diff --git a/README.md b/README.md index 4cf65d7..7ba77e4 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,70 @@ -# Cozystack external-apps demo +# external-apps-example -Read more about Cozystack at [cozystack.io](https://cozystack.io). +External applications catalog example for [Cozystack](https://cozystack.io). Works like a brew tap -- add this repo to your cluster and get extra apps in the Cozystack dashboard. -Reference documentation for Cozystack external-apps can be found at [cozystack.io/docs/applications/external](https://cozystack.io/docs/applications/external/). +Currently provides managed Minecraft server and plugin apps powered by [minecraft-operator](https://github.com/lexfrei/minecraft-operator). + +## Installation + +Apply `init.yaml` to bootstrap the catalog in your Cozystack cluster: + +```bash +kubectl apply --filename https://raw.githubusercontent.com/cozystack/external-apps-example/main/init.yaml +``` + +This creates a FluxCD `GitRepository` source and a `HelmRelease` that deploys the platform chart. The platform chart registers all available apps via `ApplicationDefinition` CRDs, so they appear in the Cozystack dashboard automatically. + +## Available Apps + +| App | Kind | Description | +| --- | --- | --- | +| minecraft-server | `MinecraftServer` | Managed PaperMC server with automatic updates, backups, and resource limits | +| minecraft-plugin | `MinecraftPlugin` | Managed plugin installation from [Hangar](https://hangar.papermc.io/) or direct URL with auto-updates | + +Both apps are powered by [minecraft-operator](https://github.com/lexfrei/minecraft-operator), which is deployed automatically by the platform chart from `oci://ghcr.io/lexfrei/charts/minecraft-operator`. + +## Example + +Create a Minecraft server with the BlueMap plugin (see `examples/minecraft.yaml`): + +```yaml +apiVersion: apps.cozystack.io/v1alpha1 +kind: MinecraftServer +metadata: + name: survival + namespace: tenant-root +spec: + updateStrategy: latest + memoryLimit: 2Gi + cpuLimit: 2000m + serviceType: NodePort +--- +apiVersion: apps.cozystack.io/v1alpha1 +kind: MinecraftPlugin +metadata: + name: bluemap + namespace: tenant-root +spec: + sourceType: hangar + project: BlueMap + updateStrategy: latest + instanceSelector: + matchLabels: + app.kubernetes.io/instance: minecraft-survival + endpoints: + - name: web + port: 8100 + protocol: HTTP +``` + +## Repository Structure + +```text +init.yaml # Bootstrap manifest (GitRepository + HelmRelease) +packages/ + core/platform/ # Platform chart: namespaces, HelmCharts, HelmReleases, ApplicationDefinitions + apps/minecraft-server/ # Helm chart wrapping PaperMCServer CRD + apps/minecraft-plugin/ # Helm chart wrapping Plugin CRD +examples/ + minecraft.yaml # Server + BlueMap plugin example +``` diff --git a/examples/minecraft.yaml b/examples/minecraft.yaml new file mode 100644 index 0000000..2733a94 --- /dev/null +++ b/examples/minecraft.yaml @@ -0,0 +1,28 @@ +--- +apiVersion: apps.cozystack.io/v1alpha1 +kind: MinecraftServer +metadata: + name: survival + namespace: tenant-root +spec: + updateStrategy: latest + memoryLimit: 2Gi + cpuLimit: 2000m + serviceType: NodePort +--- +apiVersion: apps.cozystack.io/v1alpha1 +kind: MinecraftPlugin +metadata: + name: bluemap + namespace: tenant-root +spec: + sourceType: hangar + project: BlueMap + updateStrategy: latest + instanceSelector: + matchLabels: + app.kubernetes.io/instance: minecraft-survival + endpoints: + - name: web + port: 8100 + protocol: HTTP diff --git a/hack/update-crd.sh b/hack/update-crd.sh deleted file mode 100755 index 456bf84..0000000 --- a/hack/update-crd.sh +++ /dev/null @@ -1,139 +0,0 @@ -#!/usr/bin/env bash -set -euo pipefail - -# Requirements: yq (v4), jq, base64 -need() { command -v "$1" >/dev/null 2>&1 || { echo "need $1"; exit 1; }; } -need yq; need jq; need base64 - -CHART_YAML="${CHART_YAML:-Chart.yaml}" -VALUES_YAML="${VALUES_YAML:-values.yaml}" -SCHEMA_JSON="${SCHEMA_JSON:-values.schema.json}" -CRD_DIR="../../system/cozystack-resource-definitions/cozyrds" - -[[ -f "$CHART_YAML" ]] || { echo "No $CHART_YAML found"; exit 1; } -[[ -f "$SCHEMA_JSON" ]] || { echo "No $SCHEMA_JSON found"; exit 1; } - -# Read basics from Chart.yaml -NAME="$(yq -r '.name // ""' "$CHART_YAML")" -DESC="$(yq -r '.description // ""' "$CHART_YAML")" -ICON_PATH_RAW="$(yq -r '.icon // ""' "$CHART_YAML")" - -if [[ -z "$NAME" ]]; then - echo "Chart.yaml: .name is empty"; exit 1 -fi - -# Resolve icon path -# Accepts: -# /logos/foo.svg -> ./logos/foo.svg -# logos/foo.svg -> logos/foo.svg -# ./logos/foo.svg -> ./logos/foo.svg -# Fallback: ./logos/${NAME}.svg -resolve_icon_path() { - local p="$1" - if [[ -z "$p" || "$p" == "null" ]]; then - echo "./logos/${NAME}.svg"; return - fi - if [[ "$p" == /* ]]; then - echo ".${p}" - else - echo "$p" - fi -} -ICON_PATH="$(resolve_icon_path "$ICON_PATH_RAW")" - -if [[ ! -f "$ICON_PATH" ]]; then - # try fallback - ALT="./logos/${NAME}.svg" - if [[ -f "$ALT" ]]; then - ICON_PATH="$ALT" - else - echo "Icon not found: $ICON_PATH"; exit 1 - fi -fi - -# Base64 (portable: no -w / -b options) -ICON_B64="$(base64 < "$ICON_PATH" | tr -d '\n' | tr -d '\r')" - -# Decide which HelmRepository name to use based on path -# .../apps/... -> cozystack-apps -# .../extra/... -> cozystack-extra -# default: cozystack-apps -SOURCE_NAME="cozystack-apps" -case "$PWD" in - *"/apps/"*) SOURCE_NAME="cozystack-apps" ;; - *"/extra/"*) SOURCE_NAME="cozystack-extra" ;; -esac - -# If file doesn't exist, create a minimal skeleton -OUT="${OUT:-$CRD_DIR/$NAME.yaml}" -if [[ ! -f "$OUT" ]]; then - cat >"$OUT" <0)) # drop root - | map(map(select(type != "number"))) # drop array indices - | map(["spec"] + .) # prepend "spec" - ) - ' -)" - -# Update only necessary fields in-place -# - openAPISchema is loaded from file as a multi-line string (block scalar) -# - labels ensure cozystack.io/ui: "true" -# - prefix = "-" -# - sourceRef derived from directory (apps|extra) -yq -i ' - .apiVersion = (.apiVersion // "cozystack.io/v1alpha1") | - .kind = (.kind // "CozystackResourceDefinition") | - .metadata.name = strenv(RES_NAME) | - .spec.application.openAPISchema = strenv(SCHEMA_JSON_MIN) | - (.spec.application.openAPISchema style="literal") | - .spec.release.prefix = (strenv(PREFIX)) | - .spec.release.labels."cozystack.io/ui" = "true" | - .spec.release.chart.name = strenv(RES_NAME) | - .spec.release.chart.sourceRef.kind = "HelmRepository" | - .spec.release.chart.sourceRef.name = strenv(SOURCE_NAME) | - .spec.release.chart.sourceRef.namespace = "cozy-public" | - .spec.dashboard.description = strenv(DESCRIPTION) | - .spec.dashboard.icon = strenv(ICON_B64) | - .spec.dashboard.keysOrder = env(KEYS_ORDER) -' "$OUT" - -echo "Updated $OUT" diff --git a/init.yaml b/init.yaml index b751a92..26d9c78 100644 --- a/init.yaml +++ b/init.yaml @@ -26,4 +26,4 @@ spec: kind: GitRepository name: external-apps namespace: cozy-public - version: '*' + reconcileStrategy: Revision diff --git a/packages/apps/.gitkeep b/packages/apps/.gitkeep deleted file mode 100644 index e69de29..0000000 diff --git a/packages/apps/minecraft-plugin/Chart.yaml b/packages/apps/minecraft-plugin/Chart.yaml new file mode 100644 index 0000000..556b128 --- /dev/null +++ b/packages/apps/minecraft-plugin/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +name: minecraft-plugin +description: Managed Minecraft plugin with automatic version management +type: application +version: 0.0.0 +appVersion: "1.0.0" diff --git a/packages/apps/minecraft-plugin/Makefile b/packages/apps/minecraft-plugin/Makefile new file mode 100644 index 0000000..26cb401 --- /dev/null +++ b/packages/apps/minecraft-plugin/Makefile @@ -0,0 +1,4 @@ +export NAME=minecraft-plugin +export NAMESPACE=external-minecraft-operator + +include ../../../scripts/package.mk diff --git a/packages/apps/minecraft-plugin/templates/plugin.yaml b/packages/apps/minecraft-plugin/templates/plugin.yaml new file mode 100644 index 0000000..ce27571 --- /dev/null +++ b/packages/apps/minecraft-plugin/templates/plugin.yaml @@ -0,0 +1,39 @@ +apiVersion: mc.k8s.lex.la/v1beta1 +kind: Plugin +metadata: + name: {{ .Release.Name }} +spec: + source: + type: {{ .Values.sourceType }} + {{- if eq .Values.sourceType "hangar" }} + project: {{ .Values.project | quote }} + {{- end }} + {{- if eq .Values.sourceType "url" }} + url: {{ .Values.url | quote }} + {{- if .Values.checksum }} + checksum: {{ .Values.checksum | quote }} + {{- end }} + {{- end }} + updateStrategy: {{ .Values.updateStrategy }} + {{- if .Values.version }} + version: {{ .Values.version | quote }} + {{- end }} + instanceSelector: + {{- if .Values.instanceSelector.matchLabels }} + matchLabels: + {{- range $key, $value := .Values.instanceSelector.matchLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- else }} + matchLabels: {} + {{- end }} + {{- if .Values.endpoints }} + endpoints: + {{- range .Values.endpoints }} + - name: {{ .name | quote }} + port: {{ .port }} + {{- if .protocol }} + protocol: {{ .protocol }} + {{- end }} + {{- end }} + {{- end }} diff --git a/packages/apps/minecraft-plugin/values.schema.json b/packages/apps/minecraft-plugin/values.schema.json new file mode 100644 index 0000000..add6a81 --- /dev/null +++ b/packages/apps/minecraft-plugin/values.schema.json @@ -0,0 +1,121 @@ +{ + "title": "Minecraft Plugin", + "type": "object", + "properties": { + "sourceType": { + "description": "Plugin source type.", + "type": "string", + "enum": ["hangar", "url"] + }, + "project": { + "description": "Plugin project identifier on Hangar (e.g., BlueMap).", + "type": "string", + "default": "" + }, + "url": { + "description": "Direct download URL (for sourceType: url).", + "type": "string", + "default": "" + }, + "checksum": { + "description": "SHA256 hash of the JAR file (for sourceType: url).", + "type": "string", + "default": "" + }, + "updateStrategy": { + "description": "Update strategy (latest, auto, pin, build-pin).", + "type": "string", + "enum": ["latest", "auto", "pin", "build-pin"], + "default": "latest" + }, + "version": { + "description": "Target plugin version (required for pin/build-pin).", + "type": "string", + "default": "" + }, + "instanceSelector": { + "description": "Label selector to match PaperMCServer instances.", + "type": "object", + "default": {}, + "properties": { + "matchLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + } + } + } + }, + "endpoints": { + "description": "Network endpoints exposed by this plugin.", + "type": "array", + "default": [], + "items": { + "type": "object", + "properties": { + "name": { + "description": "Endpoint name (DNS label).", + "type": "string" + }, + "port": { + "description": "TCP/UDP port number.", + "type": "integer", + "minimum": 1, + "maximum": 65535 + }, + "protocol": { + "description": "Protocol (TCP, UDP, HTTP).", + "type": "string", + "enum": ["TCP", "UDP", "HTTP"], + "default": "TCP" + } + }, + "required": ["name", "port"] + } + } + }, + "allOf": [ + { + "if": { + "properties": { + "sourceType": { "const": "hangar" } + }, + "required": ["sourceType"] + }, + "then": { + "properties": { + "project": { "minLength": 1 } + }, + "required": ["project"] + } + }, + { + "if": { + "properties": { + "sourceType": { "const": "url" } + }, + "required": ["sourceType"] + }, + "then": { + "properties": { + "url": { "minLength": 1 } + }, + "required": ["url"] + } + }, + { + "if": { + "properties": { + "updateStrategy": { "enum": ["pin", "build-pin"] } + }, + "required": ["updateStrategy"] + }, + "then": { + "properties": { + "version": { "minLength": 1 } + }, + "required": ["version"] + } + } + ] +} diff --git a/packages/apps/minecraft-plugin/values.yaml b/packages/apps/minecraft-plugin/values.yaml new file mode 100644 index 0000000..acfb6cd --- /dev/null +++ b/packages/apps/minecraft-plugin/values.yaml @@ -0,0 +1,33 @@ +## @section Plugin source + +## @param {string} sourceType="" - Plugin source type (hangar or url). Required at install time. +## No default here: a default would conflict with the conditional validation +## below (hangar requires non-empty project). Cozystack dashboard pre-fills +## sourceType via openAPISchema default in the ApplicationDefinition. + +## @param {string} project="" - Plugin project identifier on Hangar (e.g., BlueMap). +project: "" + +## @param {string} url="" - Direct download URL (for sourceType: url). +url: "" + +## @param {string} checksum="" - SHA256 hash of the JAR file (for sourceType: url). +checksum: "" + +## @section Version management + +## @param {string} updateStrategy=latest - Update strategy (latest, auto, pin, build-pin). +updateStrategy: latest + +## @param {string} version="" - Target plugin version (required for pin/build-pin). +version: "" + +## @section Instance selector + +## @param {object} instanceSelector={} - Label selector to match PaperMCServer instances. +instanceSelector: {} + +## @section Network endpoints + +## @param {array} endpoints=[] - Network endpoints exposed by this plugin. +endpoints: [] diff --git a/packages/apps/minecraft-server/Chart.yaml b/packages/apps/minecraft-server/Chart.yaml new file mode 100644 index 0000000..f936bbe --- /dev/null +++ b/packages/apps/minecraft-server/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +name: minecraft-server +description: Managed PaperMC Minecraft server with automatic updates and plugin management +type: application +version: 0.0.0 +appVersion: "1.0.0" diff --git a/packages/apps/minecraft-server/Makefile b/packages/apps/minecraft-server/Makefile new file mode 100644 index 0000000..d664c62 --- /dev/null +++ b/packages/apps/minecraft-server/Makefile @@ -0,0 +1,4 @@ +export NAME=minecraft-server +export NAMESPACE=external-minecraft-operator + +include ../../../scripts/package.mk diff --git a/packages/apps/minecraft-server/templates/papermcserver.yaml b/packages/apps/minecraft-server/templates/papermcserver.yaml new file mode 100644 index 0000000..2b93e07 --- /dev/null +++ b/packages/apps/minecraft-server/templates/papermcserver.yaml @@ -0,0 +1,61 @@ +{{- $existingSecret := lookup "v1" "Secret" .Release.Namespace (printf "%s-rcon" .Release.Name) }} +{{- $rconPassword := randAlphaNum 24 }} +{{- if $existingSecret }} + {{- $rconPassword = index $existingSecret.data "rcon-password" | b64dec }} +{{- end }} + +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Release.Name }}-rcon +stringData: + rcon-password: {{ $rconPassword | quote }} + +--- + +apiVersion: mc.k8s.lex.la/v1beta1 +kind: PaperMCServer +metadata: + name: {{ .Release.Name }} + labels: + app.kubernetes.io/instance: {{ .Release.Name }} +spec: + updateStrategy: {{ .Values.updateStrategy }} + {{- if .Values.version }} + version: {{ .Values.version | quote }} + {{- end }} + updateSchedule: + checkCron: {{ .Values.checkCron | quote }} + maintenanceWindow: + enabled: true + cron: "*/5 * * * *" + gracefulShutdown: + timeout: 30s + rcon: + enabled: true + passwordSecret: + name: {{ .Release.Name }}-rcon + key: rcon-password + service: + type: {{ .Values.serviceType }} + {{- if .Values.backupEnabled }} + backup: + enabled: true + schedule: {{ .Values.backupSchedule | quote }} + beforeUpdate: true + retention: + maxCount: {{ .Values.backupRetention }} + {{- end }} + podTemplate: + spec: + securityContext: + fsGroup: 1000 + containers: + - name: papermc + resources: + requests: + memory: {{ .Values.memoryLimit | quote }} + cpu: {{ .Values.cpuLimit | quote }} + limits: + memory: {{ .Values.memoryLimit | quote }} + cpu: {{ .Values.cpuLimit | quote }} diff --git a/packages/apps/minecraft-server/values.schema.json b/packages/apps/minecraft-server/values.schema.json new file mode 100644 index 0000000..0494f24 --- /dev/null +++ b/packages/apps/minecraft-server/values.schema.json @@ -0,0 +1,69 @@ +{ + "title": "Minecraft Server", + "type": "object", + "properties": { + "updateStrategy": { + "description": "Update strategy for Paper version.", + "type": "string", + "enum": ["latest", "auto", "pin", "build-pin"], + "default": "latest" + }, + "version": { + "description": "Target Minecraft version (required for pin/build-pin).", + "type": "string", + "default": "" + }, + "memoryLimit": { + "description": "Memory limit for the server container.", + "type": "string", + "default": "2Gi" + }, + "cpuLimit": { + "description": "CPU limit for the server container.", + "type": "string", + "default": "2000m" + }, + "serviceType": { + "description": "Service type (LoadBalancer, NodePort, ClusterIP).", + "type": "string", + "enum": ["LoadBalancer", "NodePort", "ClusterIP"], + "default": "LoadBalancer" + }, + "backupEnabled": { + "description": "Enable VolumeSnapshot-based backups.", + "type": "boolean", + "default": false + }, + "backupSchedule": { + "description": "Cron schedule for periodic backups.", + "type": "string", + "default": "0 */6 * * *" + }, + "backupRetention": { + "description": "Maximum number of backup snapshots to keep.", + "type": "integer", + "default": 10 + }, + "checkCron": { + "description": "Cron schedule for checking updates.", + "type": "string", + "default": "0 */4 * * *" + } + }, + "allOf": [ + { + "if": { + "properties": { + "updateStrategy": { "enum": ["pin", "build-pin"] } + }, + "required": ["updateStrategy"] + }, + "then": { + "properties": { + "version": { "minLength": 1 } + }, + "required": ["version"] + } + } + ] +} diff --git a/packages/apps/minecraft-server/values.yaml b/packages/apps/minecraft-server/values.yaml new file mode 100644 index 0000000..12a03e0 --- /dev/null +++ b/packages/apps/minecraft-server/values.yaml @@ -0,0 +1,35 @@ +## @section Server configuration + +## @param {string} updateStrategy=latest - Update strategy for Paper version. +## Valid values: latest, auto, pin, build-pin. +updateStrategy: latest + +## @param {string} version="" - Target Minecraft version (required for pin/build-pin). +version: "" + +## @param {string} memoryLimit=2Gi - Memory limit for the server container. +memoryLimit: 2Gi + +## @param {string} cpuLimit=2000m - CPU limit for the server container. +cpuLimit: "2000m" + +## @section Service configuration + +## @param {string} serviceType=LoadBalancer - Service type (LoadBalancer, NodePort, ClusterIP). +serviceType: LoadBalancer + +## @section Backup configuration + +## @param {boolean} backupEnabled=false - Enable VolumeSnapshot-based backups. +backupEnabled: false + +## @param {string} backupSchedule=0 */6 * * * - Cron schedule for periodic backups. +backupSchedule: "0 */6 * * *" + +## @param {int} backupRetention=10 - Maximum number of backup snapshots to keep. +backupRetention: 10 + +## @section Update schedule + +## @param {string} checkCron=0 */4 * * * - Cron schedule for checking updates. +checkCron: "0 */4 * * *" diff --git a/packages/apps/mongodb/.helmignore b/packages/apps/mongodb/.helmignore deleted file mode 100644 index 0e8a0eb..0000000 --- a/packages/apps/mongodb/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/packages/apps/mongodb/Chart.yaml b/packages/apps/mongodb/Chart.yaml deleted file mode 100644 index ce28075..0000000 --- a/packages/apps/mongodb/Chart.