diff --git a/go.mod b/go.mod index d7a678a12..1d9dce1a3 100644 --- a/go.mod +++ b/go.mod @@ -30,9 +30,9 @@ require ( k8s.io/api v0.30.3 k8s.io/apimachinery v0.30.3 k8s.io/klog/v2 v2.130.1 - kmodules.xyz/client-go v0.30.44 + kmodules.xyz/client-go v0.30.45 kmodules.xyz/custom-resources v0.30.0 - kubedb.dev/apimachinery v0.52.0-rc.0 + kubedb.dev/apimachinery v0.52.0 sigs.k8s.io/controller-runtime v0.18.4 xorm.io/xorm v1.3.6 ) diff --git a/go.sum b/go.sum index 69f547a5f..3b2e6bf73 100644 --- a/go.sum +++ b/go.sum @@ -655,16 +655,16 @@ k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1 k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= kmodules.xyz/apiversion v0.2.0 h1:vAQYqZFm4xu4pbB1cAdHbFEPES6EQkcR4wc06xdTOWk= kmodules.xyz/apiversion v0.2.0/go.mod h1:oPX8g8LvlPdPX3Yc5YvCzJHQnw3YF/X4/jdW0b1am80= -kmodules.xyz/client-go v0.30.44 h1:mLOBXQhvCIhdega9WoN4Px/usqobuKTT2vOPQcbGhXQ= -kmodules.xyz/client-go v0.30.44/go.mod h1:T9Kiu20wXEn65dLBQeegf4+y7oahJBR9ZJO2zGEVLIY= +kmodules.xyz/client-go v0.30.45 h1:hSjNlJoPQ86CKS8BiEbSmBkF2+yWsFjjMFISOCVJ6aA= +kmodules.xyz/client-go v0.30.45/go.mod h1:T9Kiu20wXEn65dLBQeegf4+y7oahJBR9ZJO2zGEVLIY= kmodules.xyz/custom-resources v0.30.0 h1:vR3CbseHMLwR4GvtcJJuRuwIV8voKqFqNii27rMcm1o= kmodules.xyz/custom-resources v0.30.0/go.mod h1:ZsTuI2mLG2s3byre7bHmpxJ9w0HDqAkRTL1+izGFI24= kmodules.xyz/monitoring-agent-api v0.30.2 h1:sAgz5P5EXZqhlj1NzJ+QltAgeIx5bGSMj+aYy2EiKaw= kmodules.xyz/monitoring-agent-api v0.30.2/go.mod h1:BoZFPDDRB7J39CcUsSDlzgW8PQCwik4ILPleyUob+Mg= kmodules.xyz/offshoot-api v0.30.1 h1:TrulAYO+oBsXe9sZZGTmNWIuI8qD2izMpgcTSPvgAmI= kmodules.xyz/offshoot-api v0.30.1/go.mod h1:T3mpjR6fui0QzOcmQvIuANytW48fe9ytmy/1cgx6D4g= -kubedb.dev/apimachinery v0.52.0-rc.0 h1:9DUShkQGjSINbxgj9/mC2/r6GtFZmJuBOc6RrxzCgB8= -kubedb.dev/apimachinery v0.52.0-rc.0/go.mod h1:5v0QfKvvx9/LasI3561/gIzz9Y9gwmvN3Xm94jdzfMI= +kubedb.dev/apimachinery v0.52.0 h1:rX2whAbjVYYOL+vly7qOsWZjMIWskoH/LD1FzSBLJCE= +kubedb.dev/apimachinery v0.52.0/go.mod h1:zoBQg5LAlidAPRpkPBKPR1IYF7dsvyj3Sf84dMpITKo= kubeops.dev/petset v0.0.7 h1:F77BTRfUqRVO7kNc8q2oFSSviDmYBqni/osXqu0kgJ4= kubeops.dev/petset v0.0.7/go.mod h1:lt0SZV4ohRy7RiwLNUnMoauG4lCbcRbSqhMg20rdUQg= kubeops.dev/sidekick v0.0.10 h1:/lOT+yV920F6TTPLc7bKR9HLAG/Yx+sTRm1C7rUz744= diff --git a/vendor/kmodules.xyz/client-go/Makefile b/vendor/kmodules.xyz/client-go/Makefile index 9c7cb06c3..cc30c4757 100644 --- a/vendor/kmodules.xyz/client-go/Makefile +++ b/vendor/kmodules.xyz/client-go/Makefile @@ -261,7 +261,7 @@ lint: $(BUILD_DIRS) --env GO111MODULE=on \ --env GOFLAGS="-mod=vendor" \ $(BUILD_IMAGE) \ - golangci-lint run --enable $(ADDTL_LINTERS) --timeout=10m --skip-files="generated.*\.go$\" --skip-dirs-use-default + golangci-lint run --enable $(ADDTL_LINTERS) --timeout=10m --exclude-files="generated.*\.go$\" --exclude-dirs-use-default $(BUILD_DIRS): @mkdir -p $@ diff --git a/vendor/kmodules.xyz/client-go/apiextensions/v1/crd.go b/vendor/kmodules.xyz/client-go/apiextensions/v1/crd.go index c6aa7bfc2..dc1eb310c 100644 --- a/vendor/kmodules.xyz/client-go/apiextensions/v1/crd.go +++ b/vendor/kmodules.xyz/client-go/apiextensions/v1/crd.go @@ -115,7 +115,6 @@ func TryUpdateCustomResourceDefinition( klog.Errorf("Attempt %d failed to update CustomResourceDefinition %s due to %v.", attempt, cur.Name, e2) return false, nil }) - if err != nil { err = errors.Errorf("failed to update CustomResourceDefinition %s after %d attempts due to %v", name, attempt, err) } diff --git a/vendor/kmodules.xyz/client-go/apps/v1/daemonset.go b/vendor/kmodules.xyz/client-go/apps/v1/daemonset.go index a0f66579b..1ebb66123 100644 --- a/vendor/kmodules.xyz/client-go/apps/v1/daemonset.go +++ b/vendor/kmodules.xyz/client-go/apps/v1/daemonset.go @@ -93,7 +93,6 @@ func TryUpdateDaemonSet(ctx context.Context, c kubernetes.Interface, meta metav1 klog.Errorf("Attempt %d failed to update DaemonSet %s/%s due to %v.", attempt, cur.Namespace, cur.Name, e2) return false, nil }) - if err != nil { err = errors.Errorf("failed to update DaemonSet %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) } diff --git a/vendor/kmodules.xyz/client-go/apps/v1/deployment.go b/vendor/kmodules.xyz/client-go/apps/v1/deployment.go index 941bc4f24..acbaf7c77 100644 --- a/vendor/kmodules.xyz/client-go/apps/v1/deployment.go +++ b/vendor/kmodules.xyz/client-go/apps/v1/deployment.go @@ -97,7 +97,6 @@ func TryUpdateDeployment(ctx context.Context, c kubernetes.Interface, meta metav klog.Errorf("Attempt %d failed to update Deployment %s/%s due to %v.", attempt, cur.Namespace, cur.Name, e2) return false, nil }) - if err != nil { err = errors.Errorf("failed to update Deployment %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) } diff --git a/vendor/kmodules.xyz/client-go/apps/v1/replicaset.go b/vendor/kmodules.xyz/client-go/apps/v1/replicaset.go index ddad60adc..c206e33b8 100644 --- a/vendor/kmodules.xyz/client-go/apps/v1/replicaset.go +++ b/vendor/kmodules.xyz/client-go/apps/v1/replicaset.go @@ -94,7 +94,6 @@ func TryUpdateReplicaSet(ctx context.Context, c kubernetes.Interface, meta metav klog.Errorf("Attempt %d failed to update ReplicaSet %s/%s due to %v.", attempt, cur.Namespace, cur.Name, e2) return false, nil }) - if err != nil { err = errors.Errorf("failed to update ReplicaSet %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) } diff --git a/vendor/kmodules.xyz/client-go/apps/v1/statefulset.go b/vendor/kmodules.xyz/client-go/apps/v1/statefulset.go index 8fd145f81..a6f75eb8b 100644 --- a/vendor/kmodules.xyz/client-go/apps/v1/statefulset.go +++ b/vendor/kmodules.xyz/client-go/apps/v1/statefulset.go @@ -97,7 +97,6 @@ func TryUpdateStatefulSet(ctx context.Context, c