From c7d5b905cd78d876609116e3fb34ac4b06d0d13c Mon Sep 17 00:00:00 2001 From: Igor Karpukhin Date: Mon, 4 Dec 2023 15:41:44 +0100 Subject: [PATCH] MongoDB Atlas Operator 2.0.1 Signed-off-by: Igor Karpukhin --- .../2.0.1/bundle.Dockerfile | 25 + ...atlas.mongodb.com_atlasbackuppolicies.yaml | 171 ++ ...tlas.mongodb.com_atlasbackupschedules.yaml | 200 +++ .../atlas.mongodb.com_atlasdatabaseusers.yaml | 223 +++ ...tlas.mongodb.com_atlasdatafederations.yaml | 261 +++ .../atlas.mongodb.com_atlasdeployments.yaml | 844 +++++++++ ...atlas.mongodb.com_atlasfederatedauths.yaml | 181 ++ .../atlas.mongodb.com_atlasprojects.yaml | 1509 +++++++++++++++++ .../atlas.mongodb.com_atlasteams.yaml | 130 ++ ...er-manager-metrics-service_v1_service.yaml | 20 + ...tlas-kubernetes.clusterserviceversion.yaml | 604 +++++++ ...c.authorization.k8s.io_v1_clusterrole.yaml | 10 + .../2.0.1/metadata/annotations.yaml | 15 + .../2.0.1/tests/scorecard/config.yaml | 70 + 14 files changed, 4263 insertions(+) create mode 100644 operators/mongodb-atlas-kubernetes/2.0.1/bundle.Dockerfile create mode 100644 operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasbackuppolicies.yaml create mode 100644 operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasbackupschedules.yaml create mode 100644 operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasdatabaseusers.yaml create mode 100644 operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasdatafederations.yaml create mode 100644 operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasdeployments.yaml create mode 100644 operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasfederatedauths.yaml create mode 100644 operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasprojects.yaml create mode 100644 operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasteams.yaml create mode 100644 operators/mongodb-atlas-kubernetes/2.0.1/manifests/mongodb-atlas-controller-manager-metrics-service_v1_service.yaml create mode 100644 operators/mongodb-atlas-kubernetes/2.0.1/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml create mode 100644 operators/mongodb-atlas-kubernetes/2.0.1/manifests/mongodb-atlas-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml create mode 100644 operators/mongodb-atlas-kubernetes/2.0.1/metadata/annotations.yaml create mode 100644 operators/mongodb-atlas-kubernetes/2.0.1/tests/scorecard/config.yaml diff --git a/operators/mongodb-atlas-kubernetes/2.0.1/bundle.Dockerfile b/operators/mongodb-atlas-kubernetes/2.0.1/bundle.Dockerfile new file mode 100644 index 00000000000..7e1c2d3480a --- /dev/null +++ b/operators/mongodb-atlas-kubernetes/2.0.1/bundle.Dockerfile @@ -0,0 +1,25 @@ +FROM scratch + +LABEL com.redhat.openshift.versions="v4.8" +LABEL com.redhat.delivery.backport=true +LABEL com.redhat.delivery.operator.bundle=true + +# Core bundle labels. +LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 +LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ +LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ +LABEL operators.operatorframework.io.bundle.package.v1=mongodb-atlas-kubernetes +LABEL operators.operatorframework.io.bundle.channels.v1=stable +LABEL operators.operatorframework.io.bundle.channel.default.v1=stable +LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.15.0+git +LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 +LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v2 + +# Labels for testing. +LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1 +LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/ + +# Copy files to locations specified by labels. +COPY manifests /manifests/ +COPY metadata /metadata/ +COPY tests/scorecard /tests/scorecard/ diff --git a/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasbackuppolicies.yaml b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasbackuppolicies.yaml new file mode 100644 index 00000000000..88fd3eb9796 --- /dev/null +++ b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasbackuppolicies.yaml @@ -0,0 +1,171 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: mongodb-atlas-kubernetes-operator + app.kubernetes.io/name: mongodb-atlas-kubernetes-operator + name: atlasbackuppolicies.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasBackupPolicy + listKind: AtlasBackupPolicyList + plural: atlasbackuppolicies + singular: atlasbackuppolicy + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: AtlasBackupPolicy is the Schema for the atlasbackuppolicies API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasBackupPolicySpec defines the desired state of AtlasBackupPolicy + properties: + items: + description: A list of BackupPolicy items + items: + properties: + frequencyInterval: + description: Desired frequency of the new backup policy item + specified by FrequencyType. A value of 1 specifies the first + instance of the corresponding FrequencyType. The only accepted + value you can set for frequency interval with NVMe clusters + is 12. + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + - 8 + - 9 + - 10 + - 11 + - 12 + - 13 + - 14 + - 15 + - 16 + - 17 + - 18 + - 19 + - 20 + - 21 + - 22 + - 23 + - 24 + - 25 + - 26 + - 27 + - 28 + - 40 + type: integer + frequencyType: + description: 'Frequency associated with the backup policy item. + One of the following values: hourly, daily, weekly or monthly. + You cannot specify multiple hourly and daily backup policy + items.' + enum: + - hourly + - daily + - weekly + - monthly + type: string + retentionUnit: + description: 'Scope of the backup policy item: days, weeks, + or months' + enum: + - days + - weeks + - months + type: string + retentionValue: + description: Value to associate with RetentionUnit + type: integer + required: + - frequencyInterval + - frequencyType + - retentionUnit + - retentionValue + type: object + type: array + required: + - items + type: object + status: + properties: + backupScheduleIDs: + description: DeploymentID of the deployment using the backup policy + items: + type: string + type: array + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasbackupschedules.yaml b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasbackupschedules.yaml new file mode 100644 index 00000000000..647d54bf64a --- /dev/null +++ b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasbackupschedules.yaml @@ -0,0 +1,200 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: mongodb-atlas-kubernetes-operator + app.kubernetes.io/name: mongodb-atlas-kubernetes-operator + name: atlasbackupschedules.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasBackupSchedule + listKind: AtlasBackupScheduleList + plural: atlasbackupschedules + singular: atlasbackupschedule + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: AtlasBackupSchedule is the Schema for the atlasbackupschedules + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasBackupScheduleSpec defines the desired state of AtlasBackupSchedule + properties: + autoExportEnabled: + default: false + description: Specify true to enable automatic export of cloud backup + snapshots to the AWS bucket. You must also define the export policy + using export. If omitted, defaults to false. + type: boolean + copySettings: + description: Copy backups to other regions for increased resiliency + and faster restores. + items: + properties: + cloudProvider: + default: AWS + description: Identifies the cloud provider that stores the snapshot + copy. + enum: + - AWS + - GCP + - AZURE + type: string + frequencies: + description: List that describes which types of snapshots to + copy. + items: + type: string + minItems: 1 + type: array + regionName: + description: Target region to copy snapshots belonging to replicationSpecId + to. + type: string + shouldCopyOplogs: + description: Flag that indicates whether to copy the oplogs + to the target region. + type: boolean + type: object + type: array + export: + description: Export policy for automatically exporting cloud backup + snapshots to AWS bucket. + properties: + exportBucketId: + description: Unique Atlas identifier of the AWS bucket which was + granted access to export backup snapshot + type: string + frequencyType: + default: monthly + enum: + - monthly + type: string + required: + - exportBucketId + - frequencyType + type: object + policy: + description: A reference (name & namespace) for backup policy in the + desired updated backup policy. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes Resource + type: string + required: + - name + type: object + referenceHourOfDay: + description: UTC Hour of day between 0 and 23, inclusive, representing + which hour of the day that Atlas takes snapshots for backup policy + items + format: int64 + maximum: 23 + minimum: 0 + type: integer + referenceMinuteOfHour: + description: UTC Minutes after ReferenceHourOfDay that Atlas takes + snapshots for backup policy items. Must be between 0 and 59, inclusive. + format: int64 + maximum: 59 + minimum: 0 + type: integer + restoreWindowDays: + default: 1 + description: Number of days back in time you can restore to with Continuous + Cloud Backup accuracy. Must be a positive, non-zero integer. Applies + to continuous cloud backups only. + format: int64 + type: integer + updateSnapshots: + description: Specify true to apply the retention changes in the updated + backup policy to snapshots that Atlas took previously. + type: boolean + useOrgAndGroupNamesInExportPrefix: + description: Specify true to use organization and project names instead + of organization and project UUIDs in the path for the metadata files + that Atlas uploads to your S3 bucket after it finishes exporting + the snapshots + type: boolean + required: + - policy + type: object + status: + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + deploymentID: + items: + type: string + type: array + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasdatabaseusers.yaml b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasdatabaseusers.yaml new file mode 100644 index 00000000000..3a38e628cff --- /dev/null +++ b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasdatabaseusers.yaml @@ -0,0 +1,223 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: mongodb-atlas-kubernetes-operator + app.kubernetes.io/name: mongodb-atlas-kubernetes-operator + name: atlasdatabaseusers.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasDatabaseUser + listKind: AtlasDatabaseUserList + plural: atlasdatabaseusers + singular: atlasdatabaseuser + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.name + name: Name + type: string + name: v1 + schema: + openAPIV3Schema: + description: AtlasDatabaseUser is the Schema for the Atlas Database User API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasDatabaseUserSpec defines the desired state of Database + User in Atlas + properties: + databaseName: + default: admin + description: DatabaseName is a Database against which Atlas authenticates + the user. Default value is 'admin'. + type: string + deleteAfterDate: + description: DeleteAfterDate is a timestamp in ISO 8601 date and time + format in UTC after which Atlas deletes the user. The specified + date must be in the future and within one week. + type: string + labels: + description: Labels is an array containing key-value pairs that tag + and categorize the database user. Each key and value has a maximum + length of 255 characters. + items: + description: LabelSpec contains key-value pairs that tag and categorize + the Cluster/DBUser + properties: + key: + maxLength: 255 + type: string + value: + type: string + required: + - key + - value + type: object + type: array + passwordSecretRef: + description: PasswordSecret is a reference to the Secret keeping the + user password. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + projectRef: + description: Project is a reference to AtlasProject resource the user + belongs to + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes Resource + type: string + required: + - name + type: object + roles: + description: Roles is an array of this user's roles and the databases + / collections on which the roles apply. A role allows the user to + perform particular actions on the specified database. + items: + description: RoleSpec allows the user to perform particular actions + on the specified database. A role on the admin database can include + privileges that apply to the other databases as well. + properties: + collectionName: + description: CollectionName is a collection for which the role + applies. + type: string + databaseName: + description: DatabaseName is a database on which the user has + the specified role. A role on the admin database can include + privileges that apply to the other databases. + type: string + roleName: + description: RoleName is a name of the role. This value can + either be a built-in role or a custom role. + type: string + required: + - databaseName + - roleName + type: object + minItems: 1 + type: array + scopes: + description: Scopes is an array of clusters and Atlas Data Lakes that + this user has access to. + items: + description: ScopeSpec if present a database user only have access + to the indicated resource (Cluster or Atlas Data Lake) if none + is given then it has access to all. It's highly recommended to + restrict the access of the database users only to a limited set + of resources. + properties: + name: + description: Name is a name of the cluster or Atlas Data Lake + that the user has access to. + type: string + type: + description: Type is a type of resource that the user has access + to. + enum: + - CLUSTER + - DATA_LAKE + type: string + required: + - name + - type + type: object + type: array + username: + description: Username is a username for authenticating to MongoDB. + type: string + x509Type: + description: X509Type is X.509 method by which the database authenticates + the provided username + type: string + required: + - projectRef + - roles + - username + type: object + status: + description: AtlasDatabaseUserStatus defines the observed state of AtlasProject + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + name: + description: UserName is the current name of database user. + type: string + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + passwordVersion: + description: PasswordVersion is the 'ResourceVersion' of the password + Secret that the Atlas Operator is aware of + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasdatafederations.yaml b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasdatafederations.yaml new file mode 100644 index 00000000000..5a929550da6 --- /dev/null +++ b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasdatafederations.yaml @@ -0,0 +1,261 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: mongodb-atlas-kubernetes-operator + app.kubernetes.io/name: mongodb-atlas-kubernetes-operator + name: atlasdatafederations.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasDataFederation + listKind: AtlasDataFederationList + plural: atlasdatafederations + singular: atlasdatafederation + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.name + name: Name + type: string + name: v1 + schema: + openAPIV3Schema: + description: AtlasDataFederation is the Schema for the Atlas Data Federation + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + cloudProviderConfig: + properties: + aws: + properties: + roleId: + type: string + testS3Bucket: + type: string + type: object + type: object + dataProcessRegion: + properties: + cloudProvider: + enum: + - AWS + type: string + region: + enum: + - SYDNEY_AUS + - MUMBAI_IND + - FRANKFURT_DEU + - DUBLIN_IRL + - LONDON_GBR + - VIRGINIA_USA + - OREGON_USA + - SAOPAULO_BRA + - SINGAPORE_SGP + type: string + type: object + name: + type: string + privateEndpoints: + items: + properties: + endpointId: + type: string + provider: + type: string + type: + type: string + type: object + type: array + projectRef: + description: Project is a reference to AtlasProject resource the deployment + belongs to + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes Resource + type: string + required: + - name + type: object + storage: + properties: + databases: + items: + properties: + collections: + items: + properties: + dataSources: + items: + properties: + allowInsecure: + type: boolean + collection: + type: string + collectionRegex: + type: string + database: + type: string + databaseRegex: + type: string + defaultFormat: + enum: + - .avro + - .avro.bz2 + - .avro.gz + - .bson + - .bson.bz2 + - .bson.gz + - .bsonx + - .csv + - .csv.bz2 + - .csv.gz + - .json + - .json.bz2 + - .json.gz + - .orc + - .parquet + - .tsv + - .tsv.bz2 + - .tsv.gz + type: string + path: + type: string + provenanceFieldName: + type: string + storeName: + type: string + urls: + items: + type: string + type: array + type: object + type: array + name: + type: string + type: object + type: array + maxWildcardCollections: + type: integer + name: + type: string + views: + items: + properties: + name: + type: string + pipeline: + type: string + source: + type: string + type: object + type: array + type: object + type: array + stores: + items: + properties: + additionalStorageClasses: + items: + type: string + type: array + bucket: + type: string + delimiter: + type: string + includeTags: + type: boolean + name: + type: string + prefix: + type: string + provider: + type: string + public: + type: boolean + region: + type: string + type: object + type: array + type: object + required: + - name + - projectRef + type: object + status: + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + mongoDBVersion: + description: MongoDBVersion is the version of MongoDB the cluster + runs, in . format. + type: string + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasdeployments.yaml b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasdeployments.yaml new file mode 100644 index 00000000000..d6d67dd5a4d --- /dev/null +++ b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasdeployments.yaml @@ -0,0 +1,844 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: mongodb-atlas-kubernetes-operator + app.kubernetes.io/name: mongodb-atlas-kubernetes-operator + name: atlasdeployments.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasDeployment + listKind: AtlasDeploymentList + plural: atlasdeployments + singular: atlasdeployment + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: AtlasDeployment is the Schema for the atlasdeployments API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasDeploymentSpec defines the desired state of AtlasDeployment + Only one of DeploymentSpec, AdvancedDeploymentSpec and ServerlessSpec + should be defined + properties: + backupRef: + description: Backup schedule for the AtlasDeployment + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes Resource + type: string + required: + - name + type: object + deploymentSpec: + description: Configuration for the advanced (v1.5) deployment API + https://www.mongodb.com/docs/atlas/reference/api/clusters/ + properties: + backupEnabled: + description: Applicable only for M10+ deployments. Flag that indicates + if the deployment uses Cloud Backups for backups. + type: boolean + biConnector: + description: Configuration of BI Connector for Atlas on this deployment. + The MongoDB Connector for Business Intelligence for Atlas (BI + Connector) is only available for M10 and larger deployments. + properties: + enabled: + description: Flag that indicates whether or not BI Connector + for Atlas is enabled on the deployment. + type: boolean + readPreference: + description: Source from which the BI Connector for Atlas + reads data. Each BI Connector for Atlas read preference + contains a distinct combination of readPreference and readPreferenceTags + options. + type: string + type: object + clusterType: + description: Type of the deployment that you want to create. The + parameter is required if replicationSpecs are set or if Global + Deployments are deployed. + enum: + - REPLICASET + - SHARDED + - GEOSHARDED + type: string + customZoneMapping: + items: + properties: + location: + type: string + zone: + type: string + required: + - location + - zone + type: object + type: array + diskSizeGB: + description: Capacity, in gigabytes, of the host's root volume. + Increase this number to add capacity, up to a maximum possible + value of 4096 (i.e., 4 TB). This value must be a positive integer. + The parameter is required if replicationSpecs are configured. + maximum: 4096 + minimum: 0 + type: integer + encryptionAtRestProvider: + description: Cloud service provider that offers Encryption at + Rest. + enum: + - AWS + - GCP + - AZURE + - NONE + type: string + labels: + description: Collection of key-value pairs that tag and categorize + the deployment. Each key and value has a maximum length of 255 + characters. + items: + description: LabelSpec contains key-value pairs that tag and + categorize the Cluster/DBUser + properties: + key: + maxLength: 255 + type: string + value: + type: string + required: + - key + - value + type: object + type: array + managedNamespaces: + items: + description: ManagedNamespace represents the information about + managed namespace configuration. + properties: + collection: + type: string + customShardKey: + type: string + db: + type: string + isCustomShardKeyHashed: + type: boolean + isShardKeyUnique: + type: boolean + numInitialChunks: + type: integer + presplitHashedZones: + type: boolean + required: + - collection + - db + type: object + type: array + mongoDBMajorVersion: + description: Version of the deployment to deploy. + type: string + mongoDBVersion: + type: string + name: + description: Name of the advanced deployment as it appears in + Atlas. After Atlas creates the deployment, you can't change + its name. Can only contain ASCII letters, numbers, and hyphens. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9-]*$ + type: string + paused: + description: Flag that indicates whether the deployment should + be paused. + type: boolean + pitEnabled: + description: Flag that indicates the deployment uses continuous + cloud backups. + type: boolean + replicationSpecs: + description: Configuration for deployment regions. + items: + properties: + numShards: + description: Positive integer that specifies the number + of shards to deploy in each specified zone. If you set + this value to 1 and clusterType is SHARDED, MongoDB Cloud + deploys a single-shard sharded cluster. Don't create a + sharded cluster with a single shard for production environments. + Single-shard sharded clusters don't provide the same benefits + as multi-shard configurations + type: integer + regionConfigs: + description: Hardware specifications for nodes set for a + given region. Each regionConfigs object describes the + region's priority in elections and the number and type + of MongoDB nodes that MongoDB Cloud deploys to the region. + Each regionConfigs object must have either an analyticsSpecs + object, electableSpecs object, or readOnlySpecs object. + Tenant clusters only require electableSpecs. Dedicated + clusters can specify any of these specifications, but + must have at least one electableSpecs object within a + replicationSpec. Every hardware specification must use + the same instanceSize. + items: + properties: + analyticsSpecs: + properties: + diskIOPS: + description: Disk IOPS setting for AWS storage. + Set only if you selected AWS as your cloud service + provider. + format: int64 + type: integer + ebsVolumeType: + description: Disk IOPS setting for AWS storage. + Set only if you selected AWS as your cloud service + provider. + enum: + - STANDARD + - PROVISIONED + type: string + instanceSize: + description: Hardware specification for the instance + sizes in this region. Each instance size has + a default storage and memory capacity. The instance + size you select applies to all the data-bearing + hosts in your instance size + type: string + nodeCount: + description: Number of nodes of the given type + for MongoDB Cloud to deploy to the region. + type: integer + type: object + autoScaling: + description: AdvancedAutoScalingSpec configures your + deployment to automatically scale its storage + properties: + compute: + description: Collection of settings that configure + how a deployment might scale its deployment + tier and whether the deployment can scale down. + properties: + enabled: + description: Flag that indicates whether deployment + tier auto-scaling is enabled. The default + is false. + type: boolean + maxInstanceSize: + description: 'Maximum instance size to which + your deployment can automatically scale + (such as M40). Atlas requires this parameter + if "autoScaling.compute.enabled" : true.' + type: string + minInstanceSize: + description: 'Minimum instance size to which + your deployment can automatically scale + (such as M10). Atlas requires this parameter + if "autoScaling.compute.scaleDownEnabled" + : true.' + type: string + scaleDownEnabled: + description: 'Flag that indicates whether + the deployment tier may scale down. Atlas + requires this parameter if "autoScaling.compute.enabled" + : true.' + type: boolean + type: object + diskGB: + description: Flag that indicates whether disk + auto-scaling is enabled. The default is true. + properties: + enabled: + type: boolean + type: object + type: object + backingProviderName: + description: 'Cloud service provider on which the + host for a multi-tenant deployment is provisioned. + This setting only works when "providerName" : "TENANT" + and "providerSetting.instanceSizeName" : M2 or M5. + Otherwise it should be equal to "providerName" value' + enum: + - AWS + - GCP + - AZURE + type: string + electableSpecs: + properties: + diskIOPS: + description: Disk IOPS setting for AWS storage. + Set only if you selected AWS as your cloud service + provider. + format: int64 + type: integer + ebsVolumeType: + description: Disk IOPS setting for AWS storage. + Set only if you selected AWS as your cloud service + provider. + enum: + - STANDARD + - PROVISIONED + type: string + instanceSize: + description: Hardware specification for the instance + sizes in this region. Each instance size has + a default storage and memory capacity. The instance + size you select applies to all the data-bearing + hosts in your instance size + type: string + nodeCount: + description: Number of nodes of the given type + for MongoDB Cloud to deploy to the region. + type: integer + type: object + priority: + description: Precedence is given to this region when + a primary election occurs. If your regionConfigs + has only readOnlySpecs, analyticsSpecs, or both, + set this value to 0. If you have multiple regionConfigs + objects (your cluster is multi-region or multi-cloud), + they must have priorities in descending order. The + highest priority is 7 + type: integer + providerName: + enum: + - AWS + - GCP + - AZURE + - TENANT + - SERVERLESS + type: string + readOnlySpecs: + properties: + diskIOPS: + description: Disk IOPS setting for AWS storage. + Set only if you selected AWS as your cloud service + provider. + format: int64 + type: integer + ebsVolumeType: + description: Disk IOPS setting for AWS storage. + Set only if you selected AWS as your cloud service + provider. + enum: + - STANDARD + - PROVISIONED + type: string + instanceSize: + description: Hardware specification for the instance + sizes in this region. Each instance size has + a default storage and memory capacity. The instance + size you select applies to all the data-bearing + hosts in your instance size + type: string + nodeCount: + description: Number of nodes of the given type + for MongoDB Cloud to deploy to the region. + type: integer + type: object + regionName: + description: Physical location of your MongoDB deployment. + The region you choose can affect network latency + for clients accessing your databases. + type: string + type: object + type: array + zoneName: + description: Human-readable label that identifies the zone + in a Global Cluster. + type: string + type: object + type: array + rootCertType: + type: string + tags: + description: Key-value pairs for resource tagging. + items: + description: TagSpec holds a key-value pair for resource tagging + on this deployment. + properties: + key: + maxLength: 255 + minLength: 1 + pattern: ^[a-zA-Z0-9][a-zA-Z0-9 @_.+`;`-]*$ + type: string + value: + maxLength: 255 + minLength: 1 + pattern: ^[a-zA-Z0-9][a-zA-Z0-9@_.+`;`-]*$ + type: string + required: + - key + - value + type: object + maxItems: 50 + type: array + versionReleaseSystem: + type: string + type: object + processArgs: + description: ProcessArgs allows to modify Advanced Configuration Options + properties: + defaultReadConcern: + type: string + defaultWriteConcern: + type: string + failIndexKeyTooLong: + type: boolean + javascriptEnabled: + type: boolean + minimumEnabledTlsProtocol: + type: string + noTableScan: + type: boolean + oplogMinRetentionHours: + type: string + oplogSizeMB: + format: int64 + type: integer + sampleRefreshIntervalBIConnector: + format: int64 + type: integer + sampleSizeBIConnector: + format: int64 + type: integer + type: object + projectRef: + description: Project is a reference to AtlasProject resource the deployment + belongs to + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes Resource + type: string + required: + - name + type: object + serverlessSpec: + description: Configuration for the serverless deployment API. https://www.mongodb.com/docs/atlas/reference/api/serverless-instances/ + properties: + backupOptions: + description: Serverless Backup Options + properties: + serverlessContinuousBackupEnabled: + default: true + description: ServerlessContinuousBackupEnabled + type: boolean + type: object + name: + description: Name of the serverless deployment as it appears in + Atlas. After Atlas creates the deployment, you can't change + its name. Can only contain ASCII letters, numbers, and hyphens. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9-]*$ + type: string + privateEndpoints: + items: + properties: + cloudProviderEndpointID: + description: CloudProviderEndpointID is the identifier of + the cloud provider endpoint. + type: string + name: + description: Name is the name of the Serverless PrivateLink + Service. Should be unique. + type: string + privateEndpointIpAddress: + description: PrivateEndpointIPAddress is the IPv4 address + of the private endpoint in your Azure VNet that someone + added to this private endpoint service. + type: string + type: object + type: array + providerSettings: + description: Configuration for the provisioned hosts on which + MongoDB runs. The available options are specific to the cloud + service provider. + properties: + autoScaling: + description: Range of instance sizes to which your deployment + can scale. + properties: + autoIndexingEnabled: + description: 'Deprecated: This flag is not supported anymore. + Flag that indicates whether autopilot mode for Performance + Advisor is enabled. The default is false.' + type: boolean + compute: + description: Collection of settings that configure how + a deployment might scale its deployment tier and whether + the deployment can scale down. + properties: + enabled: + description: Flag that indicates whether deployment + tier auto-scaling is enabled. The default is false. + type: boolean + maxInstanceSize: + description: 'Maximum instance size to which your + deployment can automatically scale (such as M40). + Atlas requires this parameter if "autoScaling.compute.enabled" + : true.' + type: string + minInstanceSize: + description: 'Minimum instance size to which your + deployment can automatically scale (such as M10). + Atlas requires this parameter if "autoScaling.compute.scaleDownEnabled" + : true.' + type: string + scaleDownEnabled: + description: 'Flag that indicates whether the deployment + tier may scale down. Atlas requires this parameter + if "autoScaling.compute.enabled" : true.' + type: boolean + type: object + diskGBEnabled: + description: Flag that indicates whether disk auto-scaling + is enabled. The default is true. + type: boolean + type: object + backingProviderName: + description: 'Cloud service provider on which the host for + a multi-tenant deployment is provisioned. This setting only + works when "providerSetting.providerName" : "TENANT" and + "providerSetting.instanceSizeName" : M2 or M5.' + enum: + - AWS + - GCP + - AZURE + type: string + diskIOPS: + description: Disk IOPS setting for AWS storage. Set only if + you selected AWS as your cloud service provider. + format: int64 + type: integer + diskTypeName: + description: Type of disk if you selected Azure as your cloud + service provider. + type: string + encryptEBSVolume: + description: Flag that indicates whether the Amazon EBS encryption + feature encrypts the host's root volume for both data at + rest within the volume and for data moving between the volume + and the deployment. + type: boolean + instanceSizeName: + description: Atlas provides different deployment tiers, each + with a default storage capacity and RAM size. The deployment + you select is used for all the data-bearing hosts in your + deployment tier. + type: string + providerName: + description: Cloud service provider on which Atlas provisions + the hosts. + enum: + - AWS + - GCP + - AZURE + - TENANT + - SERVERLESS + type: string + regionName: + description: Physical location of your MongoDB deployment. + The region you choose can affect network latency for clients + accessing your databases. + type: string + volumeType: + description: Disk IOPS setting for AWS storage. Set only if + you selected AWS as your cloud service provider. + enum: + - STANDARD + - PROVISIONED + type: string + required: + - providerName + type: object + tags: + description: Key-value pairs for resource tagging. + items: + description: TagSpec holds a key-value pair for resource tagging + on this deployment. + properties: + key: + maxLength: 255 + minLength: 1 + pattern: ^[a-zA-Z0-9][a-zA-Z0-9 @_.