a/.gitignore +++ b/.gitignore @@ -20,3 +20,4 @@ bin/ .vscode .idea .fleet +.DS_Store diff --git a/Makefile.kube b/Makefile.kube index 9116f85..2328413 100644 --- a/Makefile.kube +++ b/Makefile.kube @@ -155,3 +155,13 @@ $(CONTROLLER_GEN): $(LOCALBIN) envtest: $(ENVTEST) ## Download envtest-setup locally if necessary. $(ENVTEST): $(LOCALBIN) test -s $(LOCALBIN)/setup-envtest || GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest + +HELMIFY ?= $(LOCALBIN)/helmify + +.PHONY: helmify +helmify: $(HELMIFY) ## Download helmify locally if necessary. +$(HELMIFY): $(LOCALBIN) + test -s $(LOCALBIN)/helmify || GOBIN=$(LOCALBIN) go install github.com/arttor/helmify/cmd/helmify@latest + +helm: manifests kustomize helmify + $(KUSTOMIZE) build config/default | $(HELMIFY) charts diff --git a/charts/templates/deployment.yaml b/charts/templates/deployment.yaml index 1fc65ca..0388eaa 100644 --- a/charts/templates/deployment.yaml +++ b/charts/templates/deployment.yaml @@ -1,24 +1,24 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ include "chart.fullname" . }}-controller-manager + name: {{ include "charts.fullname" . }}-controller-manager labels: app.kubernetes.io/component: manager app.kubernetes.io/created-by: opengemini-operator app.kubernetes.io/part-of: opengemini-operator control-plane: controller-manager - {{- include "chart.labels" . | nindent 4 }} + {{- include "charts.labels" . | nindent 4 }} spec: replicas: {{ .Values.controllerManager.replicas }} selector: matchLabels: control-plane: controller-manager - {{- include "chart.selectorLabels" . | nindent 6 }} + {{- include "charts.selectorLabels" . | nindent 6 }} template: metadata: labels: control-plane: controller-manager - {{- include "chart.selectorLabels" . | nindent 8 }} + {{- include "charts.selectorLabels" . | nindent 8 }} annotations: kubectl.kubernetes.io/default-container: manager spec: @@ -94,5 +94,5 @@ spec: - ALL securityContext: runAsNonRoot: true - serviceAccountName: {{ include "chart.fullname" . }}-controller-manager + serviceAccountName: {{ include "charts.fullname" . }}-controller-manager terminationGracePeriodSeconds: 10 \ No newline at end of file diff --git a/charts/templates/geminicluster-crd.yaml b/charts/templates/geminicluster-crd.yaml index 84cd493..5e13c80 100644 --- a/charts/templates/geminicluster-crd.yaml +++ b/charts/templates/geminicluster-crd.yaml @@ -5,7 +5,7 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.10.0 labels: - {{- include "chart.labels" . | nindent 4 }} + {{- include "charts.labels" . | nindent 4 }} spec: group: opengemini-operator.opengemini.org names: @@ -45,7 +45,11 @@ spec: required: - enablePodAntiAffinity type: object - enableSuperuserAccess: + customAdminSecretName: + type: string + customConfigMapName: + type: string + enableHttpAuth: default: false type: boolean meta: @@ -557,8 +561,6 @@ spec: - dataVolumeClaimSpec - image type: object - superuserSecret: - type: string version: type: string required: @@ -572,6 +574,13 @@ spec: status: description: GeminiClusterStatus defines the observed state of GeminiCluster properties: + adminUserInitialized: + default: false + description: if admin user has initialized + type: boolean + appliedConfigHash: + description: md5 hash of applied config file content + type: string conditions: description: conditions represent the observations of cluster's current state. @@ -680,6 +689,9 @@ spec: type: integer statusDetails: type: string + required: + - adminUserInitialized + - appliedConfigHash type: object type: object served: true diff --git a/charts/templates/leader-election-rbac.yaml b/charts/templates/leader-election-rbac.yaml index 6494caa..e739f53 100644 --- a/charts/templates/leader-election-rbac.yaml +++ b/charts/templates/leader-election-rbac.yaml @@ -1,12 +1,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: {{ include "chart.fullname" . }}-leader-election-role + name: {{ include "charts.fullname" . }}-leader-election-role labels: app.kubernetes.io/component: rbac app.kubernetes.io/created-by: opengemini-operator app.kubernetes.io/part-of: opengemini-operator - {{- include "chart.labels" . | nindent 4 }} + {{- include "charts.labels" . | nindent 4 }} rules: - apiGroups: - "" @@ -43,17 +43,17 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ include "chart.fullname" . }}-leader-election-rolebinding + name: {{ include "charts.fullname" . }}-leader-election-rolebinding labels: app.kubernetes.io/component: rbac app.kubernetes.io/created-by: opengemini-operator app.kubernetes.io/part-of: opengemini-operator - {{- include "chart.labels" . | nindent 4 }} + {{- include "charts.labels" . | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: '{{ include "chart.fullname" . }}-leader-election-role' + name: '{{ include "charts.fullname" . }}-leader-election-role' subjects: - kind: ServiceAccount - name: '{{ include "chart.fullname" . }}-controller-manager' + name: '{{ include "charts.fullname" . }}-controller-manager' namespace: '{{ .Release.Namespace }}' \ No newline at end of file diff --git a/charts/templates/manager-rbac.yaml b/charts/templates/manager-rbac.yaml index 6461d12..37cdc96 100644 --- a/charts/templates/manager-rbac.yaml +++ b/charts/templates/manager-rbac.yaml @@ -1,9 +1,9 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ include "chart.fullname" . }}-manager-role + name: {{ include "charts.fullname" . }}-manager-role labels: - {{- include "chart.labels" . | nindent 4 }} + {{- include "charts.labels" . | nindent 4 }} rules: - apiGroups: - "" @@ -13,6 +13,7 @@ rules: - create - get - list + - patch - watch - apiGroups: - "" @@ -24,17 +25,13 @@ rules: - list - patch - watch -- apiGroups: - - "" - resources: - - pods - verbs: - - list - apiGroups: - "" resources: - secrets verbs: + - create + - delete - get - list - watch @@ -44,7 +41,6 @@ rules: - services verbs: - create - - delete - get - list - watch @@ -98,17 +94,17 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ include "chart.fullname" . }}-manager-rolebinding + name: {{ include "charts.fullname" . }}-manager-rolebinding labels: app.kubernetes.io/component: rbac app.kubernetes.io/created-by: opengemini-operator app.kubernetes.io/part-of: opengemini-operator - {{- include "chart.labels" . | nindent 4 }} + {{- include "charts.labels" . | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: '{{ include "chart.fullname" . }}-manager-role' + name: '{{ include "charts.fullname" . }}-manager-role' subjects: - kind: ServiceAccount - name: '{{ include "chart.fullname" . }}-controller-manager' + name: '{{ include "charts.fullname" . }}-controller-manager' namespace: '{{ .Release.Namespace }}' \ No newline at end of file diff --git a/charts/templates/metrics-reader-rbac.yaml b/charts/templates/metrics-reader-rbac.yaml index e8a7c1c..6c3335a 100644 --- a/charts/templates/metrics-reader-rbac.yaml +++ b/charts/templates/metrics-reader-rbac.yaml @@ -1,12 +1,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ include "chart.fullname" . }}-metrics-reader + name: {{ include "charts.fullname" . }}-metrics-reader labels: app.kubernetes.io/component: kube-rbac-proxy app.kubernetes.io/created-by: opengemini-operator app.kubernetes.io/part-of: opengemini-operator - {{- include "chart.labels" . | nindent 4 }} + {{- include "charts.labels" . | nindent 4 }} rules: - nonResourceURLs: - /metrics diff --git a/charts/templates/metrics-service.yaml b/charts/templates/metrics-service.yaml index b3d3fe4..05cc4a8 100644 --- a/charts/templates/metrics-service.yaml +++ b/charts/templates/metrics-service.yaml @@ -1,18 +1,18 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "chart.fullname" . }}-controller-manager-metrics-service + name: {{ include "charts.fullname" . }}-controller-manager-metrics-service