kubernetes.Interface, meta meta klog.Errorf("Attempt %d failed to update StatefulSet %s/%s due to %v.", attempt, cur.Namespace, cur.Name, e2) return false, nil }) - if err != nil { err = errors.Errorf("failed to update StatefulSet %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) } diff --git a/vendor/kmodules.xyz/client-go/core/v1/configmap.go b/vendor/kmodules.xyz/client-go/core/v1/configmap.go index a354b82a8..a05eadd79 100644 --- a/vendor/kmodules.xyz/client-go/core/v1/configmap.go +++ b/vendor/kmodules.xyz/client-go/core/v1/configmap.go @@ -93,7 +93,6 @@ func TryUpdateConfigMap(ctx context.Context, c kubernetes.Interface, meta metav1 klog.Errorf("Attempt %d failed to update ConfigMap %s/%s due to %v.", attempt, cur.Namespace, cur.Name, e2) return false, nil }) - if err != nil { err = errors.Errorf("failed to update ConfigMap %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) } diff --git a/vendor/kmodules.xyz/client-go/core/v1/events.go b/vendor/kmodules.xyz/client-go/core/v1/events.go index 31e3ea40e..06c61e59c 100644 --- a/vendor/kmodules.xyz/client-go/core/v1/events.go +++ b/vendor/kmodules.xyz/client-go/core/v1/events.go @@ -93,7 +93,6 @@ func TryUpdateEvent(ctx context.Context, c kubernetes.Interface, meta metav1.Obj klog.Errorf("Attempt %d failed to update Event %s/%s due to %v.", attempt, cur.Namespace, cur.Name, e2) return false, nil }) - if err != nil { err = errors.Errorf("failed to update Event %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) } diff --git a/vendor/kmodules.xyz/client-go/core/v1/node.go b/vendor/kmodules.xyz/client-go/core/v1/node.go index 92642e5bd..47b1b0c65 100644 --- a/vendor/kmodules.xyz/client-go/core/v1/node.go +++ b/vendor/kmodules.xyz/client-go/core/v1/node.go @@ -101,7 +101,6 @@ func TryUpdateNode(ctx context.Context, c kubernetes.Interface, meta metav1.Obje klog.Errorf("Attempt %d failed to update Node %s due to %v.", attempt, cur.Name, e2) return false, nil }) - if err != nil { err = errors.Errorf("failed to update Node %s after %d attempts due to %v", meta.Name, attempt, err) } diff --git a/vendor/kmodules.xyz/client-go/core/v1/pod.go b/vendor/kmodules.xyz/client-go/core/v1/pod.go index df8089284..9ef28d812 100644 --- a/vendor/kmodules.xyz/client-go/core/v1/pod.go +++ b/vendor/kmodules.xyz/client-go/core/v1/pod.go @@ -93,7 +93,6 @@ func TryUpdatePod(ctx context.Context, c kubernetes.Interface, meta metav1.Objec klog.Errorf("Attempt %d failed to update Pod %s/%s due to %v.", attempt, cur.Namespace, cur.Name, e2) return false, nil }) - if err != nil { err = errors.Errorf("failed to update Pod %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) } diff --git a/vendor/kmodules.xyz/client-go/core/v1/pv.go b/vendor/kmodules.xyz/client-go/core/v1/pv.go index 102e9684e..01be9e68c 100644 --- a/vendor/kmodules.xyz/client-go/core/v1/pv.go +++ b/vendor/kmodules.xyz/client-go/core/v1/pv.go @@ -93,7 +93,6 @@ func TryUpdatePV(ctx context.Context, c kubernetes.Interface, meta metav1.Object klog.Errorf("Attempt %d failed to update PersistentVolume %s due to %v.", attempt, cur.Name, e2) return false, nil }) - if err != nil { err = errors.Errorf("failed to update PersistentVolume %s after %d attempts due to %v", meta.Name, attempt, err) } diff --git a/vendor/kmodules.xyz/client-go/core/v1/pvc.go b/vendor/kmodules.xyz/client-go/core/v1/pvc.go index 1bd228d80..412f9c911 100644 --- a/vendor/kmodules.xyz/client-go/core/v1/pvc.go +++ b/vendor/kmodules.xyz/client-go/core/v1/pvc.go @@ -93,7 +93,6 @@ func TryUpdatePVC(ctx context.Context, c kubernetes.Interface, meta metav1.Objec klog.Errorf("Attempt %d failed to update PersistentVolumeClaim %s/%s due to %v.", attempt, cur.Namespace, cur.Name, e2) return false, nil }) - if err != nil { err = errors.Errorf("failed to update PersistentVolumeClaim %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) } diff --git a/vendor/kmodules.xyz/client-go/core/v1/rc.go b/vendor/kmodules.xyz/client-go/core/v1/rc.go index 6f7fa20b3..46bd25d77 100644 --- a/vendor/kmodules.xyz/client-go/core/v1/rc.go +++ b/vendor/kmodules.xyz/client-go/core/v1/rc.go @@ -94,7 +94,6 @@ func TryUpdateRC(ctx context.Context, c kubernetes.Interface, meta metav1.Object klog.Errorf("Attempt %d failed to update ReplicationController %s/%s due to %v.", attempt, cur.Namespace, cur.Name, e2) return false, nil }) - if err != nil { err = errors.Errorf("failed to update ReplicationController %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) } diff --git a/vendor/kmodules.xyz/client-go/core/v1/secret.go b/vendor/kmodules.xyz/client-go/core/v1/secret.go index 058a5c36d..1c5bdd2f8 100644 --- a/vendor/kmodules.xyz/client-go/core/v1/secret.go +++ b/vendor/kmodules.xyz/client-go/core/v1/secret.go @@ -117,7 +117,6 @@ func TryUpdateSecret(ctx context.Context, c kubernetes.Interface, meta metav1.Ob klog.Errorf("Attempt %d failed to update Secret %s/%s due to %v.", attempt, cur.Namespace, cur.Name, e2) return false, nil }) - if err != nil { err = errors.Errorf("failed to update Secret %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) } diff --git a/vendor/kmodules.xyz/client-go/core/v1/service.go b/vendor/kmodules.xyz/client-go/core/v1/service.go index 88e639960..d09950230 100644 --- a/vendor/kmodules.xyz/client-go/core/v1/service.go +++ b/vendor/kmodules.xyz/client-go/core/v1/service.go @@ -93,7 +93,6 @@ func TryUpdateService(ctx context.Context, c kubernetes.Interface, meta metav1.O klog.Errorf("Attempt %d failed to update Service %s/%s due to %v.", attempt, cur.Namespace, cur.Name, e2) return false, nil }) - if err != nil { err = errors.Errorf("failed to update Service %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) } diff --git a/vendor/kmodules.xyz/client-go/core/v1/serviceaccount.go b/vendor/kmodules.xyz/client-go/core/v1/serviceaccount.go index 3d08a625f..4a57e11d6 100644 --- a/vendor/kmodules.xyz/client-go/core/v1/serviceaccount.go +++ b/vendor/kmodules.xyz/client-go/core/v1/serviceaccount.go @@ -93,7 +93,6 @@ func TryUpdateServiceAccount(ctx context.Context, c kubernetes.Interface, meta m klog.Errorf("Attempt %d failed to update ServiceAccount %s/%s due to %v.", attempt, cur.Namespace, cur.Name, e2) return false, nil }) - if err != nil { err = errors.Errorf("failed to update ServiceAccount %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) } diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/constants.