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: v2 -name: mongodb -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.1 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. -appVersion: "1.16.0" diff --git a/packages/apps/mongodb/Makefile b/packages/apps/mongodb/Makefile deleted file mode 100644 index de16bb0..0000000 --- a/packages/apps/mongodb/Makefile +++ /dev/null @@ -1,6 +0,0 @@ -include ../../../scripts/package.mk - -generate: - cozyvalues-gen -v values.yaml -s values.schema.json -r README.md - ../../../hack/update-crd.sh - diff --git a/packages/apps/mongodb/README.md b/packages/apps/mongodb/README.md deleted file mode 100644 index ca8a7db..0000000 --- a/packages/apps/mongodb/README.md +++ /dev/null @@ -1,11 +0,0 @@ -# MongoDB - -## Parameters - -### Common parameters - -| Name | Description | Type | Value | -| --------- | -------------------------------------------------- | -------- | ----- | -| `members` | Number of MongoDB members in the replica set. | `int` | `3` | -| `name` | Custom name for the MongoDB replica set. Optional. | `string` | `""` | - diff --git a/packages/apps/mongodb/templates/monga.yaml b/packages/apps/mongodb/templates/monga.yaml deleted file mode 100644 index b99aeb3..0000000 --- a/packages/apps/mongodb/templates/monga.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: qwert -data: - members: {{ .Values.members | quote }} diff --git a/packages/apps/mongodb/values.schema.json b/packages/apps/mongodb/values.schema.json deleted file mode 100644 index 7aa00a0..0000000 --- a/packages/apps/mongodb/values.schema.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "title": "Chart Values", - "type": "object", - "properties": { - "members": { - "description": "Number of MongoDB members in the replica set.", - "type": "integer", - "default": 3 - }, - "name": { - "description": "Custom name for the MongoDB replica set. Optional.", - "type": "string", - "default": "" - } - } -} \ No newline at end of file diff --git a/packages/apps/mongodb/values.yaml b/packages/apps/mongodb/values.yaml deleted file mode 100644 index 95740e6..0000000 --- a/packages/apps/mongodb/values.yaml +++ /dev/null @@ -1,9 +0,0 @@ -## -## @section Common parameters -## - -## @param {int} members=3 - Number of MongoDB members in the replica set. -members: 3 - -## @param {string} name - Custom name for the MongoDB replica set. Optional. -name: "" diff --git a/packages/core/platform/Chart.yaml b/packages/core/platform/Chart.yaml index c0214d6..a828478 100644 --- a/packages/core/platform/Chart.yaml +++ b/packages/core/platform/Chart.yaml @@ -1,3 +1,3 @@ apiVersion: v2 name: external-apps-platform -version: 0.0.0 +version: 0.0.1 diff --git a/packages/core/platform/templates/cozyrds.yaml b/packages/core/platform/templates/cozyrds.yaml index cebd650..92b8e93 100644 --- a/packages/core/platform/templates/cozyrds.yaml +++ b/packages/core/platform/templates/cozyrds.yaml @@ -1,45 +1,104 @@ +--- apiVersion: cozystack.io/v1alpha1 -kind: CozystackResourceDefinition +kind: ApplicationDefinition metadata: - name: mongodb - namespace: cozy-system + name: minecraft-server spec: application: - kind: MongoDB - openAPISchema: | - { - "properties": { - "members": { - "default": 3, - "description": "Number of MongoDB members in the replica set.", - "type": "integer" - }, - "name": { - "default": "", - "description": "Custom name for the MongoDB replica set. Optional.", - "type": "string" - } - }, - "title": "Chart Values", - "type": "object" - } - plural: mongodbs - singular: mongodb + kind: MinecraftServer + plural: minecraftservers + singular: minecraftserver + openAPISchema: '{"title":"Chart Values","type":"object","properties":{"updateStrategy":{"description":"Update strategy for Paper version.","type":"string","enum":["latest","auto","pin","build-pin"],"default":"latest"},"version":{"description":"Target Minecraft version (required for pin/build-pin).","type":"string","default":""},"memoryLimit":{"description":"Memory limit for the server container.","type":"string","default":"2Gi"},"cpuLimit":{"description":"CPU limit for the server container.","type":"string","default":"2000m"},"serviceType":{"description":"Service type (LoadBalancer, NodePort, ClusterIP).","type":"string","enum":["LoadBalancer","NodePort","ClusterIP"],"default":"LoadBalancer"},"backupEnabled":{"description":"Enable VolumeSnapshot-based backups.","type":"boolean","default":false},"backupSchedule":{"description":"Cron schedule for periodic backups.","type":"string","default":"0 */6 * * *"},"backupRetention":{"description":"Maximum number of backup snapshots to keep.","type":"integer","default":10},"checkCron":{"description":"Cron schedule for checking updates.","type":"string","default":"0 */4 * * *"}}}' release: - chart: - name: ./packages/apps/mongodb - sourceRef: - kind: GitRepository - name: external-apps - namespace: cozy-public + chartRef: + kind: HelmChart + name: external-apps-minecraft-server + namespace: cozy-public labels: cozystack.io/ui: "true" - prefix: mongodb- + prefix: minecraft-server- dashboard: category: PaaS - singular: MongoDB - plural: MongoDB - description: MongoDB is a popular NoSQL database. + singular: Minecraft Server + plural: Minecraft Servers + description: Managed PaperMC Minecraft server with automatic updates and plugin management. tags: - - database - icon: PHN2ZyB3aWR0aD0iMzIiIGhlaWdodD0iMzIiIHZpZXdCb3g9IjAgMCAzMiAzMiIgZmlsbD0ibm9uZSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KPHBhdGggZD0iTTIwLjU4NSAyMy4xODVDMjAuNTg1IDIyLjcwNiAyMC4zODUgMjIuMjk3IDIwLjA0NSAyMS45NzVDMTguMTc1IDIwLjE1NSAxNi43NDUgMTcuNDY1IDE2LjI4NSAxNS42NDVDMTYuMjc1IDE1LjYyNSAxNi4yNzUgMTUuNjA1IDE2LjI2NSAxNS41ODVDMTYuMjY1IDE1LjU3NSAxNi4yNjUgMTUuNTY1IDE2LjI2NSAxNS41NDVDMTYuMTA1IDE0LjkwNSAxNS45MDUgMTQuMjU1IDE1LjcwNSAxMy42NzVDMTQuODI1IDExLjA5NSAxNC4xNjUgOS4xNzUgMTMuNDU1IDcuNzY1QzEzLjMwNSAxNS43NDUgMTQuOTg1IDE3LjUwNSAxNy4xNjUgMTguMzM1QzE3LjMwNSAxOC4zODUgMTcuNTA1IDE4LjQ0NSAxNy43MDUgMTguNDk1TDE3LjcwNSAyMS45NzdDMjAuMjY1IDI0LjQ5NSAyMy40NTUgMjMuMzQ1IDIzLjQ1NSAyMy4zNDVMMjAuNTg1IDIzLjE4NVoiIGZpbGw9IiMwODBBNTMiLz4KPC9zdmc+ + - gaming + - minecraft + icon: PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCAzMiAzMiIgd2lkdGg9IjMyIiBoZWlnaHQ9IjMyIj48cGF0aCBmaWxsPSIjN0NCMzQyIiBkPSJNNCAxMCBMMTYgNCBMMjggMTAgTDI4IDIyIEwxNiAyOCBMNCAyMiBaIi8+PHBhdGggZmlsbD0iIzU1OEIyRiIgZD0iTTE2IDQgTDI4IDEwIEwxNiAxNiBaIi8+PHBhdGggZmlsbD0iIzMzNjkxRSIgZD0iTTE2IDE2IEwyOCAxMCBMMjggMjIgTDE2IDI4IFoiLz48cGF0aCBmaWxsPSIjOEJDMzRBIiBkPSJNNCAxMCBMMTYgNCBMMTYgMTYgTDQgMjIgWiIvPjwvc3ZnPgo= + keysOrder: + - - apiVersion + - - appVersion + - - kind + - - metadata + - - metadata + - name + - - spec + - updateStrategy + - - spec + - version + - - spec + - memoryLimit + - - spec + - cpuLimit + - - spec + - serviceType + - - spec + - backupEnabled + - - spec + - backupSchedule + - - spec + - backupRetention + - - spec + - checkCron +--- +apiVersion: cozystack.io/v1alpha1 +kind: ApplicationDefinition +metadata: + name: minecraft-plugin +spec: + application: + kind: MinecraftPlugin + plural: minecraftplugins + singular: minecraftplugin + openAPISchema: '{"title":"Chart Values","type":"object","properties":{"sourceType":{"description":"Plugin source type.","type":"string","enum":["hangar","url"],"default":"hangar"},"project":{"description":"Plugin project identifier on Hangar (e.g., BlueMap).","type":"string","default":""},"url":{"description":"Direct download URL (for sourceType: url).","type":"string","default":""},"checksum":{"description":"SHA256 hash of the JAR file (for sourceType: url).","type":"string","default":""},"updateStrategy":{"description":"Update strategy (latest, auto, pin, build-pin).","type":"string","enum":["latest","auto","pin","build-pin"],"default":"latest"},"version":{"description":"Target plugin version (required for pin/build-pin).","type":"string","default":""},"instanceSelector":{"description":"Label selector to match PaperMCServer instances.","type":"object","default":{},"properties":{"matchLabels":{"type":"object","additionalProperties":{"type":"string"}}}},"endpoints":{"description":"Network endpoints exposed by this plugin.","type":"array","default":[],"items":{"type":"object","properties":{"name":{"description":"Endpoint name (DNS label).","type":"string"},"port":{"description":"TCP/UDP port number.","type":"integer","minimum":1,"maximum":65535},"protocol":{"description":"Protocol (TCP, UDP, HTTP).","type":"string","enum":["TCP","UDP","HTTP"],"default":"TCP"}},"required":["name","port"]}}}}' + release: + chartRef: + kind: HelmChart + name: external-apps-minecraft-plugin + namespace: cozy-public + labels: + cozystack.io/ui: "true" + prefix: minecraft-plugin- + dashboard: + category: PaaS + singular: Minecraft Plugin + plural: Minecraft Plugins + description: Managed Minecraft plugin with automatic version management and compatibility solving. + tags: + - gaming + - minecraft + icon: PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCAzMiAzMiIgd2lkdGg9IjMyIiBoZWlnaHQ9IjMyIj48cGF0aCBmaWxsPSIjRkY5ODAwIiBkPSJNMTAgNCBMMTQgNCBMMTQgOCBMMTggOCBMMTggNCBMMjIgNCBMMjIgMTIgTDI2IDEyIEwyNiAxNiBMMjIgMTYgTDIyIDI0IEwxOCAyNCBMMTggMjAgTDE0IDIwIEwxNCAyNCBMMTAgMjQgTDEwIDE2IEw2IDE2IEw2IDEyIEwxMCAxMiBaIi8+PC9zdmc+Cg== + keysOrder: + - - apiVersion + - - appVersion + - - kind + - - metadata + - - metadata + - name + - - spec + - sourceType + - - spec + - project + - - spec + - url + - - spec + - checksum + - - spec + - updateStrategy + - - spec + - version + - - spec + - instanceSelector + - - spec + - endpoints diff --git a/packages/core/platform/templates/helmcharts.yaml b/packages/core/platform/templates/helmcharts.yaml new file mode 100644 index 0000000..4c5708f --- /dev/null +++ b/packages/core/platform/templates/helmcharts.yaml @@ -0,0 +1,26 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmChart +metadata: + name: external-apps-minecraft-server + namespace: cozy-public +spec: + interval: 5m + chart: ./packages/apps/minecraft-server + sourceRef: + kind: GitRepository + name: external-apps + reconcileStrategy: Revision +--- +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmChart +metadata: + name: external-apps-minecraft-plugin + namespace: cozy-public +spec: + interval: 5m + chart: ./packages/apps/minecraft-plugin + sourceRef: + kind: GitRepository + name: external-apps + reconcileStrategy: Revision diff --git a/packages/core/platform/templates/helmreleases.yaml b/packages/core/platform/templates/helmreleases.yaml index 8e375e1..e8b6276 100644 --- a/packages/core/platform/templates/helmreleases.yaml +++ b/packages/core/platform/templates/helmreleases.yaml @@ -1,16 +1,20 @@ +--- apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: - name: mongodb-operator - namespace: external-mongodb-operator + name: minecraft-operator + namespace: external-minecraft-operator spec: interval: 5m - targetNamespace: external-mongodb-operator + releaseName: minecraft-operator + targetNamespace: external-minecraft-operator chart: spec: - chart: ./packages/system/mongodb-operator + chart: minecraft-operator sourceRef: - kind: GitRepository - name: external-apps - namespace: cozy-public - version: '*' + kind: HelmRepository + name: minecraft-operator + version: '>=1.0.0' + values: + crds: + manage: true diff --git a/packages/core/platform/templates/helmrepositories.yaml b/packages/core/platform/templates/helmrepositories.yaml new file mode 100644 index 0000000..c47d7f5 --- /dev/null +++ b/packages/core/platform/templates/helmrepositories.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmRepository +metadata: + name: minecraft-operator + namespace: external-minecraft-operator +spec: + type: oci + interval: 5m + url: oci://ghcr.io/lexfrei/charts diff --git a/packages/core/platform/templates/namespaces.yaml b/packages/core/platform/templates/namespaces.yaml index 923cb36..acf0225 100644 --- a/packages/core/platform/templates/namespaces.yaml +++ b/packages/core/platform/templates/namespaces.yaml @@ -1,6 +1,7 @@ +--- apiVersion: v1 kind: Namespace metadata: labels: cozystack.io/system: "true" - name: external-mongodb-operator + name: external-minecraft-operator diff --git a/packages/system/mongodb-operator/Chart.yaml b/packages/system/mongodb-operator/Chart.yaml deleted file mode 100644 index df6e48c..0000000 --- a/packages/system/mongodb-operator/Chart.yaml +++ /dev/null @@ -1,3 +0,0 @@ -apiVersion: v2 -name: external-mongodb-operator -version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process diff --git a/packages/system/mongodb-operator/Makefile b/packages/system/mongodb-operator/Makefile deleted file mode 100644 index 463e8d1..0000000 --- a/packages/system/mongodb-operator/Makefile +++ /dev/null @@ -1,10 +0,0 @@ -export NAME=mongodb-operator -export NAMESPACE=external-$(NAME) - -include ../../../scripts/package.mk - -update: - rm -rf charts - helm repo add mongodb https://mongodb.github.io/helm-charts - helm repo update mongodb - helm pull mongodb/community-operator --untar --untardir community-operator diff --git a/packages/system/mongodb-operator/charts/community-operator/Chart.lock b/packages/system/mongodb-operator/charts/community-operator/Chart.lock deleted file mode 100644 index 5b1edad..0000000 --- a/packages/system/mongodb-operator/charts/community-operator/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: community-operator-crds - repository: https://mongodb.github.io/helm-charts - version: 0.13.0 -digest: sha256:3ce37bc613518311689bdb94984a850051b73e0bfce3caa6f944e188d91189d9 -generated: "2025-04-11T18:17:10.565003448Z" diff --git a/packages/system/mongodb-operator/charts/community-operator/Chart.yaml b/packages/system/mongodb-operator/charts/community-operator/Chart.yaml deleted file mode 100644 index 04a3217..0000000 --- a/packages/system/mongodb-operator/charts/community-operator/Chart.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v2 -appVersion: 0.13.0 -dependencies: -- condition: community-operator-crds.enabled - name: community-operator-crds - repository: https://mongodb.github.io/helm-charts - version: 0.13.0 -description: MongoDB Kubernetes Community Operator -home: https://github.com/mongodb/mongodb-kubernetes-operator -icon: https://mongodb-images-new.s3.eu-west-1.amazonaws.com/leaf-green-dark.png -keywords: -- mongodb -- database -- nosql -kubeVersion: '>=1.16-0' -maintainers: -- email: support@mongodb.com - name: MongoDB -name: community-operator -type: application -version: 0.13.0 diff --git a/packages/system/mongodb-operator/charts/community-operator/README.md b/packages/system/mongodb-operator/charts/community-operator/README.md deleted file mode 100644 index 92fbe03..0000000 --- a/packages/system/mongodb-operator/charts/community-operator/README.md +++ /dev/null @@ -1,88 +0,0 @@ -# MongoDB Community Kubernetes Operator Helm Chart - -A Helm Chart for installing and upgrading the [MongoDB Community -Kubernetes Operator](https://github.com/mongodb/mongodb-kubernetes-operator). - -## Prerequisites - -If required, you can install the Custom Resource Definitions [Helm -Chart](../community-operator-crds/) separately or as a dependency of this Chart. - -If the `community-operator-crds` Helm chart has been installed already, or if you -don't want to install the CRDs (because you have already installed them), then -you need to pass `--set community-operator-crds.enabled=false`, when -installing the Operator. - -## Installing Community Operator - -You can install the MongoDB Community Operator easily with: - -``` shell -helm install community-operator mongodb/community-operator -``` - -This will install `CRD`s and Community Operator in the current namespace -(`default` by _default_). You can pass a different namespace with: - -``` shell -helm install community-operator mongodb/community-operator --namespace mongodb [--create-namespace] -``` - -To install the Community Operator in a namespace called `mongodb` with the -optional `--create-namespace` in case `mongodb` didn't exist yet. - - -## Deploying a MongoDB Replica Set - -The Community Operator will be watching for resources of type -`mongodbcommunity.mongodbcommunity.mongodb.com`; you can quickly install -a sample Mongo Database with: - -``` shell -kubectl apply -f https://raw.githubusercontent.com/mongodb/mongodb-kubernetes-operator/master/config/samples/mongodb.com_v1_mongodbcommunity_cr.yaml [--namespace mongodb] -``` - -- _Note: Make sure you add the `--namespace` option when needed._ -- _Note 2: A new user will be created with a generic password. Make sure this is - only used for testing purposes._ - -After a few minutes you will have a 3-member MongoDB Replica Set installed in -your cluster, that you can check with: - -``` shell -$ kubectl get mdbc -NAME PHASE VERSION -example-mongodb Running 