Conversation
This adds a new implementation for objectbuckets where no IAM is available. It allows to simply provision new buckets if credentials with sufficient permissions are supplied.
🔀 Merge master into develop (Release)
Move SSH XListenerSet to instance namespace and filter webhook scope
This generalizes Forgejo's SSH TCPRoute handler so it can be used with other services as well.
Add SLI prober for Garage
Add generic objectbucket implementation
This allows HTTPRoutes to be used instead of ingress on servala clusters.
Add HTTPRoute as alternative to ingress
Add Generalized TCPRoute handler
Initialize OpenBao Service
- Add `"TCPGateway"` to `+kubebuilder:validation:Enum` marker on `VSHNDBaaSNetworkSpec.ServiceType` - Update comment listing enum values - Run `make generate`
- Guard: `ServiceType == "TCPGateway"` && `externalAccessEnabled(svc)`
- Call `tcproute.AddTCPRoute()` with config:
- `ResourceName`: `comp.GetName() + "-pg"`
- `ListenerName`: `"postgresql"`
- `BackendServiceName`: `"postgresql-rw"`
- `BackendServicePort`: `5432`
- `PodListenPort`: `5432`
- `PodSelectorLabels`: `{"cnpg.io/cluster": "postgresql"}`
- `InstanceNamespace`: `comp.GetInstanceNamespace()`
- Return observed state (port + domain) for downstream steps
- Add `"tcpgateway"` step with `Execute: ConfigureTCPGateway` - Position: after `"deploy"`, before `"connection-details"`
- In `createCerts`: if `ServiceType == "TCPGateway"` and gateway domain known from observed connection details, add domain to `DNSNames` in cert spec - Apply same "mark unready until SAN present" pattern used for LoadBalancer IP - Check observed cert's DNSNames; if gateway domain missing, keep cert resource as unready
- `pkg/comp-functions/functions/vshnpostgrescnpg/tcpgateway_test.go` — unit tests for ConfigureTCPGateway (enabled/disabled, port observed/not observed) - Extend `connection_details_test.go` — test gateway connection detail keys - Extend `deploy_test.go` — test cert DNS SAN injection for TCPGateway - Add test fixture in `test/functions/vshnpostgrescnpg/` if needed
- Labels not set on the xls, webhook did not pick it up - Resource names - Allow deletion
Add TCP Gateway to CNPG PostgreSQL
The apply job applies ALL configuration again. Including the default one. The default one however will fallback to a default password if a specific env variable wasn't set. Those env vars were not set in the apply job, after the job ran it created the default user. This fix adds the missing env vars to the job so it will not create the default user.
Also pass admin credentials to apply job
This doesn't redirect to the admin interface anymore if only the admin fqdn is set
Allow disabling Keycloak admin interface
Update garage apiversion
The empty spec fields cause issues with server-side-apply in provider-kubernetes with StatefulSets as SSA wants to override the already present and immutable fields. Since this is only used for observing SSTs we don't need the spec at all, as the information in the `metadata` is enough to identify the SST to observe
We might create objects with `nil` values in fields which can cause issues with some CRs that expect a non-nil value. To fix that, we drop any fields that have a `nil` value before putting the object into the desired state
We currently don't support nextcloud in HA as this requires additional engineering effort. We therefore restrict it to max 1 instance
Rework guaranteed availability webhook
Adjust runtime to properly support provider-kubernetes SSA
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Auto-generated PR to release from develop to master.