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/constants.go index 8b0fb31fb..cb71903e1 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/constants.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/constants.go @@ -1696,7 +1696,7 @@ var ( }, } - // DefaultResourcesMemoryIntensive must be used for elasticsearch + // DefaultResourcesMemoryIntensive must be used for elasticsearch or kafka // to avoid OOMKILLED while deploying ES V8 DefaultResourcesMemoryIntensive = core.ResourceRequirements{ Requests: core.ResourceList{ diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/kafka_helpers.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/kafka_helpers.go index dcf426865..e89f959d5 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/kafka_helpers.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/kafka_helpers.go @@ -357,7 +357,7 @@ func (k *Kafka) SetDefaults() { dbContainer := coreutil.GetContainerByName(k.Spec.Topology.Controller.PodTemplate.Spec.Containers, kubedb.KafkaContainerName) if dbContainer != nil && (dbContainer.Resources.Requests == nil && dbContainer.Resources.Limits == nil) { - apis.SetDefaultResourceLimits(&dbContainer.Resources, kubedb.DefaultResources) + apis.SetDefaultResourceLimits(&dbContainer.Resources, kubedb.DefaultResourcesMemoryIntensive) } } @@ -372,7 +372,7 @@ func (k *Kafka) SetDefaults() { dbContainer := coreutil.GetContainerByName(k.Spec.Topology.Broker.PodTemplate.Spec.Containers, kubedb.KafkaContainerName) if dbContainer != nil && (dbContainer.Resources.Requests == nil && dbContainer.Resources.Limits == nil) { - apis.SetDefaultResourceLimits(&dbContainer.Resources, kubedb.DefaultResources) + apis.SetDefaultResourceLimits(&dbContainer.Resources, kubedb.DefaultResourcesMemoryIntensive) } } } else { @@ -383,7 +383,7 @@ func (k *Kafka) SetDefaults() { dbContainer := coreutil.GetContainerByName(k.Spec.PodTemplate.Spec.Containers, kubedb.KafkaContainerName) if dbContainer != nil && (dbContainer.Resources.Requests == nil && dbContainer.Resources.Limits == nil) { - apis.SetDefaultResourceLimits(&dbContainer.Resources, kubedb.DefaultResources) + apis.SetDefaultResourceLimits(&dbContainer.Resources, kubedb.DefaultResourcesMemoryIntensive) } } k.SetDefaultEnvs() diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/mariadb_helpers.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/mariadb_helpers.go index e3c36e1fb..3e281d7c3 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/mariadb_helpers.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/mariadb_helpers.go @@ -286,6 +286,18 @@ func (m *MariaDB) SetDefaults(mdVersion *v1alpha1.MariaDBVersion) { if m.IsCluster() && m.IsMariaDBReplication() { m.SetDefaultsMaxscale(mdVersion, m.Spec.Topology.MaxScale) } + + if m.Spec.Init != nil && m.Spec.Init.Archiver != nil { + if m.Spec.Init.Archiver.EncryptionSecret != nil && m.Spec.Init.Archiver.EncryptionSecret.Namespace == "" { + m.Spec.Init.Archiver.EncryptionSecret.Namespace = m.GetNamespace() + } + if m.Spec.Init.Archiver.FullDBRepository != nil && m.Spec.Init.Archiver.FullDBRepository.Namespace == "" { + m.Spec.Init.Archiver.FullDBRepository.Namespace = m.GetNamespace() + } + if m.Spec.Init.Archiver.ManifestRepository != nil && m.Spec.Init.Archiver.ManifestRepository.Namespace == "" { + m.Spec.Init.Archiver.ManifestRepository.Namespace = m.GetNamespace() + } + } } func (m *MariaDB) SetDefaultsMaxscale(mdVersion *v1alpha1.MariaDBVersion, maxscale *MaxScaleSpec) { diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/mongodb_helpers.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/mongodb_helpers.go index 60fc7f8c8..5f71609f9 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/mongodb_helpers.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/mongodb_helpers.go @@ -681,6 +681,18 @@ func (m *MongoDB) SetDefaults(mgVersion *v1alpha1.MongoDBVersion) { m.Spec.Monitor.Prometheus.Exporter.SecurityContext.RunAsGroup = mgVersion.Spec.SecurityContext.RunAsGroup } } + + if m.Spec.Init != nil && m.Spec.Init.Archiver != nil { + if m.Spec.Init.Archiver.EncryptionSecret != nil && m.Spec.Init.Archiver.EncryptionSecret.Namespace == "" { + m.Spec.Init.Archiver.EncryptionSecret.Namespace = m.GetNamespace() + } + if m.Spec.Init.Archiver.FullDBRepository != nil && m.Spec.Init.Archiver.FullDBRepository.Namespace == "" { + m.Spec.Init.Archiver.FullDBRepository.Namespace = m.GetNamespace() + } + if m.Spec.Init.Archiver.ManifestRepository != nil && m.Spec.Init.Archiver.ManifestRepository.Namespace == "" { + m.Spec.Init.Archiver.ManifestRepository.Namespace = m.GetNamespace() + } + } } func (m *MongoDB) initializePodTemplates() { diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/mysql_helpers.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/mysql_helpers.go index 87c27aae7..1aeac59cf 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/mysql_helpers.