diff --git a/CHANGELOG.md b/CHANGELOG.md index bf3fc79e..be3cb9f6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,7 +6,7 @@ - Fix `ServiceIntegration` deletion when instance has no id set - Change `Kafka` field `userConfig.kafka_version`: enum ~~`[3.4, 3.5, 3.6]`~~ → `[3.4, 3.5, 3.6, 3.7]` - Add `ServiceIntegration` `flink_external_postgresql` type -- Remove `REDIS_CA_CERT` secret key. Can't be used with the service type +- Remove `CA_CERT` secret key for `Grafana`, `OpenSearch`, `Redis`, and `Clickhouse`. Can't be used with these service types ## v0.19.0 - 2024-04-18 diff --git a/api/v1alpha1/clickhouse_types.go b/api/v1alpha1/clickhouse_types.go index f655b280..e660331f 100644 --- a/api/v1alpha1/clickhouse_types.go +++ b/api/v1alpha1/clickhouse_types.go @@ -20,7 +20,7 @@ type ClickhouseSpec struct { //+kubebuilder:subresource:status // Clickhouse is the Schema for the clickhouses API. -// Info "Exposes secret keys": `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`, `CLICKHOUSE_CA_CERT` +// Info "Exposes secret keys": `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD` type Clickhouse struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` diff --git a/api/v1alpha1/grafana_types.go b/api/v1alpha1/grafana_types.go index 136c261b..955cc28b 100644 --- a/api/v1alpha1/grafana_types.go +++ b/api/v1alpha1/grafana_types.go @@ -19,7 +19,7 @@ type GrafanaSpec struct { } // Grafana is the Schema for the grafanas API. -// Info "Exposes secret keys": `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, `GRAFANA_URI`, `GRAFANA_HOSTS`, `GRAFANA_CA_CERT` +// Info "Exposes secret keys": `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, `GRAFANA_URI`, `GRAFANA_HOSTS` // +kubebuilder:object:root=true // +kubebuilder:subresource:status // +kubebuilder:printcolumn:name="Project",type="string",JSONPath=".spec.project" diff --git a/api/v1alpha1/opensearch_types.go b/api/v1alpha1/opensearch_types.go index 72c4332d..eeb00ecd 100644 --- a/api/v1alpha1/opensearch_types.go +++ b/api/v1alpha1/opensearch_types.go @@ -20,7 +20,7 @@ type OpenSearchSpec struct { //+kubebuilder:subresource:status // OpenSearch is the Schema for the opensearches API. -// Info "Exposes secret keys": `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`, `OPENSEARCH_CA_CERT` +// Info "Exposes secret keys": `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD` type OpenSearch struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` diff --git a/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml b/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml index 406f636f..8938de82 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_clickhouses.yaml @@ -20,8 +20,7 @@ spec: openAPIV3Schema: description: 'Clickhouse is the Schema for the clickhouses API. Info "Exposes - secret keys": `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`, - `CLICKHOUSE_CA_CERT`' + secret keys": `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`' properties: apiVersion: description: diff --git a/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml b/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml index dfb0767b..802a347d 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_grafanas.yaml @@ -34,7 +34,7 @@ spec: description: 'Grafana is the Schema for the grafanas API. Info "Exposes secret keys": `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, - `GRAFANA_URI`, `GRAFANA_HOSTS`, `GRAFANA_CA_CERT`' + `GRAFANA_URI`, `GRAFANA_HOSTS`' properties: apiVersion: description: diff --git a/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml index 8b5e5373..556bf958 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml @@ -20,8 +20,7 @@ spec: openAPIV3Schema: description: 'OpenSearch is the Schema for the opensearches API. Info "Exposes - secret keys": `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`, - `OPENSEARCH_CA_CERT`' + secret keys": `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`' properties: apiVersion: description: diff --git a/config/crd/bases/aiven.io_clickhouses.yaml b/config/crd/bases/aiven.io_clickhouses.yaml index 406f636f..8938de82 100644 --- a/config/crd/bases/aiven.io_clickhouses.yaml +++ b/config/crd/bases/aiven.io_clickhouses.yaml @@ -20,8 +20,7 @@ spec: openAPIV3Schema: description: 'Clickhouse is the Schema for the clickhouses API. Info "Exposes - secret keys": `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`, - `CLICKHOUSE_CA_CERT`' + secret keys": `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`' properties: apiVersion: description: diff --git a/config/crd/bases/aiven.io_grafanas.yaml