4.2.6 -``` - -## Connecting to MongoDB from a Client Application - -The Operator will create a `Secret` object, _per user_, created as part of the -deployment of the MongoDB resource. Each `Secret` will contain a _Connection -String_ that can be mounted into a client application to connect to this MongoDB -instance. - -The name of this `Secret` object follows the convention[^1]: - -- `--`. - -[^1]: Please note that the MongoDB `username` should comply with - [DNS-1123](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) - for the Operator to be able to create this Secret. This is a known issue - with the Community Operator. - -In our example, the above `kubectl apply` command will create a MongoDB resource -with name `example-mongodb`, with a user `my-user` on the Database `admin`. The -resulting `Secret` will be named: - -- `example-mongodb-admin-my-user` - -This `Secret` object will contain the following attributes: - -- `connectionString.standard` -- `connectionString.standardSrv` -- `username` -- `password` - -A client application will be able to connect using the `connectionString` -attributes or the `username` and `password` ones. diff --git a/packages/system/mongodb-operator/charts/community-operator/charts/community-operator-crds/.helmignore b/packages/system/mongodb-operator/charts/community-operator/charts/community-operator-crds/.helmignore deleted file mode 100644 index 3ad2298..0000000 --- a/packages/system/mongodb-operator/charts/community-operator/charts/community-operator-crds/.helmignore +++ /dev/null @@ -1,25 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ -*.crt -*.key diff --git a/packages/system/mongodb-operator/charts/community-operator/charts/community-operator-crds/Chart.yaml b/packages/system/mongodb-operator/charts/community-operator/charts/community-operator-crds/Chart.yaml deleted file mode 100644 index b445de2..0000000 --- a/packages/system/mongodb-operator/charts/community-operator/charts/community-operator-crds/Chart.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v2 -appVersion: 0.13.0 -description: MongoDB Kubernetes Community Operator - CRDs -home: https://github.com/mongodb/mongodb-kubernetes-operator -icon: https://mongodb-images-new.s3.eu-west-1.amazonaws.com/leaf-green-dark.png -keywords: -- mongodb -- database -- nosql -kubeVersion: '>=1.16-0' -maintainers: -- email: support@mongodb.com - name: MongoDB -name: community-operator-crds -type: application -version: 0.13.0 diff --git a/packages/system/mongodb-operator/charts/community-operator/charts/community-operator-crds/templates/mongodbcommunity.mongodb.com_mongodbcommunity.yaml b/packages/system/mongodb-operator/charts/community-operator/charts/community-operator-crds/templates/mongodbcommunity.mongodb.com_mongodbcommunity.yaml deleted file mode 100644 index 4531f79..0000000 --- a/packages/system/mongodb-operator/charts/community-operator/charts/community-operator-crds/templates/mongodbcommunity.mongodb.com_mongodbcommunity.yaml +++ /dev/null @@ -1,678 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - helm.sh/resource-policy: keep - controller-gen.kubebuilder.io/version: v0.15.0 - service.binding: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret - service.binding/connectionString: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret,sourceKey=connectionString.standardSrv - service.binding/password: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret,sourceKey=password - service.binding/provider: community - service.binding/type: mongodb - service.binding/username: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret,sourceKey=username - name: mongodbcommunity.mongodbcommunity.mongodb.com -spec: - group: mongodbcommunity.mongodb.com - names: - kind: MongoDBCommunity - listKind: MongoDBCommunityList - plural: mongodbcommunity - shortNames: - - mdbc - singular: mongodbcommunity - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Current state of the MongoDB deployment - jsonPath: .status.phase - name: Phase - type: string - - description: Version of MongoDB server - jsonPath: .status.version - name: Version - type: string - name: v1 - schema: - openAPIV3Schema: - description: MongoDBCommunity is the Schema for the mongodbs API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: MongoDBCommunitySpec defines the desired state of MongoDB - properties: - additionalConnectionStringConfig: - description: Additional options to be appended to the connection string. - These options apply to the entire resource and to each user. - nullable: true - type: object - x-kubernetes-preserve-unknown-fields: true - additionalMongodConfig: - description: |- - AdditionalMongodConfig is additional configuration that can be passed to - each data-bearing mongod at runtime. Uses the same structure as the mongod - configuration file: https://www.mongodb.com/docs/manual/reference/configuration-options/ - nullable: true - type: object - x-kubernetes-preserve-unknown-fields: true - agent: - description: AgentConfiguration sets options for the MongoDB automation - agent - properties: - auditLogRotate: - description: AuditLogRotate if enabled, will enable AuditLogRotate - for all processes. - properties: - includeAuditLogsWithMongoDBLogs: - description: |- - set to 'true' to have the Automation Agent rotate the audit files along - with mongodb log files - type: boolean - numTotal: - description: maximum number of log files to have total - type: integer - numUncompressed: - description: maximum number of log files to leave uncompressed - type: integer - percentOfDiskspace: - description: |- - Maximum percentage of the total disk space these log files should take up. - The string needs to be able to be converted to float64 - type: string - sizeThresholdMB: - description: |- - Maximum size for an individual log file before rotation. - The string needs to be able to be converted to float64. - Fractional values of MB are supported. - type: string - timeThresholdHrs: - description: maximum hours for an individual log file before - rotation - type: integer - required: - - sizeThresholdMB - - timeThresholdHrs - type: object - logFile: - type: string - logLevel: - type: string - logRotate: - description: LogRotate if enabled, will enable LogRotate for all - processes. - properties: - includeAuditLogsWithMongoDBLogs: - description: |- - set to 'true' to have the Automation Agent rotate the audit files along - with mongodb log files - type: boolean - numTotal: - description: maximum number of log files to have total - type: integer - numUncompressed: - description: maximum number of log files to leave uncompressed - type: integer - percentOfDiskspace: - description: |- - Maximum percentage of the total disk space these log files should take up. - The string needs to be able to be converted to float64 - type: string - sizeThresholdMB: - description: |- - Maximum size for an individual log file before rotation. - The string needs to be able to be converted to float64. - Fractional values of MB are supported. - type: string - timeThresholdHrs: - description: maximum hours for an individual log file before - rotation - type: integer - required: - - sizeThresholdMB - - timeThresholdHrs - type: object - maxLogFileDurationHours: - type: integer - systemLog: - description: SystemLog configures system log of mongod - properties: - destination: - type: string - logAppend: - type: boolean - path: - type: string - required: - - destination - - logAppend - - path - type: object - type: object - arbiters: - description: |- - Arbiters is the number of arbiters to add to the Replica Set. - It is not recommended to have more than one arbiter per Replica Set. - More info: https://www.mongodb.com/docs/manual/tutorial/add-replica-set-arbiter/ - type: integer - automationConfig: - description: |- - AutomationConfigOverride is merged on top of the operator created automation config. Processes are merged - by name. Currently Only the process.disabled field is supported. - properties: - processes: - items: - description: OverrideProcess contains fields that we can override - on the AutomationConfig processes. - properties: - disabled: - type: boolean - logRotate: - description: CrdLogRotate is the crd definition of LogRotate - including fields in strings while the agent supports them - as float64 - properties: - includeAuditLogsWithMongoDBLogs: - description: |- - set to 'true' to have the Automation Agent rotate the audit files along - with mongodb log files - type: boolean - numTotal: - description: maximum number of log files to have total - type: integer - numUncompressed: - description: maximum number of log files to leave uncompressed - type: integer - percentOfDiskspace: - description: |- - Maximum percentage of the total disk space these log files should take up. - The string needs to be able to be converted to float64 - type: string - sizeThresholdMB: - description: |- - Maximum size for an individual log file before rotation. - The string needs to be able to be converted to float64. - Fractional values of MB are supported. - type: string - timeThresholdHrs: - description: maximum hours for an individual log file - before rotation - type: integer - required: - - sizeThresholdMB - - timeThresholdHrs - type: object - name: - type: string - required: - - disabled - - name - type: object - type: array - replicaSet: - properties: - id: - description: |- - Id can be used together with additionalMongodConfig.replication.replSetName - to manage clusters where replSetName differs from the MongoDBCommunity resource name - type: string - settings: - description: |- - MapWrapper is a wrapper for a map to be used by other structs. - The CRD generator does not support map[string]interface{} - on the top level and hence we need to work around this with - a wrapping struct. - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - featureCompatibilityVersion: - description: |- - FeatureCompatibilityVersion configures the feature compatibility version that will - be set for the deployment - type: string - memberConfig: - description: MemberConfig - items: - properties: - priority: - type: string - tags: - additionalProperties: - type: string - type: object - votes: - type: integer - type: object - type: array - members: - description: Members is the number of members in the replica set - type: integer - prometheus: - description: Prometheus configurations. - properties: - metricsPath: - description: Indicates path to the metrics endpoint. - pattern: ^\/[a-z0-9]+$ - type: string - passwordSecretRef: - description: Name of a Secret containing a HTTP Basic Auth Password. - properties: - key: - description: Key is the key in the secret storing this password. - Defaults to "password" - type: string - name: - description: Name is the name of the secret storing this user's - password - type: string - required: - - name - type: object - port: - description: Port where metrics endpoint will bind to. Defaults - to 9216. - type: integer - tlsSecretKeyRef: - description: |- - Name of a Secret (type kubernetes.io/tls) holding the certificates to use in the - Prometheus endpoint. - properties: - key: - description: Key is the key in the secret storing this password. - Defaults to "password" - type: string - name: - description: Name is the name of the secret storing this user's - password - type: string - required: - - name - type: object - username: - description: HTTP Basic Auth Username for metrics endpoint. - type: string - required: - - passwordSecretRef - - username - type: object - replicaSetHorizons: - description: |- - ReplicaSetHorizons Add this parameter and values if you need your database - to be accessed outside of Kubernetes. This setting allows you to - provide different DNS settings within the Kubernetes cluster and - to the Kubernetes cluster. The Kubernetes Operator uses split horizon - DNS for replica set members. This feature allows communication both - within the Kubernetes cluster and from outside Kubernetes. - items: - additionalProperties: - type: string - type: object - type: array - security: - description: Security configures security features, such as TLS, and - authentication settings for a deployment - properties: - authentication: - properties: - agentCertificateSecretRef: - description: |- - AgentCertificateSecret is a reference to a Secret containing the certificate and the key for the automation agent - The secret needs to have available: - - certificate under key: "tls.crt" - - private key under key: "tls.key" - If additionally, tls.pem is present, then it needs to be equal to the concatenation of tls.crt and tls.key - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - type: object - x-kubernetes-map-type: atomic - agentMode: - description: AgentMode contains the authentication mode used - by the automation agent. - enum: - - SCRAM - - SCRAM-SHA-256 - - SCRAM-SHA-1 - - X509 - type: string - ignoreUnknownUsers: - default: true - nullable: true - type: boolean - modes: - description: Modes is an array specifying which authentication - methods should be enabled. - items: - enum: - - SCRAM - - SCRAM-SHA-256 - - SCRAM-SHA-1 - - X509 - type: string - type: array - required: - - modes - type: object - roles: - description: User-specified custom MongoDB roles that should be - configured in the deployment. - items: - description: CustomRole defines a custom MongoDB role. - properties: - authenticationRestrictions: - description: The authentication restrictions the server - enforces on the role. - items: - description: |- - AuthenticationRestriction specifies a list of IP addresses and CIDR ranges users - are allowed to connect to or from. - properties: - clientSource: - items: - type: string - type: array - serverAddress: - items: - type: string - type: array - required: - - clientSource - - serverAddress - type: object - type: array - db: - description: The database of the role. - type: string - privileges: - description: The privileges to grant the role. - items: - description: Privilege defines the actions a role is allowed - to perform on a given resource. - properties: - actions: - items: - type: string - type: array - resource: - description: |- - Resource specifies specifies the resources upon which a privilege permits actions. - See https://www.mongodb.com/docs/manual/reference/resource-document for more. - properties: - anyResource: - type: boolean - cluster: - type: boolean - collection: - type: string - db: - type: string - type: object - required: - - actions - - resource - type: object - type: array - role: - description: The name of the role. - type: string - roles: - description: An array of roles from which this role inherits - privileges. - items: - description: Role is the database role this user should - have - properties: - db: - description: DB is the database the role can act on - type: string - name: - description: Name is the name of the role - type: string - required: - - db - - name - type: object - type: array - required: - - db - - privileges - - role - type: object - type: array - tls: - description: TLS configuration for both client-server and server-server - communication - properties: - caCertificateSecretRef: - description: |- - CaCertificateSecret is a reference to a Secret containing the certificate for the CA which signed the server certificates - The certificate is expected to be available under the key "ca.crt" - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - type: object - x-kubernetes-map-type: atomic - caConfigMapRef: - description: |- - CaConfigMap is a reference to a ConfigMap containing the certificate for the CA which signed the server certificates - The certificate is expected to be available under the key "ca.crt" - This field is ignored when CaCertificateSecretRef is configured - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - type: object - x-kubernetes-map-type: atomic - certificateKeySecretRef: - description: |- - CertificateKeySecret is a reference to a Secret containing a private key and certificate to use for TLS. - The key and cert are expected to be PEM encoded and available at "tls.key" and "tls.crt". - This is the same format used for the standard "kubernetes.io/tls" Secret type, but no specific type is required. - Alternatively, an entry tls.pem, containing the concatenation of cert and key, can be provided. - If all of tls.pem, tls.crt and tls.key are present, the tls.pem one needs to be equal to the concatenation of tls.crt and tls.key - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - type: object - x-kubernetes-map-type: atomic - enabled: - type: boolean - optional: - description: Optional configures if TLS should be required - or optional for connections - type: boolean - required: - - enabled - type: object - type: object - statefulSet: - description: |- - StatefulSetConfiguration holds the optional custom StatefulSet - that should be merged into the operator created one. - properties: - metadata: - description: StatefulSetMetadataWrapper is a wrapper around Labels - and Annotations - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - spec - type: object - type: - description: Type defines which type of MongoDB deployment the resource - should create - enum: - - ReplicaSet - type: string - users: - description: Users specifies the MongoDB users that should be configured - in your deployment - items: - properties: - additionalConnectionStringConfig: - description: |- - Additional options to be appended to the connection string. - These options apply only to this user and will override any existing options in the resource. - nullable: true - type: object - x-kubernetes-preserve-unknown-fields: true - connectionStringSecretName: - description: |- - ConnectionStringSecretName is the name of the secret object created by the operator which exposes the connection strings for the user. - If provided, this secret must be different for each user in a deployment. - type: string - connectionStringSecretNamespace: - description: ConnectionStringSecretNamespace is the namespace - of the secret object created by the operator which exposes - the connection strings for the user. - type: string - db: - default: admin - description: DB is the database the user is stored in. Defaults - to "admin" - type: string - name: - description: Name is the username of the user - type: string - passwordSecretRef: - description: PasswordSecretRef is a reference to the secret - containing this user's password - properties: - key: - description: Key is the key in the secret storing this password. - Defaults to "password" - type: string - name: - description: Name is the name of the secret storing this - user's password - type: string - required: - - name - type: object - roles: - description: Roles is an array of roles assigned to this user - items: - description: Role is the database role this user should have - properties: - db: - description: DB is the database the role can act on - type: string - name: - description: Name is the name of the role - type: string - required: - - db - - name - type: object - type: array - scramCredentialsSecretName: - description: |- - ScramCredentialsSecretName appended by string "scram-credentials" is the name of the secret object created by the mongoDB operator for storing SCRAM credentials - These secrets names must be different for each user in a deployment. - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - - roles - type: object - type: array - version: - description: Version defines which version of MongoDB will be used - type: string - required: - - security - - type - - users - type: object - status: - description: MongoDBCommunityStatus defines the observed state of MongoDB - properties: - currentMongoDBArbiters: - type: integer - currentMongoDBMembers: - type: integer - currentStatefulSetArbitersReplicas: - type: integer - currentStatefulSetReplicas: - type: integer - message: - type: string - mongoUri: - type: string - phase: - type: string - version: - type: string - required: - - currentMongoDBMembers - - currentStatefulSetReplicas - - mongoUri - - phase - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/packages/system/mongodb-operator/charts/community-operator/charts/community-operator-crds/values.yaml b/packages/system/mongodb-operator/charts/community-operator/charts/community-operator-crds/values.yaml deleted file mode 100644 index e69de29..0000000 diff --git a/packages/system/mongodb-operator/charts/community-operator/templates/database_roles.yaml b/packages/system/mongodb-operator/charts/community-operator/templates/database_roles.yaml deleted file mode 100644 index b5662ff..0000000 --- a/packages/system/mongodb-operator/charts/community-operator/templates/database_roles.yaml +++ /dev/null @@ -1,42 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Values.database.name }} - namespace: {{ if .Values.database.namespace }} {{ .Values.database.namespace }} {{ else }} {{ .Release.Namespace }} {{ end }} - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ .Values.database.name }} - namespace: {{ if .Values.database.namespace }} {{ .Values.database.namespace }} {{ else }} {{ .Release.Namespace }} {{ end }} -rules: - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - apiGroups: - - "" - resources: - - pods - verbs: - - patch - - delete - - get - ---- -kind: RoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ .Values.database.name }} - namespace: {{ if .Values.database.namespace }} {{ .Values.database.namespace }} {{ else }} {{ .Release.Namespace }} {{ end }} -subjects: - - kind: ServiceAccount - name: {{ .Values.database.name }} -roleRef: - kind: Role - name: {{ .Values.database.name }} - apiGroup: rbac.authorization.k8s.io diff --git a/packages/system/mongodb-operator/charts/community-operator/templates/mongodbcommunity_cr_with_tls.yaml b/packages/system/mongodb-operator/charts/community-operator/templates/mongodbcommunity_cr_with_tls.yaml deleted file mode 100644 index b717961..0000000 --- a/packages/system/mongodb-operator/charts/community-operator/templates/mongodbcommunity_cr_with_tls.yaml +++ /dev/null @@ -1,153 +0,0 @@ -{{- if and .Values.resource.tls.enabled .Values.resource.tls.useCertManager }} -# cert-manager resources -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: tls-selfsigned-issuer - namespace: {{ .Values.namespace }} -spec: - selfSigned: {} ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: tls-selfsigned-ca - namespace: {{ .Values.namespace }} -spec: - isCA: true - commonName: "*.{{ .Values.resource.name }}-svc.{{ .Values.namespace }}.svc.cluster.local" - dnsNames: - - "*.{{ .Values.resource.name }}-svc.{{ .Values.namespace }}.svc.cluster.local" - secretName: {{ .Values.resource.tls.caCertificateSecretRef }} - privateKey: - algorithm: ECDSA - size: 256 - issuerRef: - name: tls-selfsigned-issuer - kind: Issuer ---- -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: tls-ca-issuer - namespace: {{ .Values.namespace }} -spec: - ca: - secretName: {{ .Values.resource.tls.caCertificateSecretRef }} ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: cert-manager-tls-certificate - namespace: {{ .Values.namespace }} -spec: - secretName: {{ .Values.resource.tls.certificateKeySecretRef }} - issuerRef: - name: tls-ca-issuer - kind: Issuer - duration: {{ .Values.resource.tls.certManager.certDuration | default "8760h" }} # default to 365 days - renewBefore: {{ .Values.resource.tls.certManager.renewCertBefore | default "720h" }} # default to 30 days - commonName: "*.{{ .Values.resource.name }}-svc.{{ .Values.namespace }}.svc.cluster.local" - dnsNames: - - "*.{{ .Values.resource.name }}-svc.{{ .Values.namespace }}.svc.cluster.local" -{{- if .Values.resource.tls.useX509 }} -# Agent X509 certs ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: agent-certs - namespace: {{ .Values.namespace }} -spec: - commonName: mms-automation-agent - dnsNames: - - automation - duration: 240h0m0s - issuerRef: - name: tls-ca-issuer - renewBefore: 120h0m0s - secretName: agent-certs - subject: - countries: - - US - localities: - - NY - organizationalUnits: - - a-1635241837-m5yb81lfnrz - organizations: - - cluster.local-agent - provinces: - - NY - usages: - - digital signature - - key encipherment - - client auth -{{- end }} -{{- if .Values.resource.tls.sampleX509User }} -# Client certs ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: x509-user-cert - namespace: {{ .Values.namespace }} -spec: - commonName: my-x509-user - duration: 240h0m0s - issuerRef: - name: tls-ca-issuer - renewBefore: 120h0m0s - secretName: my-x509-user-cert - subject: - organizationalUnits: - - organizationalunit - organizations: - - organization - usages: - - digital signature - - client auth -{{- end }} -{{- end }} -{{- if .Values.createResource }} -# mongodb resources ---- -apiVersion: mongodbcommunity.mongodb.com/v1 -kind: MongoDBCommunity -metadata: - name: {{ .Values.resource.name }} - namespace: {{ .Values.namespace }} -spec: - members: {{ .Values.resource.members }} - type: ReplicaSet - version: {{ .Values.resource.version }} - security: - tls: - enabled: {{ .Values.resource.tls.enabled }} - {{- if .Values.resource.tls.enabled }} - certificateKeySecretRef: - name: {{ .Values.resource.tls.certificateKeySecretRef }} - caCertificateSecretRef: - name: {{ .Values.resource.tls.caCertificateSecretRef }} - {{- end }} - authentication: - {{- if .Values.resource.tls.useX509 }} - modes: ["X509"] - {{- else }} - modes: ["SCRAM"] - {{- end }} - {{- if .Values.resource.tls.sampleX509User }} - users: - - name: CN=my-x509-user,OU=organizationalunit,O=organization - db: $external - roles: - - name: clusterAdmin - db: admin - - name: userAdminAnyDatabase - db: admin - - name: readWriteAnyDatabase - db: admin - {{- else }} - users: - {{- toYaml .Values.resource.users | nindent 4 }} - {{- end}} -{{- end }} diff --git a/packages/system/mongodb-operator/charts/community-operator/templates/operator.yaml b/packages/system/mongodb-operator/charts/community-operator/templates/operator.yaml deleted file mode 100644 index 6936924..0000000 --- a/packages/system/mongodb-operator/charts/community-operator/templates/operator.yaml +++ /dev/null @@ -1,91 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - annotations: - email: support@mongodb.com - labels: - owner: mongodb - name: {{ .Values.operator.name }} - namespace: {{ .Release.Namespace }} -spec: - replicas: {{ .Values.operator.replicas }} - selector: - matchLabels: - name: {{ .Values.operator.name }} - strategy: - rollingUpdate: - maxUnavailable: 1 - type: RollingUpdate - template: - metadata: - labels: - name: {{ .Values.operator.name }} - {{- with .Values.operator.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - affinity: - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: name - operator: In - values: - - {{ .Values.operator.name }} - topologyKey: kubernetes.io/hostname - containers: - - command: - - /usr/local/bin/entrypoint - env: -{{- if .Values.operator.extraEnvs }} - {{ toYaml .Values.operator.extraEnvs | nindent 12 }} -{{- end }} - - name: WATCH_NAMESPACE -{{- if .Values.operator.watchNamespace}} - value: "{{ .Values.operator.watchNamespace }}" -{{- else }} - valueFrom: - fieldRef: - fieldPath: metadata.namespace -{{- end }} - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: OPERATOR_NAME - value: {{ .Values.operator.name }} - - name: AGENT_IMAGE - value: "{{ .Values.registry.agent }}/{{ .Values.agent.name }}:{{ .Values.agent.version }}" - - name: VERSION_UPGRADE_HOOK_IMAGE - value: "{{ .Values.registry.versionUpgradeHook }}/{{ .Values.versionUpgradeHook.name }}:{{ .Values.versionUpgradeHook.version }}" - - name: READINESS_PROBE_IMAGE - value: "{{ .Values.registry.readinessProbe }}/{{ .Values.readinessProbe.name }}:{{ .Values.readinessProbe.version }}" - - name: MONGODB_IMAGE - value: {{ .Values.mongodb.name }} - - name: MONGODB_REPO_URL - value: {{ .Values.mongodb.repo }} - - name: MDB_IMAGE_TYPE - value: {{ .Values.mongodb.imageType }} - image: {{ .Values.registry.operator }}/{{ .Values.operator.operatorImageName }}:{{ .Values.operator.version }} - imagePullPolicy: {{ .Values.registry.pullPolicy}} - name: {{ .Values.operator.deploymentName }} - resources: - {{- toYaml .Values.operator.resources | nindent 12 }} - {{- if .Values.operator.securityContext }} - securityContext: - {{- toYaml .Values.operator.securityContext | nindent 12 }} - {{- end }} - {{- if .Values.operator.priorityClassName }} - priorityClassName: {{ .Values.operator.priorityClassName }} - {{- end }} - {{- if .Values.operator.podSecurityContext }} - securityContext: - {{- toYaml .Values.operator.podSecurityContext | nindent 8 }} - {{- end }} - serviceAccountName: {{ .Values.operator.name }} diff --git a/packages/system/mongodb-operator/charts/community-operator/templates/operator_roles.yaml b/packages/system/mongodb-operator/charts/community-operator/templates/operator_roles.yaml deleted file mode 100644 index 0f0988b..0000000 --- a/packages/system/mongodb-operator/charts/community-operator/templates/operator_roles.yaml +++ /dev/null @@ -1,77 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Values.operator.name }} - namespace: {{ .Release.Namespace }} - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: {{ if eq (.Values.operator.watchNamespace | default "") "*" }} ClusterRole {{ else }} Role {{ end }} -metadata: - name: {{ .Values.operator.name }} - {{- if not (eq (.Values.operator.watchNamespace | default "*") "*") }} - namespace: {{ .Values.operator.watchNamespace }} - {{- else }} - namespace: {{ .Release.Namespace }} - {{- end }} -rules: -- apiGroups: - - "" - resources: - - pods - - services - - configmaps - - secrets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - apps - resources: - - statefulsets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - mongodbcommunity.mongodb.com - resources: - - mongodbcommunity - - mongodbcommunity/status - - mongodbcommunity/spec - - mongodbcommunity/finalizers - verbs: - - get - - patch - - list - - update - - watch - ---- -kind: {{ if eq (.Values.operator.watchNamespace | default "") "*" }} ClusterRoleBinding {{ else }} RoleBinding {{ end }} -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ .Values.operator.name }} - {{- if ne (.Values.operator.watchNamespace | default "*") "*" }} - namespace: {{ .Values.operator.watchNamespace }} - {{- else }} - namespace: {{ .Release.Namespace }} - {{- end }} -subjects: -- kind: ServiceAccount - name: {{ .Values.operator.name }} - namespace: {{ .Release.Namespace }} -roleRef: - kind: {{ if eq (.Values.operator.watchNamespace | default "") "*" }} ClusterRole {{ else }} Role {{ end }} - name: {{ .Values.operator.name }} - apiGroup: rbac.authorization.k8s.io diff --git a/packages/system/mongodb-operator/charts/community-operator/values.yaml b/packages/system/mongodb-operator/charts/community-operator/values.yaml deleted file mode 100644 index eddd43e..0000000 --- a/packages/system/mongodb-operator/charts/community-operator/values.yaml +++ /dev/null @@ -1,128 +0,0 @@ -## Reference to one or more secrets to be used when pulling images -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ -imagePullSecrets: [] -# - name: "image-pull-secret" -## Operator -operator: - # Name that will be assigned to most of internal Kubernetes objects like - # Deployment, ServiceAccount, Role etc. - name: mongodb-kubernetes-operator - - # Name of the operator image - operatorImageName: mongodb-kubernetes-operator - - # Name of the deployment of the operator pod - deploymentName: mongodb-kubernetes-operator - - # Version of mongodb-kubernetes-operator - version: 0.13.0 - - # Uncomment this line to watch all namespaces - # watchNamespace: "*" - - # Resources allocated to Operator Pod - resources: - limits: - cpu: 1100m - memory: 1Gi - requests: - cpu: 500m - memory: 200Mi - - # PriorityClass configuration for operator - # ref: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass - priorityClassName: '' - - # replicas deployed for the operator pod. Running 1 is optimal and suggested. - replicas: 1 - - # Additional environment variables - extraEnvs: [] - # environment: - # - name: CLUSTER_DOMAIN - # value: my-cluster.domain - - podSecurityContext: - runAsNonRoot: true - runAsUser: 2000 - - securityContext: {} - - # Custom labels to be added to the operator pod - podLabels: {} - -## Operator's database -database: - name: mongodb-database - # set this to the namespace where you would like - # to deploy the MongoDB database, - # Note if the database namespace is not same - # as the operator namespace, - # make sure to set "watchNamespace" to "*" - # to ensure that the operator has the - # permission to reconcile resources in other namespaces - # namespace: mongodb-database - -agent: - name: mongodb-agent-ubi - version: 108.0.6.8796-1 -versionUpgradeHook: - name: mongodb-kubernetes-operator-version-upgrade-post-start-hook - version: 1.0.10 -readinessProbe: - name: mongodb-kubernetes-readinessprobe - version: 1.0.23 -mongodb: - name: mongodb-community-server - repo: docker.io/mongodb - imageType: ubi8 - -registry: - agent: quay.io/mongodb - versionUpgradeHook: quay.io/mongodb - readinessProbe: quay.io/mongodb - operator: quay.io/mongodb - pullPolicy: Always - -# Set to false if CRDs have been installed already. The CRDs can be installed -# manually from the code repo: github.com/mongodb/mongodb-kubernetes-operator or -# using the `community-operator-crds` Helm chart. -community-operator-crds: - enabled: true - -# Deploys MongoDB with `resource` attributes. -createResource: false -resource: - name: mongodb-replica-set - version: 4.4.0 - members: 3 - tls: - enabled: false - - # Installs Cert-Manager in this cluster. - useX509: false - sampleX509User: false - useCertManager: true - certificateKeySecretRef: tls-certificate - caCertificateSecretRef: tls-ca-key-pair - certManager: - certDuration: 8760h # 365 days - renewCertBefore: 720h # 30 days - - users: [] - # if using the MongoDBCommunity Resource, list any users to be added to the resource - # users: - # - name: my-user - # db: admin - # passwordSecretRef: # a reference to the secret that will be used to generate the user's password - # name: - # roles: - # - name: clusterAdmin - # db: admin - # - name: userAdminAnyDatabase - # db: admin - # - name: readWriteAnyDatabase - # db: admin - # - name: dbAdminAnyDatabase - # db: admin - # scramCredentialsSecretName: my-scram diff --git a/scripts/package.mk b/scripts/package.mk index 6940ad7..cf0f5b7 100644 --- a/scripts/package.mk +++ b/scripts/package.mk @@ -5,22 +5,22 @@ help: ## Show this help. @awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {sub("\\\\n",sprintf("\n%22c"," "), $$2);printf "\033[36m%-20s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST) show: check ## Show output of rendered templates - cozypkg show -n $(NAMESPACE) $(NAME) + cozyhr show -n $(NAMESPACE) $(NAME) apply: check suspend ## Apply Helm release to a Kubernetes cluster - cozypkg apply -n $(NAMESPACE) $(NAME) + cozyhr apply -n $(NAMESPACE) $(NAME) diff: check ## Diff Helm release against objects in a Kubernetes cluster - cozypkg diff -n $(NAMESPACE) $(NAME) + cozyhr diff -n $(NAMESPACE) $(NAME) suspend: check ## Suspend reconciliation for an existing Helm release - cozypkg suspend -n $(NAMESPACE) $(NAME) + cozyhr suspend -n $(NAMESPACE) $(NAME) resume: check ## Resume reconciliation for an existing Helm release - cozypkg resume -n $(NAMESPACE) $(NAME) + cozyhr resume -n $(NAMESPACE) $(NAME) delete: check suspend ## Delete Helm release from a Kubernetes cluster - cozypkg delete -n $(NAMESPACE) $(NAME) + cozyhr delete -n $(NAMESPACE) $(NAME) check: @if [ -z "$(NAME)" ]; then echo "env NAME is not set!" >&2; exit 1; fi