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/mysql_helpers.go @@ -320,6 +320,18 @@ func (m *MySQL) SetDefaults(myVersion *v1alpha1.MySQLVersion) { if m.Spec.Init != nil && m.Spec.Init.Archiver != nil && m.Spec.Init.Archiver.ReplicationStrategy == nil { m.Spec.Init.Archiver.ReplicationStrategy = ptr.To(ReplicationStrategyNone) } + + if m.Spec.Init != nil && m.Spec.Init.Archiver != nil { + if m.Spec.Init.Archiver.EncryptionSecret != nil && m.Spec.Init.Archiver.EncryptionSecret.Namespace == "" { + m.Spec.Init.Archiver.EncryptionSecret.Namespace = m.GetNamespace() + } + if m.Spec.Init.Archiver.FullDBRepository != nil && m.Spec.Init.Archiver.FullDBRepository.Namespace == "" { + m.Spec.Init.Archiver.FullDBRepository.Namespace = m.GetNamespace() + } + if m.Spec.Init.Archiver.ManifestRepository != nil && m.Spec.Init.Archiver.ManifestRepository.Namespace == "" { + m.Spec.Init.Archiver.ManifestRepository.Namespace = m.GetNamespace() + } + } } func (m *MySQL) SetTLSDefaults() { diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/pgbouncer_helpers.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/pgbouncer_helpers.go index 63512dfb2..55be8e866 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/pgbouncer_helpers.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/pgbouncer_helpers.go @@ -32,10 +32,12 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/types" + "k8s.io/utils/ptr" kmapi "kmodules.xyz/client-go/api/v1" "kmodules.xyz/client-go/apiextensions" core_util "kmodules.xyz/client-go/core/v1" meta_util "kmodules.xyz/client-go/meta" + "kmodules.xyz/client-go/policy/secomp" appcat "kmodules.xyz/custom-resources/apis/appcatalog/v1alpha1" mona "kmodules.xyz/monitoring-agent-api/api/v1" ofstv2 "kmodules.xyz/offshoot-api/api/v2" @@ -224,20 +226,21 @@ func (p *PgBouncer) SetDefaults(pgBouncerVersion *catalog.PgBouncerVersion, uses } } - p.setPgBouncerContainerDefaults(&p.Spec.PodTemplate) + p.setPgBouncerContainerDefaults(&p.Spec.PodTemplate, pgBouncerVersion) + p.setDefaultPodSecurityContext() - p.SetSecurityContext(pgBouncerVersion) if p.Spec.TLS != nil { p.SetTLSDefaults(usesAcme) } p.Spec.Monitor.SetDefaults() + if p.Spec.Monitor != nil && p.Spec.Monitor.Prometheus != nil { if p.Spec.Monitor.Prometheus.Exporter.SecurityContext.RunAsUser == nil { - p.Spec.Monitor.Prometheus.Exporter.SecurityContext.RunAsUser = pgBouncerVersion.Spec.SecurityContext.RunAsUser + p.Spec.Monitor.Prometheus.Exporter.SecurityContext.RunAsUser = pointer.Int64P(*pgBouncerVersion.Spec.SecurityContext.RunAsUser) } if p.Spec.Monitor.Prometheus.Exporter.SecurityContext.RunAsGroup == nil { - p.Spec.Monitor.Prometheus.Exporter.SecurityContext.RunAsGroup = pgBouncerVersion.Spec.SecurityContext.RunAsUser + p.Spec.Monitor.Prometheus.Exporter.SecurityContext.RunAsGroup = pointer.Int64P(*pgBouncerVersion.Spec.SecurityContext.RunAsUser) } } dbContainer := core_util.GetContainerByName(p.Spec.PodTemplate.Spec.Containers, ResourceSingularPgBouncer) @@ -246,12 +249,13 @@ func (p *PgBouncer) SetDefaults(pgBouncerVersion *catalog.PgBouncerVersion, uses } } -func (p *PgBouncer) setPgBouncerContainerDefaults(podTemplate *ofstv2.PodTemplateSpec) { +func (p *PgBouncer) setPgBouncerContainerDefaults(podTemplate *ofstv2.PodTemplateSpec, pbVersion *catalog.PgBouncerVersion) { if podTemplate == nil { return } container := ofst_util.EnsureContainerExists(podTemplate, kubedb.PgBouncerContainerName) p.setContainerDefaultResources(container, *kubedb.DefaultResources.DeepCopy()) + p.SetContainerDefaultSecurityContext(container, pbVersion) } func (p *PgBouncer) setContainerDefaultResources(container *core.Container, defaultResources core.ResourceRequirements) { @@ -320,59 +324,56 @@ func (p *PgBouncer) SetHealthCheckerDefaults() { } } -func (p *PgBouncer) SetSecurityContext(pgBouncerVersion *catalog.PgBouncerVersion) { - container := core_util.GetContainerByName(p.Spec.PodTemplate.Spec.Containers, kubedb.PgBouncerContainerName) - if container == nil { - container = &core.Container{ +func (p *PgBouncer) setDefaultPodSecurityContext() { + pbContainer := core_util.GetContainerByName(p.Spec.PodTemplate.Spec.Containers, kubedb.PgBouncerContainerName) + if pbContainer == nil { + pbContainer = &core.Container{ Name: kubedb.PgBouncerContainerName, } } + if p.Spec.PodTemplate.Spec.SecurityContext == nil { + p.Spec.PodTemplate.Spec.SecurityContext = &core.PodSecurityContext{} + } + if p.Spec.PodTemplate.Spec.SecurityContext.RunAsUser == nil { + p.Spec.PodTemplate.Spec.SecurityContext.RunAsUser = ptr.To(*pbContainer.SecurityContext.RunAsUser) + } + if p.Spec.PodTemplate.Spec.SecurityContext.RunAsGroup == nil { + p.Spec.PodTemplate.Spec.SecurityContext.RunAsGroup = ptr.To(*pbContainer.SecurityContext.RunAsGroup) + } + if p.Spec.PodTemplate.Spec.SecurityContext.FSGroup == nil { + p.Spec.PodTemplate.Spec.SecurityContext.FSGroup = ptr.To(*pbContainer.SecurityContext.RunAsGroup) + } +} + +func (p *PgBouncer) SetContainerDefaultSecurityContext(container *core.Container, pbVersion *catalog.PgBouncerVersion) { if container.SecurityContext == nil { - container.SecurityContext = &core.SecurityContext{ - RunAsUser: func() *int64 { - if p.Spec.PodTemplate.Spec.SecurityContext == nil || p.Spec.PodTemplate.Spec.SecurityContext.RunAsUser == nil { - return pgBouncerVersion.Spec.SecurityContext.RunAsUser - } - return p.Spec.PodTemplate.Spec.SecurityContext.RunAsUser - }(), - RunAsGroup: func() *int64 { - if p.Spec.PodTemplate.Spec.SecurityContext == nil || p.Spec.PodTemplate.Spec.SecurityContext.RunAsGroup == nil { - return pgBouncerVersion.Spec.SecurityContext.RunAsUser - } - return p.Spec.PodTemplate.Spec.SecurityContext.RunAsGroup - }(), - Privileged: pointer.BoolP(false), - } - } else { - if container.SecurityContext.RunAsUser == nil { - container.SecurityContext.RunAsUser = pgBouncerVersion.Spec.SecurityContext.RunAsUser - } - if container.SecurityContext.RunAsGroup == nil { - container.SecurityContext.RunAsGroup = container.SecurityContext.RunAsUser + container.SecurityContext = &core.SecurityContext{} + } + if container.SecurityContext.RunAsUser == nil { + container.SecurityContext.RunAsUser = pointer.Int64P(70) + if pbVersion.Spec.SecurityContext.RunAsUser != nil { + container.SecurityContext.RunAsUser = pbVersion.Spec.SecurityContext.RunAsUser } } - if p.Spec.PodTemplate.Spec.SecurityContext == nil { - p.Spec.PodTemplate.Spec.SecurityContext = &core.PodSecurityContext{ - RunAsUser: container.SecurityContext.RunAsUser, - RunAsGroup: container.SecurityContext.RunAsGroup, - } - } else { - if p.Spec.PodTemplate.Spec.SecurityContext.RunAsUser == nil { - p.Spec.PodTemplate.Spec.SecurityContext.RunAsUser = container.SecurityContext.RunAsUser - } - if p.Spec.PodTemplate.Spec.SecurityContext.RunAsGroup == nil { - p.Spec.PodTemplate.Spec.SecurityContext.RunAsGroup = container.SecurityContext.RunAsGroup - } + if container.SecurityContext.RunAsGroup == nil { + // running as root, we gave all the required permissions in dockerFile + container.SecurityContext.RunAsGroup = pointer.Int64P(0) } - // Need to set FSGroup equal to p.Spec.PodTemplate.Spec.ContainerSecurityContext.RunAsGroup. - // So that /var/pv directory have the group permission for the RunAsGroup user GID. - // Otherwise, We will get write permission denied. - p.Spec.PodTemplate.Spec.SecurityContext.FSGroup = container.SecurityContext.RunAsGroup - isPgbouncerContainerPresent := core_util.GetContainerByName(p.Spec.PodTemplate.Spec.Containers, kubedb.PgBouncerContainerName) - if isPgbouncerContainerPresent == nil { - core_util.UpsertContainer(p.Spec.PodTemplate.Spec.Containers, *container) + allowPrivilegeEscalation := pointer.Bool(container.SecurityContext.AllowPrivilegeEscalation) + container.SecurityContext.AllowPrivilegeEscalation = &allowPrivilegeEscalation + + if container.SecurityContext.Capabilities == nil { + container.SecurityContext.Capabilities = &core.Capabilities{ + Drop: []core.Capability{"ALL"}, + } + } + if container.SecurityContext.RunAsNonRoot == nil { + container.SecurityContext.RunAsNonRoot = ptr.To(true) + } + if container.SecurityContext.SeccompProfile == nil { + container.SecurityContext.SeccompProfile = secomp.DefaultSeccompProfile() } } diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/postgres_helpers.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/postgres_helpers.go index 81857ce6b..ba9c77dfd 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/postgres_helpers.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/postgres_helpers.go @@ -255,10 +255,10 @@ func (p *Postgres) SetDefaults(postgresVersion *catalog.PostgresVersion) { } } - p.setDefaultPodSecurityContext(&p.Spec.PodTemplate, postgresVersion) - p.setPostgresContainerDefaults(&p.Spec.PodTemplate, postgresVersion) - p.setCoordinatorContainerDefaults(&p.Spec.PodTemplate, postgresVersion) - p.setInitContainerDefaults(&p.Spec.PodTemplate, postgresVersion) + p.SetDefaultPodSecurityContext(&p.Spec.PodTemplate, postgresVersion) + p.SetPostgresContainerDefaults(&p.Spec.PodTemplate, postgresVersion) + p.SetCoordinatorContainerDefaults(&p.Spec.PodTemplate, postgresVersion) + p.SetInitContainerDefaults(&p.Spec.PodTemplate, postgresVersion) // Need to set FSGroup equal to p.Spec.PodTemplate.Spec.ContainerSecurityContext.RunAsGroup. // So that /var/pv directory have the group permission for the RunAsGroup user GID. @@ -280,6 +280,18 @@ func (p *Postgres) SetDefaults(postgresVersion *catalog.PostgresVersion) { if p.Spec.Init != nil && p.Spec.Init.Archiver != nil && p.Spec.Init.Archiver.ReplicationStrategy == nil { p.Spec.Init.Archiver.ReplicationStrategy = ptr.To(ReplicationStrategyNone) } + + if p.Spec.Init != nil && p.Spec.Init.Archiver != nil { + if p.Spec.Init.Archiver.EncryptionSecret != nil && p.Spec.Init.Archiver.EncryptionSecret.Namespace == "" { + p.Spec.Init.Archiver.EncryptionSecret.Namespace = p.GetNamespace() + } + if p.Spec.Init.Archiver.FullDBRepository != nil && p.Spec.Init.Archiver.FullDBRepository.Namespace == "" { + p.Spec.Init.Archiver.FullDBRepository.Namespace = p.GetNamespace() + } + if p.Spec.Init.Archiver.ManifestRepository != nil && p.Spec.Init.Archiver.ManifestRepository.Namespace == "" { + p.Spec.Init.Archiver.ManifestRepository.Namespace = p.GetNamespace() + } + } } func getMajorPgVersion(postgresVersion *catalog.PostgresVersion) (uint64, error) { @@ -324,7 +336,7 @@ func (p *Postgres) SetArbiterDefault() { } } -func (p *Postgres) setDefaultPodSecurityContext(podTemplate *ofstv2.PodTemplateSpec, pgVersion *catalog.PostgresVersion) { +func (p *Postgres) SetDefaultPodSecurityContext(podTemplate *ofstv2.PodTemplateSpec, pgVersion *catalog.PostgresVersion) { if podTemplate == nil { return } @@ -343,7 +355,7 @@ func (p *Postgres) setDefaultPodSecurityContext(podTemplate *ofstv2.PodTemplateS } } -func (p *Postgres) setInitContainerDefaults(podTemplate *ofstv2.PodTemplateSpec, pgVersion *catalog.PostgresVersion) { +func (p *Postgres) SetInitContainerDefaults(podTemplate *ofstv2.PodTemplateSpec, pgVersion *catalog.PostgresVersion) { if podTemplate == nil { return } @@ -352,7 +364,7 @@ func (p *Postgres) setInitContainerDefaults(podTemplate *ofstv2.PodTemplateSpec, p.setContainerDefaultResources(container, *kubedb.DefaultInitContainerResource.DeepCopy()) } -func (p *Postgres) setPostgresContainerDefaults(podTemplate *ofstv2.PodTemplateSpec, pgVersion *catalog.PostgresVersion) { +func (p *Postgres) SetPostgresContainerDefaults(podTemplate *ofstv2.PodTemplateSpec, pgVersion *catalog.PostgresVersion) { if podTemplate == nil { return } @@ -361,7 +373,7 @@ func (p *Postgres) setPostgresContainerDefaults(podTemplate *ofstv2.PodTemplateS p.setContainerDefaultResources(container, *kubedb.DefaultResources.DeepCopy()) } -func (p *Postgres) setCoordinatorContainerDefaults(podTemplate *ofstv2.PodTemplateSpec, pgVersion *catalog.PostgresVersion) { +func (p *Postgres) SetCoordinatorContainerDefaults(podTemplate *ofstv2.PodTemplateSpec, pgVersion *catalog.PostgresVersion) { if podTemplate == nil { return } diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/druid_helpers.