labels: app.kubernetes.io/component: kube-rbac-proxy app.kubernetes.io/created-by: opengemini-operator app.kubernetes.io/part-of: opengemini-operator control-plane: controller-manager - {{- include "chart.labels" . | nindent 4 }} + {{- include "charts.labels" . | nindent 4 }} spec: type: ClusterIP selector: control-plane: controller-manager - {{- include "chart.selectorLabels" . | nindent 4 }} + {{- include "charts.selectorLabels" . | nindent 4 }} ports: - name: https port: 8443 diff --git a/charts/templates/proxy-rbac.yaml b/charts/templates/proxy-rbac.yaml index 723fc6d..731b18d 100644 --- a/charts/templates/proxy-rbac.yaml +++ b/charts/templates/proxy-rbac.yaml @@ -1,12 +1,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ include "chart.fullname" . }}-proxy-role + name: {{ include "charts.fullname" . }}-proxy-role labels: app.kubernetes.io/component: kube-rbac-proxy app.kubernetes.io/created-by: opengemini-operator app.kubernetes.io/part-of: opengemini-operator - {{- include "chart.labels" . | nindent 4 }} + {{- include "charts.labels" . | nindent 4 }} rules: - apiGroups: - authentication.k8s.io @@ -24,17 +24,17 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ include "chart.fullname" . }}-proxy-rolebinding + name: {{ include "charts.fullname" . }}-proxy-rolebinding labels: app.kubernetes.io/component: kube-rbac-proxy app.kubernetes.io/created-by: opengemini-operator app.kubernetes.io/part-of: opengemini-operator - {{- include "chart.labels" . | nindent 4 }} + {{- include "charts.labels" . | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: '{{ include "chart.fullname" . }}-proxy-role' + name: '{{ include "charts.fullname" . }}-proxy-role' subjects: - kind: ServiceAccount - name: '{{ include "chart.fullname" . }}-controller-manager' + name: '{{ include "charts.fullname" . }}-controller-manager' namespace: '{{ .Release.Namespace }}' \ No newline at end of file diff --git a/charts/templates/serviceaccount.yaml b/charts/templates/serviceaccount.yaml index 9a56fe3..80cb309 100644 --- a/charts/templates/serviceaccount.yaml +++ b/charts/templates/serviceaccount.yaml @@ -1,11 +1,11 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "chart.fullname" . }}-controller-manager + name: {{ include "charts.fullname" . }}-controller-manager labels: app.kubernetes.io/component: rbac app.kubernetes.io/created-by: opengemini-operator app.kubernetes.io/part-of: opengemini-operator - {{- include "chart.labels" . | nindent 4 }} + {{- include "charts.labels" . | nindent 4 }} annotations: {{- toYaml .Values.controllerManager.serviceAccount.annotations | nindent 4 }} \ No newline at end of file diff --git a/charts/values.yaml b/charts/values.yaml index 473f6d5..8ea9ead 100644 --- a/charts/values.yaml +++ b/charts/values.yaml @@ -12,8 +12,8 @@ controllerManager: memory: 64Mi manager: image: - repository: ghcr.io/opengemini/opengemini-operator:latest - tag: 814de3b + repository: ghcr.io/opengemini/opengemini-operator + tag: latest resources: limits: cpu: 500m diff --git a/config/samples/opengemini-operator_v1_geminicluster.yaml b/config/samples/opengemini-operator_v1_geminicluster.yaml index 887e485..5324ec0 100644 --- a/config/samples/opengemini-operator_v1_geminicluster.yaml +++ b/config/samples/opengemini-operator_v1_geminicluster.yaml @@ -18,16 +18,16 @@ spec: resources: requests: storage: 1Gi - image: opengeminidb/opengemini-k8s:v1.0.1 + image: opengeminidb/opengemini-k8s:v1.1.0-rc1 replicas: 3 resources: requests: cpu: 100m memory: 512Mi sql: - image: opengeminidb/opengemini-k8s:v1.0.1 + image: opengeminidb/opengemini-k8s:v1.1.0-rc1 port: "8086" - replicas: 2 + replicas: 3 resources: requests: cpu: 100m @@ -39,7 +39,7 @@ spec: resources: requests: storage: 1Gi - image: opengeminidb/opengemini-k8s:v1.0.1 + image: opengeminidb/opengemini-k8s:v1.1.0-rc1 replicas: 3 resources: requests: