From cc4d5c1c7733f8c8a46bb89a0372f7c9606fd7ed Mon Sep 17 00:00:00 2001 From: Jan Mussler Date: Tue, 23 Nov 2021 11:28:26 +0100 Subject: [PATCH 1/7] Allow whitelisting of teams to do auto upgrade upgrade via operator. --- pkg/cluster/majorversionupgrade.go | 25 ++++++++++++++++++++++++- pkg/util/config/config.go | 1 + 2 files changed, 25 insertions(+), 1 deletion(-) diff --git a/pkg/cluster/majorversionupgrade.go b/pkg/cluster/majorversionupgrade.go index edb55c882..7308f834e 100644 --- a/pkg/cluster/majorversionupgrade.go +++ b/pkg/cluster/majorversionupgrade.go @@ -44,9 +44,32 @@ func (c *Cluster) GetDesiredMajorVersion() string { return c.Spec.PgVersion } +func isTeamWhitelisted(c *Cluster) bool { + whitelistedTeams := c.OpConfig.MajorVersionUpgradeTeamWhitelist + owningTeam := c.Spec.teamID + + if len(whitelistedTeams) == 0 { + return false + } + + for _, t := range whitelistedTeams { + if t == owningTeam { + return true + } + } + return false +} + +/* + Execute upgrade when mode is set to manual or full or when the owning team is whitelisted for upgrade. + + Manual upgrade means, it us triggered by the user via manifest version change + Full upgrade means, operator also determins the minimal version used accross all clusters and upgrades violators. + +*/ func (c *Cluster) majorVersionUpgrade() error { - if c.OpConfig.MajorVersionUpgradeMode == "off" { + if c.OpConfig.MajorVersionUpgradeMode == "off" && !isTeamWhitelisted(c) { return nil } diff --git a/pkg/util/config/config.go b/pkg/util/config/config.go index 78e0a6c49..2296f9ca0 100644 --- a/pkg/util/config/config.go +++ b/pkg/util/config/config.go @@ -214,6 +214,7 @@ type Config struct { MajorVersionUpgradeMode string `name:"major_version_upgrade_mode" default:"off"` MinimalMajorVersion string `name:"minimal_major_version" default:"9.6"` TargetMajorVersion string `name:"target_major_version" default:"14"` + MajorVersionUpgradeTeamWhitelist []string `name:"major_version_upgrade_team_whitelist" default:""` } // MustMarshal marshals the config or panics From 8705ab49f9831f8ba3843a5d1636156f1c6c2a50 Mon Sep 17 00:00:00 2001 From: Jan Mussler Date: Tue, 23 Nov 2021 11:53:55 +0100 Subject: [PATCH 2/7] Fix teamId field. --- pkg/cluster/majorversionupgrade.go | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/pkg/cluster/majorversionupgrade.go b/pkg/cluster/majorversionupgrade.go index 7308f834e..7662d1e8e 100644 --- a/pkg/cluster/majorversionupgrade.go +++ b/pkg/cluster/majorversionupgrade.go @@ -46,7 +46,7 @@ func (c *Cluster) GetDesiredMajorVersion() string { func isTeamWhitelisted(c *Cluster) bool { whitelistedTeams := c.OpConfig.MajorVersionUpgradeTeamWhitelist - owningTeam := c.Spec.teamID + owningTeam := c.Spec.TeamID if len(whitelistedTeams) == 0 { return false @@ -64,8 +64,7 @@ func isTeamWhitelisted(c *Cluster) bool { Execute upgrade when mode is set to manual or full or when the owning team is whitelisted for upgrade. Manual upgrade means, it us triggered by the user via manifest version change - Full upgrade means, operator also determins the minimal version used accross all clusters and upgrades violators. - + Full upgrade means, operator also determines the minimal version used accross all clusters and upgrades violators. */ func (c *Cluster) majorVersionUpgrade() error { From a0cba4b6985084a9a730218f2f77dc6f6031e699 Mon Sep 17 00:00:00 2001 From: Felix Kunde Date: Thu, 25 Nov 2021 12:26:27 +0100 Subject: [PATCH 3/7] finish up introducing MajorVersionUpgradeTeamWhitelist option --- .../crds/operatorconfigurations.yaml | 4 ++++ charts/postgres-operator/values.yaml | 4 ++++ docs/reference/operator_parameters.md | 4 ++++ manifests/configmap.yaml | 1 + manifests/operatorconfiguration.crd.yaml | 4 ++++ .../postgresql-operator-default-configuration.yaml | 2 ++ pkg/apis/acid.zalan.do/v1/crds.go | 8 ++++++++ .../acid.zalan.do/v1/operator_configuration_type.go | 7 ++++--- pkg/cluster/majorversionupgrade.go | 13 ++++--------- pkg/controller/operator_config.go | 1 + pkg/util/config/config.go | 2 +- 11 files changed, 37 insertions(+), 13 deletions(-) diff --git a/charts/postgres-operator/crds/operatorconfigurations.yaml b/charts/postgres-operator/crds/operatorconfigurations.yaml index b74ebbb0a..cd0aa7377 100644 --- a/charts/postgres-operator/crds/operatorconfigurations.yaml +++ b/charts/postgres-operator/crds/operatorconfigurations.yaml @@ -131,6 +131,10 @@ spec: major_version_upgrade_mode: type: string default: "off" + major_version_upgrade_team_whitelist: + type: array + items: + type: string minimal_major_version: type: string default: "9.6" diff --git a/charts/postgres-operator/values.yaml b/charts/postgres-operator/values.yaml index d660de0ab..5f02cc7f1 100644 --- a/charts/postgres-operator/values.yaml +++ b/charts/postgres-operator/values.yaml @@ -64,6 +64,10 @@ configUsers: configMajorVersionUpgrade: # "off": no upgrade, "manual": manifest triggers action, "full": minimal version violation triggers too major_version_upgrade_mode: "off" + # upgrades will only be carried out for clusters of listed teams + # major_version_upgrade_team_whitelist: + # - acid + # minimal Postgres major version that will not automatically be upgraded minimal_major_version: "9.6" # target Postgres major version when upgrading clusters automatically diff --git a/docs/reference/operator_parameters.md b/docs/reference/operator_parameters.md index bba917d88..4a41c66d1 100644 --- a/docs/reference/operator_parameters.md +++ b/docs/reference/operator_parameters.md @@ -184,6 +184,10 @@ CRD-configuration, they are grouped under the `major_version_upgrade` key. Note, that with all three modes increasing the version in the manifest will trigger a rolling update of the pods. The default is `"off"`. +* **major_version_upgrade_team_whitelist** + Upgrades will only be carried out for clusters of listed teams. The default + is empty which means a team filter is not applied. + * **minimal_major_version** The minimal Postgres major version that will not automatically be upgraded when `major_version_upgrade_mode` is set to `"full"`. The default is `"9.6"`. diff --git a/manifests/configmap.yaml b/manifests/configmap.yaml index e91e2f19e..aecae70e1 100644 --- a/manifests/configmap.yaml +++ b/manifests/configmap.yaml @@ -77,6 +77,7 @@ data: logical_backup_s3_sse: "AES256" logical_backup_schedule: "30 00 * * *" major_version_upgrade_mode: "manual" + # major_version_upgrade_team_whitelist: "" master_dns_name_format: "{cluster}.{team}.{hostedzone}" # master_pod_move_timeout: 20m # max_instances: "-1" diff --git a/manifests/operatorconfiguration.crd.yaml b/manifests/operatorconfiguration.crd.yaml index d202125f3..66f45cad9 100644 --- a/manifests/operatorconfiguration.crd.yaml +++ b/manifests/operatorconfiguration.crd.yaml @@ -129,6 +129,10 @@ spec: major_version_upgrade_mode: type: string default: "off" + major_version_upgrade_team_whitelist: + type: array + items: + type: string minimal_major_version: type: string default: "9.6" diff --git a/manifests/postgresql-operator-default-configuration.yaml b/manifests/postgresql-operator-default-configuration.yaml index 24d496b36..c58e6c19e 100644 --- a/manifests/postgresql-operator-default-configuration.yaml +++ b/manifests/postgresql-operator-default-configuration.yaml @@ -28,6 +28,8 @@ configuration: super_username: postgres major_version_upgrade: major_version_upgrade_mode: "off" + # major_version_upgrade_team_whitelist: + # - acid minimal_major_version: "9.6" target_major_version: "14" kubernetes: diff --git a/pkg/apis/acid.zalan.do/v1/crds.go b/pkg/apis/acid.zalan.do/v1/crds.go index 582b1379e..2f0bbd5a3 100644 --- a/pkg/apis/acid.zalan.do/v1/crds.go +++ b/pkg/apis/acid.zalan.do/v1/crds.go @@ -1019,6 +1019,14 @@ var OperatorConfigCRDResourceValidation = apiextv1.CustomResourceValidation{ "major_version_upgrade_mode": { Type: "string", }, + "major_version_upgrade_team_whitelist": { + Type: "array", + Items: &apiextv1.JSONSchemaPropsOrArray{ + Schema: &apiextv1.JSONSchemaProps{ + Type: "string", + }, + }, + }, "minimal_major_version": { Type: "string", }, diff --git a/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go b/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go index 6d0dd136a..98c09d1a1 100644 --- a/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go +++ b/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go @@ -43,9 +43,10 @@ type PostgresUsersConfiguration struct { // MajorVersionUpgradeConfiguration defines how to execute major version upgrades of Postgres. type MajorVersionUpgradeConfiguration struct { - MajorVersionUpgradeMode string `json:"major_version_upgrade_mode" default:"off"` // off - no actions, manual - manifest triggers action, full - manifest and minimal version violation trigger upgrade - MinimalMajorVersion string `json:"minimal_major_version" default:"9.6"` - TargetMajorVersion string `json:"target_major_version" default:"14"` + MajorVersionUpgradeMode string `json:"major_version_upgrade_mode" default:"off"` // off - no actions, manual - manifest triggers action, full - manifest and minimal version violation trigger upgrade + MajorVersionUpgradeTeamWhitelist []string `json:"major_version_upgrade_team_whitelist,omitempty"` + MinimalMajorVersion string `json:"minimal_major_version" default:"9.6"` + TargetMajorVersion string `json:"target_major_version" default:"14"` } // KubernetesMetaConfiguration defines k8s conf required for all Postgres clusters and the operator itself diff --git a/pkg/cluster/majorversionupgrade.go b/pkg/cluster/majorversionupgrade.go index 7662d1e8e..fcb574f47 100644 --- a/pkg/cluster/majorversionupgrade.go +++ b/pkg/cluster/majorversionupgrade.go @@ -4,6 +4,7 @@ import ( "fmt" "github.com/zalando/postgres-operator/pkg/spec" + "github.com/zalando/postgres-operator/pkg/util" v1 "k8s.io/api/core/v1" ) @@ -44,20 +45,14 @@ func (c *Cluster) GetDesiredMajorVersion() string { return c.Spec.PgVersion } -func isTeamWhitelisted(c *Cluster) bool { +func (c *Cluster) isTeamWhitelisted(owningTeam string) bool { whitelistedTeams := c.OpConfig.MajorVersionUpgradeTeamWhitelist - owningTeam := c.Spec.TeamID if len(whitelistedTeams) == 0 { return false } - for _, t := range whitelistedTeams { - if t == owningTeam { - return true - } - } - return false + return util.SliceContains(whitelistedTeams, owningTeam) } /* @@ -68,7 +63,7 @@ func isTeamWhitelisted(c *Cluster) bool { */ func (c *Cluster) majorVersionUpgrade() error { - if c.OpConfig.MajorVersionUpgradeMode == "off" && !isTeamWhitelisted(c) { + if c.OpConfig.MajorVersionUpgradeMode == "off" && !c.isTeamWhitelisted(c.Spec.TeamID) { return nil } diff --git a/pkg/controller/operator_config.go b/pkg/controller/operator_config.go index fc56dbf96..1eb7c9dfd 100644 --- a/pkg/controller/operator_config.go +++ b/pkg/controller/operator_config.go @@ -56,6 +56,7 @@ func (c *Controller) importConfigurationFromCRD(fromCRD *acidv1.OperatorConfigur // major version upgrade config result.MajorVersionUpgradeMode = util.Coalesce(fromCRD.MajorVersionUpgrade.MajorVersionUpgradeMode, "off") + result.MajorVersionUpgradeTeamWhitelist = fromCRD.MajorVersionUpgrade.MajorVersionUpgradeTeamWhitelist result.MinimalMajorVersion = util.Coalesce(fromCRD.MajorVersionUpgrade.MinimalMajorVersion, "9.6") result.TargetMajorVersion = util.Coalesce(fromCRD.MajorVersionUpgrade.TargetMajorVersion, "14") diff --git a/pkg/util/config/config.go b/pkg/util/config/config.go index 2296f9ca0..53ddaf2e0 100644 --- a/pkg/util/config/config.go +++ b/pkg/util/config/config.go @@ -212,9 +212,9 @@ type Config struct { EnablePgVersionEnvVar bool `name:"enable_pgversion_env_var" default:"true"` EnableSpiloWalPathCompat bool `name:"enable_spilo_wal_path_compat" default:"false"` MajorVersionUpgradeMode string `name:"major_version_upgrade_mode" default:"off"` + MajorVersionUpgradeTeamWhitelist []string `name:"major_version_upgrade_team_whitelist" default:""` MinimalMajorVersion string `name:"minimal_major_version" default:"9.6"` TargetMajorVersion string `name:"target_major_version" default:"14"` - MajorVersionUpgradeTeamWhitelist []string `name:"major_version_upgrade_team_whitelist" default:""` } // MustMarshal marshals the config or panics From d8040fe0ab98d493362220e650b5691f0d994db6 Mon Sep 17 00:00:00 2001 From: Felix Kunde Date: Thu, 25 Nov 2021 12:30:44 +0100 Subject: [PATCH 4/7] minor fixes --- charts/postgres-operator/values.yaml | 2 +- pkg/cluster/majorversionupgrade.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/postgres-operator/values.yaml b/charts/postgres-operator/values.yaml index 5f02cc7f1..b85f03123 100644 --- a/charts/postgres-operator/values.yaml +++ b/charts/postgres-operator/values.yaml @@ -65,7 +65,7 @@ configMajorVersionUpgrade: # "off": no upgrade, "manual": manifest triggers action, "full": minimal version violation triggers too major_version_upgrade_mode: "off" # upgrades will only be carried out for clusters of listed teams - # major_version_upgrade_team_whitelist: + # major_version_upgrade_team_whitelist: # - acid # minimal Postgres major version that will not automatically be upgraded diff --git a/pkg/cluster/majorversionupgrade.go b/pkg/cluster/majorversionupgrade.go index fcb574f47..ff27d7972 100644 --- a/pkg/cluster/majorversionupgrade.go +++ b/pkg/cluster/majorversionupgrade.go @@ -58,7 +58,7 @@ func (c *Cluster) isTeamWhitelisted(owningTeam string) bool { /* Execute upgrade when mode is set to manual or full or when the owning team is whitelisted for upgrade. - Manual upgrade means, it us triggered by the user via manifest version change + Manual upgrade means, it is triggered by the user via manifest version change Full upgrade means, operator also determines the minimal version used accross all clusters and upgrades violators. */ func (c *Cluster) majorVersionUpgrade() error { From e378566da9a68c993c9d580c8aeaa1e0f0dc74cd Mon Sep 17 00:00:00 2001 From: Felix Kunde Date: Thu, 25 Nov 2021 12:37:23 +0100 Subject: [PATCH 5/7] do not use words like whitelisting --- .../crds/operatorconfigurations.yaml | 2 +- charts/postgres-operator/values.yaml | 2 +- docs/reference/operator_parameters.md | 2 +- docs/user.md | 7 +++---- manifests/configmap.yaml | 2 +- manifests/operatorconfiguration.crd.yaml | 2 +- .../postgresql-operator-default-configuration.yaml | 2 +- pkg/apis/acid.zalan.do/v1/crds.go | 2 +- .../acid.zalan.do/v1/operator_configuration_type.go | 2 +- pkg/cluster/majorversionupgrade.go | 12 ++++++------ pkg/controller/operator_config.go | 2 +- pkg/util/config/config.go | 2 +- 12 files changed, 19 insertions(+), 20 deletions(-) diff --git a/charts/postgres-operator/crds/operatorconfigurations.yaml b/charts/postgres-operator/crds/operatorconfigurations.yaml index cd0aa7377..043129516 100644 --- a/charts/postgres-operator/crds/operatorconfigurations.yaml +++ b/charts/postgres-operator/crds/operatorconfigurations.yaml @@ -131,7 +131,7 @@ spec: major_version_upgrade_mode: type: string default: "off" - major_version_upgrade_team_whitelist: + major_version_upgrade_team_allow_list: type: array items: type: string diff --git a/charts/postgres-operator/values.yaml b/charts/postgres-operator/values.yaml index b85f03123..7b7f1f675 100644 --- a/charts/postgres-operator/values.yaml +++ b/charts/postgres-operator/values.yaml @@ -65,7 +65,7 @@ configMajorVersionUpgrade: # "off": no upgrade, "manual": manifest triggers action, "full": minimal