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/druid_helpers.go index e3a6e3078..06c3b1b4a 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/druid_helpers.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/druid_helpers.go @@ -650,6 +650,16 @@ func (d *Druid) GetDefaultPVC() *core.PersistentVolumeClaimSpec { } func (d *Druid) setDefaultContainerSecurityContext(druidVersion *catalog.DruidVersion, podTemplate *ofst.PodTemplateSpec) { + if podTemplate == nil { + return + } + if podTemplate.Spec.SecurityContext == nil { + podTemplate.Spec.SecurityContext = &v1.PodSecurityContext{} + } + if podTemplate.Spec.SecurityContext.FSGroup == nil { + podTemplate.Spec.SecurityContext.FSGroup = druidVersion.Spec.SecurityContext.RunAsUser + } + container := coreutil.GetContainerByName(podTemplate.Spec.Containers, kubedb.DruidContainerName) if container == nil { container = &v1.Container{ diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/ferretdb_helpers.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/ferretdb_helpers.go index b88bb0459..e776ce8d2 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/ferretdb_helpers.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/ferretdb_helpers.go @@ -117,7 +117,7 @@ func (f *FerretDB) GetAuthSecretName() string { func (f *FerretDB) GetPersistentSecrets() []string { var secrets []string if f.Spec.AuthSecret != nil { - secrets = append(secrets, f.Spec.AuthSecret.Name) + secrets = append(secrets, f.GetAuthSecretName()) } return secrets } @@ -244,7 +244,7 @@ func (f *FerretDB) SetDefaults() { } } - defaultVersion := "13.13" + defaultVersion := "16.4-bookworm" if !f.Spec.Backend.ExternallyManaged { if f.Spec.Backend.Version == nil { f.Spec.Backend.Version = &defaultVersion diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/mssqlserver_helpers.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/mssqlserver_helpers.go index 9553a57a8..3f2610ba0 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/mssqlserver_helpers.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/mssqlserver_helpers.go @@ -409,6 +409,18 @@ func (m *MSSQLServer) SetDefaults() { m.Spec.Monitor.Prometheus.Exporter.SecurityContext.RunAsGroup = mssqlVersion.Spec.SecurityContext.RunAsUser } } + + if m.Spec.Init != nil && m.Spec.Init.Archiver != nil { + if m.Spec.Init.Archiver.EncryptionSecret != nil && m.Spec.Init.Archiver.EncryptionSecret.Namespace == "" { + m.Spec.Init.Archiver.EncryptionSecret.Namespace = m.GetNamespace() + } + if m.Spec.Init.Archiver.FullDBRepository != nil && m.Spec.Init.Archiver.FullDBRepository.Namespace == "" { + m.Spec.Init.Archiver.FullDBRepository.Namespace = m.GetNamespace() + } + if m.Spec.Init.Archiver.ManifestRepository != nil && m.Spec.Init.Archiver.ManifestRepository.Namespace == "" { + m.Spec.Init.Archiver.ManifestRepository.Namespace = m.GetNamespace() + } + } } func (m *MSSQLServer) setDefaultContainerSecurityContext(mssqlVersion *catalog.MSSQLServerVersion, podTemplate *ofst.PodTemplateSpec) { diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/openapi_generated.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/openapi_generated.go index 839140570..fa2f68570 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/openapi_generated.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/openapi_generated.go @@ -35052,7 +35052,7 @@ func schema_apimachinery_apis_kubedb_v1alpha2_SolrSpec(ref common.ReferenceCallb "zookeeperRef": { SchemaProps: spec.SchemaProps{ Description: "\t// ZooKeeper contains information for Solr to store configurations for collections", - Ref: ref("kmodules.xyz/client-go/api/v1.ObjectReference"), + Ref: ref("kubedb.dev/apimachinery/apis/kubedb/v1alpha2.ZookeeperRef"), }, }, "solrModules": { @@ -35186,7 +35186,7 @@ func schema_apimachinery_apis_kubedb_v1alpha2_SolrSpec(ref common.ReferenceCallb }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PersistentVolumeClaimSpec", "kmodules.xyz/client-go/api/v1.HealthCheckSpec", "kmodules.xyz/client-go/api/v1.ObjectReference", "kmodules.xyz/client-go/api/v1.TLSConfig", "kmodules.xyz/monitoring-agent-api/api/v1.AgentSpec", "kmodules.xyz/offshoot-api/api/v2.PodTemplateSpec", "kubedb.dev/apimachinery/apis/kubedb/v1alpha2.NamedServiceTemplateSpec", "kubedb.dev/apimachinery/apis/kubedb/v1alpha2.SecretReference", "kubedb.dev/apimachinery/apis/kubedb/v1alpha2.SolrClusterTopology"}, + "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PersistentVolumeClaimSpec", "kmodules.xyz/client-go/api/v1.HealthCheckSpec", "kmodules.xyz/client-go/api/v1.TLSConfig", "kmodules.xyz/monitoring-agent-api/api/v1.AgentSpec", "kmodules.xyz/offshoot-api/api/v2.PodTemplateSpec", "kubedb.dev/apimachinery/apis/kubedb/v1alpha2.NamedServiceTemplateSpec", "kubedb.dev/apimachinery/apis/kubedb/v1alpha2.SecretReference", "kubedb.dev/apimachinery/apis/kubedb/v1alpha2.SolrClusterTopology", "kubedb.dev/apimachinery/apis/kubedb/v1alpha2.ZookeeperRef"}, } } diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/solr_helpers.