b/config/crd/bases/aiven.io_grafanas.yaml index dfb0767b..802a347d 100644 --- a/config/crd/bases/aiven.io_grafanas.yaml +++ b/config/crd/bases/aiven.io_grafanas.yaml @@ -34,7 +34,7 @@ spec: description: 'Grafana is the Schema for the grafanas API. Info "Exposes secret keys": `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, - `GRAFANA_URI`, `GRAFANA_HOSTS`, `GRAFANA_CA_CERT`' + `GRAFANA_URI`, `GRAFANA_HOSTS`' properties: apiVersion: description: diff --git a/config/crd/bases/aiven.io_opensearches.yaml b/config/crd/bases/aiven.io_opensearches.yaml index 8b5e5373..556bf958 100644 --- a/config/crd/bases/aiven.io_opensearches.yaml +++ b/config/crd/bases/aiven.io_opensearches.yaml @@ -20,8 +20,7 @@ spec: openAPIV3Schema: description: 'OpenSearch is the Schema for the opensearches API. Info "Exposes - secret keys": `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`, - `OPENSEARCH_CA_CERT`' + secret keys": `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`' properties: apiVersion: description: diff --git a/controllers/generic_service_handler.go b/controllers/generic_service_handler.go index 52735268..01d307cd 100644 --- a/controllers/generic_service_handler.go +++ b/controllers/generic_service_handler.go @@ -193,9 +193,10 @@ func (h *genericServiceHandler) get(ctx context.Context, avn *aiven.Client, avnG return secret, err } - // Redis shouldn't expose CA_CERT - // It can't be used to connect to redis - if o.getServiceType() == "redis" { + switch o.getServiceType() { + case "kafka", "pg", "mysql", "cassandra": + // CA_CERT can be used with these service types only + default: return secret, nil } diff --git a/docs/docs/api-reference/clickhouse.md b/docs/docs/api-reference/clickhouse.md index 3417abd8..cb094dc2 100644 --- a/docs/docs/api-reference/clickhouse.md +++ b/docs/docs/api-reference/clickhouse.md @@ -37,7 +37,7 @@ Clickhouse is the Schema for the clickhouses API. !!! Info "Exposes secret keys" - `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`, `CLICKHOUSE_CA_CERT`. + `CLICKHOUSE_HOST`, `CLICKHOUSE_PORT`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`. **Required** diff --git a/docs/docs/api-reference/grafana.md b/docs/docs/api-reference/grafana.md index 4d33b797..5c29fc30 100644 --- a/docs/docs/api-reference/grafana.md +++ b/docs/docs/api-reference/grafana.md @@ -45,7 +45,7 @@ Grafana is the Schema for the grafanas API. !!! Info "Exposes secret keys" - `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, `GRAFANA_URI`, `GRAFANA_HOSTS`, `GRAFANA_CA_CERT`. + `GRAFANA_HOST`, `GRAFANA_PORT`, `GRAFANA_USER`, `GRAFANA_PASSWORD`, `GRAFANA_URI`, `GRAFANA_HOSTS`. **Required** diff --git a/docs/docs/api-reference/opensearch.md b/docs/docs/api-reference/opensearch.md index 11fda9ec..e90fade5 100644 --- a/docs/docs/api-reference/opensearch.md +++ b/docs/docs/api-reference/opensearch.md @@ -38,7 +38,7 @@ OpenSearch is the Schema for the opensearches API. !!! Info "Exposes secret keys" - `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`, `OPENSEARCH_CA_CERT`. + `OPENSEARCH_HOST`, `OPENSEARCH_PORT`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`. **Required** diff --git a/tests/clickhouse_test.go b/tests/clickhouse_test.go index 9e773b8e..be12bebe 100644 --- a/tests/clickhouse_test.go +++ b/tests/clickhouse_test.go @@ -169,7 +169,6 @@ func TestClickhouse(t *testing.T) { assert.NotEmpty(t, secret.Data["CLICKHOUSE_PORT"]) assert.NotEmpty(t, secret.Data["CLICKHOUSE_USER"]) assert.NotEmpty(t, secret.Data["CLICKHOUSE_PASSWORD"]) - assert.NotEmpty(t, secret.Data["CLICKHOUSE_CA_CERT"]) // Validates ClickhouseDatabase db1 := new(v1alpha1.ClickhouseDatabase) diff --git a/tests/grafana_test.go b/tests/grafana_test.go index 373e847a..75f5ae3a 100644 --- a/tests/grafana_test.go +++ b/tests/grafana_test.go @@ -111,5 +111,4 @@ func TestGrafana(t *testing.T) { assert.NotEmpty(t, secret.Data["GRAFANA_PASSWORD"]) assert.NotEmpty(t, secret.Data["GRAFANA_URI"]) assert.NotEmpty(t, secret.Data["GRAFANA_HOSTS"]) - assert.NotEmpty(t, secret.Data["GRAFANA_CA_CERT"]) } diff --git a/tests/opensearch_test.go b/tests/opensearch_test.go index 637cb6c1..a877676c 100644 --- a/tests/opensearch_test.go +++ b/tests/opensearch_test.go @@ -115,7 +115,6 @@ func TestOpenSearch(t *testing.T) { assert.NotEmpty(t, secret.Data["OPENSEARCH_PORT"]) assert.NotEmpty(t, secret.Data["OPENSEARCH_USER"]) assert.NotEmpty(t, secret.Data["OPENSEARCH_PASSWORD"]) - assert.NotEmpty(t, secret.Data["OPENSEARCH_CA_CERT"]) assert.Equal(t, map[string]string{"foo": "bar"}, secret.Annotations) assert.Equal(t, map[string]string{"baz": "egg"}, secret.Labels) }