version violation triggers too major_version_upgrade_mode: "off" # upgrades will only be carried out for clusters of listed teams - # major_version_upgrade_team_whitelist: + # major_version_upgrade_team_allow_list: # - acid # minimal Postgres major version that will not automatically be upgraded diff --git a/docs/reference/operator_parameters.md b/docs/reference/operator_parameters.md index 4a41c66d1..b0166fa47 100644 --- a/docs/reference/operator_parameters.md +++ b/docs/reference/operator_parameters.md @@ -184,7 +184,7 @@ CRD-configuration, they are grouped under the `major_version_upgrade` key. Note, that with all three modes increasing the version in the manifest will trigger a rolling update of the pods. The default is `"off"`. -* **major_version_upgrade_team_whitelist** +* **major_version_upgrade_team_allow_list** Upgrades will only be carried out for clusters of listed teams. The default is empty which means a team filter is not applied. diff --git a/docs/user.md b/docs/user.md index e0873f274..a2a65e63f 100644 --- a/docs/user.md +++ b/docs/user.md @@ -603,10 +603,9 @@ spec: ``` Some extensions require SUPERUSER rights on creation unless they are not -whitelisted by the [pgextwlist](https://github.com/dimitri/pgextwlist) -extension, that is shipped with the Spilo image. To see which extensions are -on the list check the `extwlist.extension` parameter in the postgresql.conf -file. +allowed by the [pgextwlist](https://github.com/dimitri/pgextwlist) extension, +that is shipped with the Spilo image. To see which extensions are on the list +check the `extwlist.extension` parameter in the postgresql.conf file. ```bash SHOW extwlist.extensions; diff --git a/manifests/configmap.yaml b/manifests/configmap.yaml index aecae70e1..7d3e14ce3 100644 --- a/manifests/configmap.yaml +++ b/manifests/configmap.yaml @@ -77,7 +77,7 @@ data: logical_backup_s3_sse: "AES256" logical_backup_schedule: "30 00 * * *" major_version_upgrade_mode: "manual" - # major_version_upgrade_team_whitelist: "" + # major_version_upgrade_team_allow_list: "" master_dns_name_format: "{cluster}.{team}.{hostedzone}" # master_pod_move_timeout: 20m # max_instances: "-1" diff --git a/manifests/operatorconfiguration.crd.yaml b/manifests/operatorconfiguration.crd.yaml index 66f45cad9..bb64995ab 100644 --- a/manifests/operatorconfiguration.crd.yaml +++ b/manifests/operatorconfiguration.crd.yaml @@ -129,7 +129,7 @@ spec: major_version_upgrade_mode: type: string default: "off" - major_version_upgrade_team_whitelist: + major_version_upgrade_team_allow_list: type: array items: type: string diff --git a/manifests/postgresql-operator-default-configuration.yaml b/manifests/postgresql-operator-default-configuration.yaml index c58e6c19e..02d558543 100644 --- a/manifests/postgresql-operator-default-configuration.yaml +++ b/manifests/postgresql-operator-default-configuration.yaml @@ -28,7 +28,7 @@ configuration: super_username: postgres major_version_upgrade: major_version_upgrade_mode: "off" - # major_version_upgrade_team_whitelist: + # major_version_upgrade_team_allow_list: # - acid minimal_major_version: "9.6" target_major_version: "14" diff --git a/pkg/apis/acid.zalan.do/v1/crds.go b/pkg/apis/acid.zalan.do/v1/crds.go index 2f0bbd5a3..76fbbfa48 100644 --- a/pkg/apis/acid.zalan.do/v1/crds.go +++ b/pkg/apis/acid.zalan.do/v1/crds.go @@ -1019,7 +1019,7 @@ var OperatorConfigCRDResourceValidation = apiextv1.CustomResourceValidation{ "major_version_upgrade_mode": { Type: "string", }, - "major_version_upgrade_team_whitelist": { + "major_version_upgrade_team_allow_list": { Type: "array", Items: &apiextv1.JSONSchemaPropsOrArray{ Schema: &apiextv1.JSONSchemaProps{ diff --git a/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go b/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go index 98c09d1a1..f8eb5b5d1 100644 --- a/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go +++ b/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go @@ -44,7 +44,7 @@ type PostgresUsersConfiguration struct { // MajorVersionUpgradeConfiguration defines how to execute major version upgrades of Postgres. type MajorVersionUpgradeConfiguration struct { MajorVersionUpgradeMode string `json:"major_version_upgrade_mode" default:"off"` // off - no actions, manual - manifest triggers action, full - manifest and minimal version violation trigger upgrade - MajorVersionUpgradeTeamWhitelist []string `json:"major_version_upgrade_team_whitelist,omitempty"` + MajorVersionUpgradeTeamAllowList []string `json:"major_version_upgrade_team_allow_list,omitempty"` MinimalMajorVersion string `json:"minimal_major_version" default:"9.6"` TargetMajorVersion string `json:"target_major_version" default:"14"` } diff --git a/pkg/cluster/majorversionupgrade.go b/pkg/cluster/majorversionupgrade.go index ff27d7972..498904034 100644 --- a/pkg/cluster/majorversionupgrade.go +++ b/pkg/cluster/majorversionupgrade.go @@ -45,25 +45,25 @@ func (c *Cluster) GetDesiredMajorVersion() string { return c.Spec.PgVersion } -func (c *Cluster) isTeamWhitelisted(owningTeam string) bool { - whitelistedTeams := c.OpConfig.MajorVersionUpgradeTeamWhitelist +func (c *Cluster) isUpgradeAllowedForTeam(owningTeam string) bool { + allowedTeams := c.OpConfig.MajorVersionUpgradeTeamAllowList - if len(whitelistedTeams) == 0 { + if len(allowedTeams) == 0 { return false } - return util.SliceContains(whitelistedTeams, owningTeam) + return util.SliceContains(allowedTeams, owningTeam) } /* - Execute upgrade when mode is set to manual or full or when the owning team is whitelisted for upgrade. + Execute upgrade when mode is set to manual or full or when the owning team is allowed for upgrade. Manual upgrade means, it is triggered by the user via manifest version change Full upgrade means, operator also determines the minimal version used accross all clusters and upgrades violators. */ func (c *Cluster) majorVersionUpgrade() error { - if c.OpConfig.MajorVersionUpgradeMode == "off" && !c.isTeamWhitelisted(c.Spec.TeamID) { + if c.OpConfig.MajorVersionUpgradeMode == "off" && !c.isUpgradeAllowedForTeam(c.Spec.TeamID) { return nil } diff --git a/pkg/controller/operator_config.go b/pkg/controller/operator_config.go index 1eb7c9dfd..275898d8e 100644 --- a/pkg/controller/operator_config.go +++ b/pkg/controller/operator_config.go @@ -56,7 +56,7 @@ func (c *Controller) importConfigurationFromCRD(fromCRD *acidv1.OperatorConfigur // major version upgrade config result.MajorVersionUpgradeMode = util.Coalesce(fromCRD.MajorVersionUpgrade.MajorVersionUpgradeMode, "off") - result.MajorVersionUpgradeTeamWhitelist = fromCRD.MajorVersionUpgrade.MajorVersionUpgradeTeamWhitelist + result.MajorVersionUpgradeTeamAllowList = fromCRD.MajorVersionUpgrade.MajorVersionUpgradeTeamAllowList result.MinimalMajorVersion = util.Coalesce(fromCRD.MajorVersionUpgrade.MinimalMajorVersion, "9.6") result.TargetMajorVersion = util.Coalesce(fromCRD.MajorVersionUpgrade.TargetMajorVersion, "14") diff --git a/pkg/util/config/config.go b/pkg/util/config/config.go index 53ddaf2e0..71bf406e4 100644 --- a/pkg/util/config/config.go +++ b/pkg/util/config/config.go @@ -212,7 +212,7 @@ type Config struct { EnablePgVersionEnvVar bool `name:"enable_pgversion_env_var" default:"true"` EnableSpiloWalPathCompat bool `name:"enable_spilo_wal_path_compat" default:"false"` MajorVersionUpgradeMode string `name:"major_version_upgrade_mode" default:"off"` - MajorVersionUpgradeTeamWhitelist []string `name:"major_version_upgrade_team_whitelist" default:""` + MajorVersionUpgradeTeamAllowList []string `name:"major_version_upgrade_team_allow_list" default:""` MinimalMajorVersion string `name:"minimal_major_version" default:"9.6"` TargetMajorVersion string `name:"target_major_version" default:"14"` } From da523a1c21e0d2f2f9437acff0c8f9e40b3d0db4 Mon Sep 17 00:00:00 2001 From: Felix Kunde Date: Thu, 25 Nov 2021 15:31:06 +0100 Subject: [PATCH 6/7] use correct comments --- charts/postgres-operator/values.yaml | 2 +- docs/reference/operator_parameters.md | 4 ++-- pkg/cluster/majorversionupgrade.go | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/postgres-operator/values.yaml b/charts/postgres-operator/values.yaml index 7b7f1f675..65619845a 100644 --- a/charts/postgres-operator/values.yaml +++ b/charts/postgres-operator/values.yaml @@ -64,7 +64,7 @@ configUsers: configMajorVersionUpgrade: # "off": no upgrade, "manual": manifest triggers action, "full": minimal version violation triggers too major_version_upgrade_mode: "off" - # upgrades will only be carried out for clusters of listed teams + # upgrades will only be carried out for clusters of listed teams when mode is "off" # major_version_upgrade_team_allow_list: # - acid diff --git a/docs/reference/operator_parameters.md b/docs/reference/operator_parameters.md index b0166fa47..00febcf89 100644 --- a/docs/reference/operator_parameters.md +++ b/docs/reference/operator_parameters.md @@ -185,8 +185,8 @@ CRD-configuration, they are grouped under the `major_version_upgrade` key. trigger a rolling update of the pods. The default is `"off"`. * **major_version_upgrade_team_allow_list** - Upgrades will only be carried out for clusters of listed teams. The default - is empty which means a team filter is not applied. + Upgrades will only be carried out for clusters of listed teams when mode is + set to "off". The default is empty. * **minimal_major_version** The minimal Postgres major version that will not automatically be upgraded diff --git a/pkg/cluster/majorversionupgrade.go b/pkg/cluster/majorversionupgrade.go index 498904034..60048e20d 100644 --- a/pkg/cluster/majorversionupgrade.go +++ b/pkg/cluster/majorversionupgrade.go @@ -56,7 +56,7 @@ func (c *Cluster) isUpgradeAllowedForTeam(owningTeam string) bool { } /* - Execute upgrade when mode is set to manual or full or when the owning team is allowed for upgrade. + Execute upgrade when mode is set to manual or full or when the owning team is allowed for upgrade (and mode is "off"). Manual upgrade means, it is triggered by the user via manifest version change Full upgrade means, operator also determines the minimal version used accross all clusters and upgrades violators. From dcc0a8937c2d8aee1d3529ff96bedf323bf97fe0 Mon Sep 17 00:00:00 2001 From: Felix Kunde Date: Thu, 25 Nov 2021 16:44:09 +0100 Subject: [PATCH 7/7] update codegen --- pkg/apis/acid.zalan.do/v1/zz_generated.deepcopy.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/pkg/apis/acid.zalan.do/v1/zz_generated.deepcopy.go b/pkg/apis/acid.zalan.do/v1/zz_generated.deepcopy.go index c0be8fdf9..7a8984ce4 100644 --- a/pkg/apis/acid.zalan.do/v1/zz_generated.deepcopy.go +++ b/pkg/apis/acid.zalan.do/v1/zz_generated.deepcopy.go @@ -318,6 +318,11 @@ func (in *MaintenanceWindow) DeepCopy() *MaintenanceWindow { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MajorVersionUpgradeConfiguration) DeepCopyInto(out *MajorVersionUpgradeConfiguration) { *out = *in + if in.MajorVersionUpgradeTeamAllowList != nil { + in, out := &in.MajorVersionUpgradeTeamAllowList, &out.MajorVersionUpgradeTeamAllowList + *out = make([]string, len(*in)) + copy(*out, *in) + } return } @@ -386,7 +391,7 @@ func (in *OperatorConfigurationData) DeepCopyInto(out *OperatorConfigurationData } } out.PostgresUsersConfiguration = in.PostgresUsersConfiguration - out.MajorVersionUpgrade = in.MajorVersionUpgrade + in.MajorVersionUpgrade.DeepCopyInto(&out.MajorVersionUpgrade) in.Kubernetes.DeepCopyInto(&out.Kubernetes) out.PostgresPodResources = in.PostgresPodResources out.Timeouts = in.Timeouts