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/solr_helpers.go index c37ccd3b5..260ee018f 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/solr_helpers.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/solr_helpers.go @@ -272,6 +272,34 @@ func (s Solr) CoordinatorSelectors() map[string]string { return s.OffshootSelectors(map[string]string{string(SolrNodeRoleCoordinator): SolrNodeRoleSet}) } +func (s *Solr) SetDefaultsToZooKeeperRef() { + if s.Spec.ZookeeperRef == nil { + s.Spec.ZookeeperRef = &ZookeeperRef{} + } + s.SetZooKeeperObjectRef() + if s.Spec.ZookeeperRef.Version == nil { + defaultVersion := "3.7.2" + s.Spec.ZookeeperRef.Version = &defaultVersion + } +} + +func (s *Solr) GetZooKeeperName() string { + return s.OffshootName() + "-zk" +} + +func (s *Solr) SetZooKeeperObjectRef() { + if s.Spec.ZookeeperRef.ObjectReference == nil { + s.Spec.ZookeeperRef.ObjectReference = &kmapi.ObjectReference{} + } + if s.Spec.ZookeeperRef.Name == "" { + s.Spec.ZookeeperRef.ExternallyManaged = false + s.Spec.ZookeeperRef.Name = s.GetZooKeeperName() + } + if s.Spec.ZookeeperRef.Namespace == "" { + s.Spec.ZookeeperRef.Namespace = s.Namespace + } +} + func (s *Solr) SetDefaults() { if s.Spec.DeletionPolicy == "" { s.Spec.DeletionPolicy = DeletionPolicyDelete @@ -285,6 +313,9 @@ func (s *Solr) SetDefaults() { s.Spec.StorageType = StorageTypeDurable } + s.SetDefaultsToZooKeeperRef() + s.SetZooKeeperObjectRef() + if s.Spec.ZookeeperDigestSecret == nil { s.Spec.ZookeeperDigestSecret = &v1.LocalObjectReference{ Name: s.SolrSecretName("zk-digest"), @@ -320,10 +351,6 @@ func (s *Solr) SetDefaults() { if s.Spec.Topology.Data.Replicas == nil { s.Spec.Topology.Data.Replicas = pointer.Int32P(1) } - if s.Spec.Topology.Data.PodTemplate.Spec.SecurityContext == nil { - s.Spec.Topology.Data.PodTemplate.Spec.SecurityContext = &v1.PodSecurityContext{} - } - s.Spec.Topology.Data.PodTemplate.Spec.SecurityContext.FSGroup = slVersion.Spec.SecurityContext.RunAsUser s.setDefaultContainerSecurityContext(&slVersion, &s.Spec.Topology.Data.PodTemplate) s.setDefaultContainerResourceLimits(&s.Spec.Topology.Data.PodTemplate) @@ -336,10 +363,6 @@ func (s *Solr) SetDefaults() { if s.Spec.Topology.Overseer.Replicas == nil { s.Spec.Topology.Overseer.Replicas = pointer.Int32P(1) } - if s.Spec.Topology.Overseer.PodTemplate.Spec.SecurityContext == nil { - s.Spec.Topology.Overseer.PodTemplate.Spec.SecurityContext = &v1.PodSecurityContext{} - } - s.Spec.Topology.Overseer.PodTemplate.Spec.SecurityContext.FSGroup = slVersion.Spec.SecurityContext.RunAsUser s.setDefaultContainerSecurityContext(&slVersion, &s.Spec.Topology.Overseer.PodTemplate) s.setDefaultContainerResourceLimits(&s.Spec.Topology.Overseer.PodTemplate) } @@ -351,10 +374,6 @@ func (s *Solr) SetDefaults() { if s.Spec.Topology.Coordinator.Replicas == nil { s.Spec.Topology.Coordinator.Replicas = pointer.Int32P(1) } - if s.Spec.Topology.Coordinator.PodTemplate.Spec.SecurityContext == nil { - s.Spec.Topology.Coordinator.PodTemplate.Spec.SecurityContext = &v1.PodSecurityContext{} - } - s.Spec.Topology.Coordinator.PodTemplate.Spec.SecurityContext.FSGroup = slVersion.Spec.SecurityContext.RunAsUser s.setDefaultContainerSecurityContext(&slVersion, &s.Spec.Topology.Coordinator.PodTemplate) s.setDefaultContainerResourceLimits(&s.Spec.Topology.Coordinator.PodTemplate) } @@ -362,10 +381,6 @@ func (s *Solr) SetDefaults() { if s.Spec.Replicas == nil { s.Spec.Replicas = pointer.Int32P(1) } - if s.Spec.PodTemplate.Spec.SecurityContext == nil { - s.Spec.PodTemplate.Spec.SecurityContext = &v1.PodSecurityContext{} - } - s.Spec.PodTemplate.Spec.SecurityContext.FSGroup = slVersion.Spec.SecurityContext.RunAsUser s.setDefaultContainerSecurityContext(&slVersion, &s.Spec.PodTemplate) s.setDefaultContainerResourceLimits(&s.Spec.PodTemplate) } @@ -384,6 +399,15 @@ func (s *Solr) SetDefaults() { } func (s *Solr) setDefaultContainerSecurityContext(slVersion *catalog.SolrVersion, podTemplate *ofst.PodTemplateSpec) { + if podTemplate == nil { + return + } + if podTemplate.Spec.SecurityContext == nil { + podTemplate.Spec.SecurityContext = &v1.PodSecurityContext{} + } + if podTemplate.Spec.SecurityContext.FSGroup == nil { + podTemplate.Spec.SecurityContext.FSGroup = slVersion.Spec.SecurityContext.RunAsUser + } initContainer := coreutil.GetContainerByName(podTemplate.Spec.InitContainers, kubedb.SolrInitContainerName) if initContainer == nil { initContainer = &v1.Container{ diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/solr_types.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/solr_types.go index cb8cc875a..b08c38ed4 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/solr_types.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/solr_types.go @@ -72,7 +72,7 @@ type SolrSpec struct { Storage *core.PersistentVolumeClaimSpec `json:"storage,omitempty"` // // ZooKeeper contains information for Solr to store configurations for collections - ZookeeperRef *kmapi.ObjectReference `json:"zookeeperRef,omitempty"` + ZookeeperRef *ZookeeperRef `json:"zookeeperRef,omitempty"` // +optional SolrModules []string `json:"solrModules,omitempty"` diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/zz_generated.deepcopy.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/zz_generated.deepcopy.go index 5c20fa3fe..11f8236ac 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/zz_generated.deepcopy.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/zz_generated.deepcopy.go @@ -5692,8 +5692,8 @@ func (in *SolrSpec) DeepCopyInto(out *SolrSpec) { } if in.ZookeeperRef != nil { in, out := &in.ZookeeperRef, &out.ZookeeperRef - *out = new(apiv1.ObjectReference) - **out = **in + *out = new(ZookeeperRef) + (*in).DeepCopyInto(*out) } if in.SolrModules != nil { in, out := &in.SolrModules, &out.SolrModules diff --git a/vendor/kubedb.dev/apimachinery/crds/kubedb.com_solrs.yaml b/vendor/kubedb.dev/apimachinery/crds/kubedb.com_solrs.yaml index 38c0f4e1c..0b8d66d7e 100644 --- a/vendor/kubedb.dev/apimachinery/crds/kubedb.com_solrs.yaml +++ b/vendor/kubedb.dev/apimachinery/crds/kubedb.com_solrs.yaml @@ -13158,10 +13158,16 @@ spec: x-kubernetes-map-type: atomic zookeeperRef: properties: + externallyManaged: + type: boolean name: type: string namespace: type: string + pathsBase: + type: string + version: + type: string required: - name type: object diff --git a/vendor/kubedb.dev/apimachinery/crds/ops.kubedb.com_postgresopsrequests.yaml b/vendor/kubedb.dev/apimachinery/crds/ops.kubedb.com_postgresopsrequests.yaml index b9a1ee909..f5a5c509c 100644 --- a/vendor/kubedb.dev/apimachinery/crds/ops.kubedb.com_postgresopsrequests.yaml +++ b/vendor/kubedb.dev/apimachinery/crds/ops.kubedb.com_postgresopsrequests.yaml @@ -81,13 +81,20 @@ spec: type: string type: object x-kubernetes-map-type: atomic + forceFailOver: + properties: + candidates: + items: + type: string + type: array + type: object horizontalScaling: properties: replicas: format: int32 type: integer standbyMode: - default: Warm + default: Hot enum: - Hot - Warm @@ -99,8 +106,20 @@ spec: - Asynchronous type: string type: object + reconnectStandby: + properties: + readyTimeOut: + type: string + type: object restart: type: object + setRaftKeyPair: + properties: + keyPair: + additionalProperties: + type: string + type: object + type: object timeout: type: string tls: @@ -234,6 +253,9 @@ spec: - Reconfigure - ReconfigureTLS - RotateAuth + - ReconnectStandby + - ForceFailOver + - SetRaftKeyPair type: string updateVersion: properties: diff --git a/vendor/kubedb.dev/apimachinery/crds/ui.kubedb.com_databaseconnections.yaml b/vendor/kubedb.dev/apimachinery/crds/ui.kubedb.com_databaseconnections.yaml index 1c70ff8e6..f96d13a8f 100644 --- a/vendor/kubedb.dev/apimachinery/crds/ui.kubedb.com_databaseconnections.yaml +++ b/vendor/kubedb.dev/apimachinery/crds/ui.kubedb.com_databaseconnections.yaml @@ -26,111 +26,19 @@ spec: type: object spec: properties: - connectOptions: - additionalProperties: - type: string - type: object databases: items: type: string type: array - gateway: - items: - properties: - caCert: - format: byte - type: string - hostname: - type: string - ip: - type: string - name: - type: string - namespace: - type: string - secretRef: - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - services: - items: - properties: - alias: - type: string - ports: - items: - properties: - backendServicePort: - format: int32 - type: integer - name: - type: string - nodePort: - format: int32 - type: integer - port: - format: int32 - type: integer - required: - - port - type: object - type: array - required: - - alias - - ports - type: object - type: array - ui: - items: - properties: - alias: - type: string - helmRelease: - properties: - name: - default: "" - type: string - type: object - x-kubernetes-map-type: atomic - port: - properties: - backendServicePort: - format: int32 - type: integer - name: - type: string - nodePort: - format: int32 - type: integer - port: - format: int32 - type: integer - required: - - port - type: object - url: - type: string - required: - - alias - - port - - url - type: object - type: array - required: - - name - - namespace - type: object - type: array inCluster: properties: caCert: format: byte type: string + connectOptions: + additionalProperties: + type: string + type: object exec: type: string host: @@ -148,6 +56,107 @@ spec: - name type: object type: object + public: + items: + properties: + connectOptions: + additionalProperties: + type: string + type: object + gateway: + items: + properties: + caCert: + format: byte + type: string + hostname: + type: string + ip: + type: string + name: + type: string + namespace: + type: string + secretRef: + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + services: + items: + properties: + alias: + type: string + ports: + items: + properties: + backendServicePort: + format: int32 + type: integer + name: + type: string + nodePort: + format: int32 + type: integer + port: + format: int32 + type: integer + required: + - port + type: object + type: array + required: + - alias + - ports + type: object + type: array + ui: + items: + properties: + alias: + type: string + helmRelease: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + port: + properties: + backendServicePort: + format: int32 + type: integer + name: + type: string + nodePort: + format: int32 + type: integer + port: + format: int32 + type: integer + required: + - port + type: object + url: + type: string + required: + - alias + - port + - url + type: object + type: array + required: + - name + - namespace + type: object + type: array + type: object + type: array type: object status: properties: diff --git a/vendor/modules.txt b/vendor/modules.txt index 445b30182..a6014acde 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1537,7 +1537,7 @@ k8s.io/utils/trace # kmodules.xyz/apiversion v0.2.0 ## explicit; go 1.14 kmodules.xyz/apiversion -# kmodules.xyz/client-go v0.30.44 +# kmodules.xyz/client-go v0.30.45 ## explicit; go 1.22.0 kmodules.xyz/client-go kmodules.xyz/client-go/api/v1 @@ -1563,7 +1563,7 @@ kmodules.xyz/offshoot-api/api/v1 kmodules.xyz/offshoot-api/api/v1/conversion kmodules.xyz/offshoot-api/api/v2 kmodules.xyz/offshoot-api/util -# kubedb.dev/apimachinery v0.52.0-rc.0 +# kubedb.dev/apimachinery v0.52.0 ## explicit; go 1.22.1 kubedb.dev/apimachinery/apis kubedb.dev/apimachinery/apis/catalog