+`;`-]*$ + type: string + value: + maxLength: 255 + minLength: 1 + pattern: ^[a-zA-Z0-9][a-zA-Z0-9@_.+`;`-]*$ + type: string + required: + - key + - value + type: object + maxItems: 50 + type: array + terminationProtectionEnabled: + default: false + description: TerminationProtectionEnabled flag + type: boolean + required: + - name + - providerSettings + type: object + required: + - projectRef + type: object + status: + description: AtlasDeploymentStatus defines the observed state of AtlasDeployment. + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + connectionStrings: + description: ConnectionStrings is a set of connection strings that + your applications use to connect to this cluster. + properties: + private: + description: Network-peering-endpoint-aware mongodb:// connection + strings for each interface VPC endpoint you configured to connect + to this cluster. Atlas returns this parameter only if you created + a network peering connection to this cluster. + type: string + privateEndpoint: + description: Private endpoint connection strings. Each object + describes the connection strings you can use to connect to this + cluster through a private endpoint. Atlas returns this parameter + only if you deployed a private endpoint to all regions to which + you deployed this cluster's nodes. + items: + description: PrivateEndpoint connection strings. Each object + describes the connection strings you can use to connect to + this cluster through a private endpoint. Atlas returns this + parameter only if you deployed a private endpoint to all regions + to which you deployed this cluster's nodes. + properties: + connectionString: + description: Private-endpoint-aware mongodb:// connection + string for this private endpoint. + type: string + endpoints: + description: Private endpoint through which you connect + to Atlas when you use connectionStrings.privateEndpoint[n].connectionString + or connectionStrings.privateEndpoint[n].srvConnectionString. + items: + description: Endpoint through which you connect to Atlas + properties: + endpointId: + description: Unique identifier of the private endpoint. + type: string + ip: + description: Private IP address of the private endpoint + network interface you created in your Azure VNet. + type: string + providerName: + description: Cloud provider to which you deployed + the private endpoint. Atlas returns AWS or AZURE. + type: string + region: + description: Region to which you deployed the private + endpoint. + type: string + type: object + type: array + srvConnectionString: + description: Private-endpoint-aware mongodb+srv:// connection + string for this private endpoint. + type: string + type: + description: "Type of MongoDB process that you connect to + with the connection strings \n Atlas returns: \n • MONGOD + for replica sets, or \n • MONGOS for sharded clusters" + type: string + type: object + type: array + privateSrv: + description: Network-peering-endpoint-aware mongodb+srv:// connection + strings for each interface VPC endpoint you configured to connect + to this cluster. Atlas returns this parameter only if you created + a network peering connection to this cluster. Use this URI format + if your driver supports it. If it doesn't, use connectionStrings.private. + type: string + standard: + description: Public mongodb:// connection string for this cluster. + type: string + standardSrv: + description: Public mongodb+srv:// connection string for this + cluster. + type: string + type: object + customZoneMapping: + properties: + customZoneMapping: + additionalProperties: + type: string + type: object + zoneMappingErrMessage: + type: string + zoneMappingState: + type: string + type: object + managedNamespaces: + items: + properties: + collection: + type: string + customShardKey: + type: string + db: + type: string + errMessage: + type: string + isCustomShardKeyHashed: + type: boolean + isShardKeyUnique: + type: boolean + numInitialChunks: + type: integer + presplitHashedZones: + type: boolean + status: + type: string + required: + - collection + - db + type: object + type: array + mongoDBVersion: + description: MongoDBVersion is the version of MongoDB the cluster + runs, in . format. + type: string + mongoURIUpdated: + description: MongoURIUpdated is a timestamp in ISO 8601 date and time + format in UTC when the connection string was last updated. The connection + string changes if you update any of the other values. + type: string + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + replicaSets: + items: + properties: + id: + type: string + zoneName: + type: string + required: + - id + type: object + type: array + serverlessPrivateEndpoints: + items: + properties: + _id: + description: ID is the identifier of the Serverless PrivateLink + Service. + type: string + cloudProviderEndpointId: + description: CloudProviderEndpointID is the identifier of the + cloud provider endpoint. + type: string + endpointServiceName: + description: EndpointServiceName is the name of the PrivateLink + endpoint service in AWS. Returns null while the endpoint service + is being created. + type: string + errorMessage: + description: ErrorMessage is the error message if the Serverless + PrivateLink Service failed to create or connect. + type: string + name: + description: Name is the name of the Serverless PrivateLink + Service. Should be unique. + type: string + privateEndpointIpAddress: + description: PrivateEndpointIPAddress is the IPv4 address of + the private endpoint in your Azure VNet that someone added + to this private endpoint service. + type: string + privateLinkServiceResourceId: + description: PrivateLinkServiceResourceID is the root-relative + path that identifies the Azure Private Link Service that MongoDB + Cloud manages. MongoDB Cloud returns null while it creates + the endpoint service. + type: string + providerName: + description: ProviderName is human-readable label that identifies + the cloud provider. Values include AWS or AZURE. + type: string + status: + description: Status of the AWS Serverless PrivateLink connection. + type: string + type: object + type: array + stateName: + description: 'StateName is the current state of the cluster. The possible + states are: IDLE, CREATING, UPDATING, DELETING, DELETED, REPAIRING' + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasfederatedauths.yaml b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasfederatedauths.yaml new file mode 100644 index 00000000000..db75750f90d --- /dev/null +++ b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasfederatedauths.yaml @@ -0,0 +1,181 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: mongodb-atlas-kubernetes-operator + app.kubernetes.io/name: mongodb-atlas-kubernetes-operator + name: atlasfederatedauths.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasFederatedAuth + listKind: AtlasFederatedAuthList + plural: atlasfederatedauths + singular: atlasfederatedauth + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: AtlasFederatedAuth is the Schema for the Atlasfederatedauth API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + connectionSecretRef: + description: Connection secret with API credentials for configuring + the federation. These credentials must have OrganizationOwner permissions. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes Resource + type: string + required: + - name + type: object + domainAllowList: + description: Approved domains that restrict users who can join the + organization based on their email address. + items: + type: string + type: array + domainRestrictionEnabled: + default: false + description: Prevent users in the federation from accessing organizations + outside of the federation, and creating new organizations. This + option applies to the entire federation. See more information at + https://www.mongodb.com/docs/atlas/security/federation-advanced-options/#restrict-user-membership-to-the-federation + type: boolean + enabled: + default: false + type: boolean + postAuthRoleGrants: + description: Atlas roles that are granted to a user in this organization + after authenticating. + items: + type: string + type: array + roleMappings: + description: Map IDP groups to Atlas roles. + items: + description: RoleMapping maps an external group from an identity + provider to roles within Atlas. + properties: + externalGroupName: + description: ExternalGroupName is the name of the IDP group + to which this mapping applies. + maxLength: 200 + minLength: 1 + type: string + roleAssignments: + description: RoleAssignments define the roles within projects + that should be given to members of the group. + items: + properties: + projectName: + description: The Atlas project in the same org in which + the role should be given. + type: string + role: + description: The role in Atlas that should be given to + group members. + enum: + - ORG_MEMBER + - ORG_READ_ONLY + - ORG_BILLING_ADMIN + - ORG_GROUP_CREATOR + - ORG_OWNER + - ORG_BILLING_READ_ONLY + - ORG_TEAM_MEMBERS_ADMIN + - GROUP_AUTOMATION_ADMIN + - GROUP_BACKUP_ADMIN + - GROUP_MONITORING_ADMIN + - GROUP_OWNER + - GROUP_READ_ONLY + - GROUP_USER_ADMIN + - GROUP_BILLING_ADMIN + - GROUP_DATA_ACCESS_ADMIN + - GROUP_DATA_ACCESS_READ_ONLY + - GROUP_DATA_ACCESS_READ_WRITE + - GROUP_CHARTS_ADMIN + - GROUP_CLUSTER_MANAGER + - GROUP_SEARCH_INDEX_EDITOR + type: string + type: object + type: array + type: object + type: array + ssoDebugEnabled: + default: false + type: boolean + type: object + status: + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasprojects.yaml b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasprojects.yaml new file mode 100644 index 00000000000..ae1e422a855 --- /dev/null +++ b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasprojects.yaml @@ -0,0 +1,1509 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: mongodb-atlas-kubernetes-operator + app.kubernetes.io/name: mongodb-atlas-kubernetes-operator + name: atlasprojects.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasProject + listKind: AtlasProjectList + plural: atlasprojects + singular: atlasproject + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.name + name: Name + type: string + name: v1 + schema: + openAPIV3Schema: + description: AtlasProject is the Schema for the atlasprojects API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasProjectSpec defines the desired state of Project in + Atlas + properties: + alertConfigurationSyncEnabled: + description: AlertConfigurationSyncEnabled is a flag that enables/disables + Alert Configurations sync for the current Project. If true - project + alert configurations will be synced according to AlertConfigurations. + If not - alert configurations will not be modified by the operator. + They can be managed through API, cli, UI. + type: boolean + alertConfigurations: + description: AlertConfiguration is a list of Alert Configurations + configured for the current Project. + items: + properties: + enabled: + description: If omitted, the configuration is disabled. + type: boolean + eventTypeName: + description: The type of event that will trigger an alert. + type: string + matchers: + description: You can filter using the matchers array only when + the EventTypeName specifies an event for a host, replica set, + or sharded cluster. + items: + properties: + fieldName: + description: Name of the field in the target object to + match on. + type: string + operator: + description: The operator to test the field’s value. + type: string + value: + description: Value to test with the specified operator. + type: string + type: object + type: array + metricThreshold: + description: MetricThreshold causes an alert to be triggered. + properties: + metricName: + description: Name of the metric to check. + type: string + mode: + description: This must be set to AVERAGE. Atlas computes + the current metric value as an average. + type: string + operator: + description: Operator to apply when checking the current + metric value against the threshold value. + type: string + threshold: + description: Threshold value outside which an alert will + be triggered. + type: string + units: + description: The units for the threshold value. + type: string + required: + - threshold + type: object + notifications: + description: Notifications are sending when an alert condition + is detected. + items: + properties: + apiTokenRef: + description: Secret containing a Slack API token or Bot + token. Populated for the SLACK notifications type. If + the token later becomes invalid, Atlas sends an email + to the project owner and eventually removes the token. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + channelName: + description: Slack channel name. Populated for the SLACK + notifications type. + type: string + datadogAPIKeyRef: + description: Secret containing a Datadog API Key. Found + in the Datadog dashboard. Populated for the DATADOG + notifications type. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + datadogRegion: + description: Region that indicates which API URL to use + type: string + delayMin: + description: Number of minutes to wait after an alert + condition is detected before sending out the first notification. + type: integer + emailAddress: + description: Email address to which alert notifications + are sent. Populated for the EMAIL notifications type. + type: string + emailEnabled: + description: Flag indicating if email notifications should + be sent. Populated for ORG, GROUP, and USER notifications + types. + type: boolean + flowName: + description: Flowdock flow namse in lower-case letters. + type: string + flowdockApiTokenRef: + description: The Flowdock personal API token. Populated + for the FLOWDOCK notifications type. If the token later + becomes invalid, Atlas sends an email to the project + owner and eventually removes the token. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + intervalMin: + description: Number of minutes to wait between successive + notifications for unacknowledged alerts that are not + resolved. + type: integer + mobileNumber: + description: Mobile number to which alert notifications + are sent. Populated for the SMS notifications type. + type: string + opsGenieApiKeyRef: + description: Opsgenie API Key. Populated for the OPS_GENIE + notifications type. If the key later becomes invalid, + Atlas sends an email to the project owner and eventually + removes the token. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + opsGenieRegion: + description: Region that indicates which API URL to use. + type: string + orgName: + description: Flowdock organization name in lower-case + letters. This is the name that appears after www.flowdock.com/app/ + in the URL string. Populated for the FLOWDOCK notifications + type. + type: string + roles: + description: The following roles grant privileges within + a project. + items: + type: string + type: array + serviceKeyRef: + description: PagerDuty service key. Populated for the + PAGER_DUTY notifications type. If the key later becomes + invalid, Atlas sends an email to the project owner and + eventually removes the key. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + smsEnabled: + description: Flag indicating if text message notifications + should be sent. Populated for ORG, GROUP, and USER notifications + types. + type: boolean + teamId: + description: Unique identifier of a team. + type: string + teamName: + description: Label for the team that receives this notification. + type: string + typeName: + description: Type of alert notification. + type: string + username: + description: Name of the Atlas user to which to send notifications. + Only a user in the project that owns the alert configuration + is allowed here. Populated for the USER notifications + type. + type: string + victorOpsSecretRef: + description: Secret containing a VictorOps API key and + Routing key. Populated for the VICTOR_OPS notifications + type. If the key later becomes invalid, Atlas sends + an email to the project owner and eventually removes + the key. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + type: object + type: array + threshold: + description: Threshold causes an alert to be triggered. + properties: + operator: + description: 'Operator to apply when checking the current + metric value against the threshold value. it accepts the + following values: GREATER_THAN, LESS_THAN' + type: string + threshold: + description: Threshold value outside which an alert will + be triggered. + type: string + units: + description: The units for the threshold value + type: string + type: object + type: object + type: array + auditing: + description: Auditing represents MongoDB Maintenance Windows + properties: + auditAuthorizationSuccess: + description: 'Indicates whether the auditing system captures successful + authentication attempts for audit filters using the "atype" + : "authCheck" auditing event. For more information, see auditAuthorizationSuccess' + type: boolean + auditFilter: + description: JSON-formatted audit filter used by the project + type: string + enabled: + description: Denotes whether or not the project associated with + the {GROUP-ID} has database auditing enabled. + type: boolean + type: object + cloudProviderAccessRoles: + description: CloudProviderAccessRoles is a list of Cloud Provider + Access Roles configured for the current Project. + items: + properties: + iamAssumedRoleArn: + description: IamAssumedRoleArn is the ARN of the IAM role that + is assumed by the Atlas cluster. + type: string + providerName: + description: ProviderName is the name of the cloud provider. + Currently only AWS is supported. + type: string + required: + - providerName + type: object + type: array + connectionSecretRef: + description: ConnectionSecret is the name of the Kubernetes Secret + which contains the information about the way to connect to Atlas + (organization ID, API keys). The default Operator connection configuration + will be used if not provided. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes Resource + type: string + required: + - name + type: object + customRoles: + description: The customRoles lets you create, and change custom roles + in your cluster. Use custom roles to specify custom sets of actions + that the Atlas built-in roles can't describe. + items: + properties: + actions: + description: List of the individual privilege actions that the + role grants. + items: + properties: + name: + description: Human-readable label that identifies the + privilege action. + type: string + resources: + description: List of resources on which you grant the + action. + items: + properties: + cluster: + description: Flag that indicates whether to grant + the action on the cluster resource. If true, MongoDB + Cloud ignores Database and Collection parameters. + type: boolean + collection: + description: Human-readable label that identifies + the collection on which you grant the action to + one MongoDB user. + type: string + database: + description: Human-readable label that identifies + the database on which you grant the action to + one MongoDB user. + type: string + type: object + type: array + required: + - name + - resources + type: object + type: array + inheritedRoles: + description: List of the built-in roles that this custom role + inherits. + items: + properties: + database: + description: Human-readable label that identifies the + database on which someone grants the action to one MongoDB + user. + type: string + name: + description: Human-readable label that identifies the + role inherited. + type: string + required: + - database + - name + type: object + type: array + name: + description: Human-readable label that identifies the role. + This name must be unique for this custom role in this project. + type: string + required: + - name + type: object + type: array + encryptionAtRest: + description: EncryptionAtRest allows to set encryption for AWS, Azure + and GCP providers + properties: + awsKms: + description: AwsKms specifies AWS KMS configuration details and + whether Encryption at Rest is enabled for an Atlas project. + properties: + enabled: + type: boolean + region: + type: string + secretRef: + description: A reference to as Secret containing the AccessKeyID, + SecretAccessKey, CustomerMasterKeyID and RoleID fields + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + valid: + type: boolean + type: object + azureKeyVault: + description: AzureKeyVault specifies Azure Key Vault configuration + details and whether Encryption at Rest is enabled for an Atlas + project. + properties: + azureEnvironment: + type: string + clientID: + type: string + enabled: + type: boolean + resourceGroupName: + type: string + secretRef: + description: A reference to as Secret containing the SubscriptionID, + KeyVaultName, KeyIdentifier, Secret fields + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + tenantID: + type: string + type: object + googleCloudKms: + description: GoogleCloudKms specifies GCP KMS configuration details + and whether Encryption at Rest is enabled for an Atlas project. + properties: + enabled: + type: boolean + secretRef: + description: A reference to as Secret containing the ServiceAccountKey, + KeyVersionResourceID fields + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + type: object + type: object + integrations: + description: Integrations is a list of MongoDB Atlas integrations + for the project + items: + properties: + accountId: + type: string + apiKeyRef: + description: ResourceRefNamespaced is a reference to a Kubernetes + Resource that allows to configure the namespace + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + apiTokenRef: + description: ResourceRefNamespaced is a reference to a Kubernetes + Resource that allows to configure the namespace + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + channelName: + type: string + enabled: + type: boolean + flowName: + type: string + licenseKeyRef: + description: ResourceRefNamespaced is a reference to a Kubernetes + Resource that allows to configure the namespace + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + microsoftTeamsWebhookUrl: + type: string + name: + type: string + orgName: + type: string + passwordRef: + description: ResourceRefNamespaced is a reference to a Kubernetes + Resource that allows to configure the namespace + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + readTokenRef: + description: ResourceRefNamespaced is a reference to a Kubernetes + Resource that allows to configure the namespace + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + region: + type: string + routingKeyRef: + description: ResourceRefNamespaced is a reference to a Kubernetes + Resource that allows to configure the namespace + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + scheme: + type: string + secretRef: + description: ResourceRefNamespaced is a reference to a Kubernetes + Resource that allows to configure the namespace + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + serviceDiscovery: + type: string + serviceKeyRef: + description: ResourceRefNamespaced is a reference to a Kubernetes + Resource that allows to configure the namespace + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + teamName: + type: string + type: + description: Third Party Integration type such as Slack, New + Relic, etc + enum: + - PAGER_DUTY + - SLACK + - DATADOG + - NEW_RELIC + - OPS_GENIE + - VICTOR_OPS + - FLOWDOCK + - WEBHOOK + - MICROSOFT_TEAMS + - PROMETHEUS + type: string + url: + type: string + username: + type: string + writeTokenRef: + description: ResourceRefNamespaced is a reference to a Kubernetes + Resource that allows to configure the namespace + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + type: object + type: array + maintenanceWindow: + description: MaintenanceWindow allows to specify a preferred time + in the week to run maintenance operations. See more information + at https://www.mongodb.com/docs/atlas/reference/api/maintenance-windows/ + properties: + autoDefer: + description: Flag indicating whether any scheduled project maintenance + should be deferred automatically for one week. + type: boolean + dayOfWeek: + description: Day of the week when you would like the maintenance + window to start as a 1-based integer. Sunday 1, Monday 2, Tuesday + 3, Wednesday 4, Thursday 5, Friday 6, Saturday 7 + maximum: 7 + minimum: 1 + type: integer + defer: + description: Flag indicating whether the next scheduled project + maintenance should be deferred for one week. Cannot be specified + if startASAP is true + type: boolean + hourOfDay: + description: Hour of the day when you would like the maintenance + window to start. This parameter uses the 24-hour clock, where + midnight is 0, noon is 12. + maximum: 23 + minimum: 0 + type: integer + startASAP: + description: Flag indicating whether project maintenance has been + directed to start immediately. Cannot be specified if defer + is true + type: boolean + type: object + name: + description: Name is the name of the Project that is created in Atlas + by the Operator if it doesn't exist yet. + type: string + networkPeers: + description: NetworkPeers is a list of Network Peers configured for + the current Project. + items: + properties: + accepterRegionName: + description: AccepterRegionName is the provider region name + of user's vpc. + type: string + atlasCidrBlock: + description: Atlas CIDR. It needs to be set if ContainerID is + not set. + type: string + awsAccountId: + description: AccountID of the user's vpc. + type: string + azureDirectoryId: + description: AzureDirectoryID is the unique identifier for an + Azure AD directory. + type: string + azureSubscriptionId: + description: AzureSubscriptionID is the unique identifier of + the Azure subscription in which the VNet resides. + type: string + containerId: + description: ID of the network peer container. If not set, operator + will create a new container with ContainerRegion and AtlasCIDRBlock + input. + type: string + containerRegion: + description: ContainerRegion is the provider region name of + Atlas network peer container. If not set, AccepterRegionName + is used. + type: string + gcpProjectId: + description: User GCP Project ID. Its applicable only for GCP. + type: string + networkName: + description: GCP Network Peer Name. Its applicable only for + GCP. + type: string + providerName: + description: ProviderName is the name of the provider. If not + set, it will be set to "AWS". + type: string + resourceGroupName: + description: ResourceGroupName is the name of your Azure resource + group. + type: string + routeTableCidrBlock: + description: User VPC CIDR. + type: string + vnetName: + description: VNetName is name of your Azure VNet. Its applicable + only for Azure. + type: string + vpcId: + description: AWS VPC ID. + type: string + type: object + type: array + privateEndpoints: + description: PrivateEndpoints is a list of Private Endpoints configured + for the current Project. + items: + properties: + endpointGroupName: + description: Unique identifier of the endpoint group. The endpoint + group encompasses all of the endpoints that you created in + Google Cloud. + type: string + endpoints: + description: Collection of individual private endpoints that + comprise your endpoint group. + items: + properties: + endpointName: + description: Forwarding rule that corresponds to the endpoint + you created in Google Cloud. + type: string + ipAddress: + description: Private IP address of the endpoint you created + in Google Cloud. + type: string + type: object + type: array + gcpProjectId: + description: Unique identifier of the Google Cloud project in + which you created your endpoints. + type: string + id: + description: Unique identifier of the private endpoint you created + in your AWS VPC or Azure Vnet. + type: string + ip: + description: Private IP address of the private endpoint network + interface you created in your Azure VNet. + type: string + provider: + description: Cloud provider for which you want to retrieve a + private endpoint service. Atlas accepts AWS or AZURE. + enum: + - AWS + - GCP + - AZURE + - TENANT + type: string + region: + description: Cloud provider region for which you want to create + the private endpoint service. + type: string + required: + - provider + - region + type: object + type: array + projectIpAccessList: + description: ProjectIPAccessList allows to enable the IP Access List + for the Project. See more information at https://docs.atlas.mongodb.com/reference/api/ip-access-list/add-entries-to-access-list/ + items: + properties: + awsSecurityGroup: + description: Unique identifier of AWS security group in this + access list entry. + type: string + cidrBlock: + description: Range of IP addresses in CIDR notation in this + access list entry. + type: string + comment: + description: Comment associated with this access list entry. + type: string + deleteAfterDate: + description: Timestamp in ISO 8601 date and time format in UTC + after which Atlas deletes the temporary access list entry. + type: string + ipAddress: + description: Entry using an IP address in this access list entry. + type: string + type: object + type: array + regionUsageRestrictions: + default: NONE + description: RegionUsageRestrictions designate the project's AWS region + when using Atlas for Government. This parameter should not be used + with commercial Atlas. In Atlas for Government, not setting this + field (defaulting to NONE) means the project is restricted to COMMERCIAL_FEDRAMP_REGIONS_ONLY + enum: + - NONE + - GOV_REGIONS_ONLY + - COMMERCIAL_FEDRAMP_REGIONS_ONLY + type: string + settings: + description: Settings allow to set Project Settings for the project + properties: + isCollectDatabaseSpecificsStatisticsEnabled: + type: boolean + isDataExplorerEnabled: + type: boolean + isExtendedStorageSizesEnabled: + type: boolean + isPerformanceAdvisorEnabled: + type: boolean + isRealtimePerformancePanelEnabled: + type: boolean + isSchemaAdvisorEnabled: + type: boolean + type: object + teams: + description: Teams enable you to grant project access roles to multiple + users. + items: + properties: + roles: + description: Roles the users of the team has over the project + items: + enum: + - GROUP_OWNER + - GROUP_CLUSTER_MANAGER + - GROUP_DATA_ACCESS_ADMIN + - GROUP_DATA_ACCESS_READ_WRITE + - GROUP_DATA_ACCESS_READ_ONLY + - GROUP_READ_ONLY + type: string + minItems: 1 + type: array + teamRef: + description: Reference to the team which will assigned to the + project + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + required: + - roles + - teamRef + type: object + type: array + withDefaultAlertsSettings: + default: true + description: Flag that indicates whether to create the new project + with the default alert settings enabled. This parameter defaults + to true + type: boolean + x509CertRef: + description: X509CertRef is the name of the Kubernetes Secret which + contains PEM-encoded CA certificate + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes Resource + type: string + required: + - name + type: object + required: + - name + type: object + status: + description: AtlasProjectStatus defines the observed state of AtlasProject + properties: + alertConfigurations: + description: AlertConfigurations contains a list of alert configuration + statuses + items: + properties: + acknowledgedUntil: + description: The date through which the alert has been acknowledged. + Will not be present if the alert has never been acknowledged. + type: string + acknowledgementComment: + description: The comment left by the user who acknowledged the + alert. Will not be present if the alert has never been acknowledged. + type: string + acknowledgingUsername: + description: The username of the user who acknowledged the alert. + Will not be present if the alert has never been acknowledged. + type: string + alertConfigId: + description: ID of the alert configuration that triggered this + alert. + type: string + clusterId: + description: The ID of the cluster to which this alert applies. + Only present for alerts of type BACKUP, REPLICA_SET, and CLUSTER. + type: string + clusterName: + description: The name the cluster to which this alert applies. + Only present for alerts of type BACKUP, REPLICA_SET, and CLUSTER. + type: string + created: + description: Timestamp in ISO 8601 date and time format in UTC + when this alert configuration was created. + type: string + currentValue: + description: CurrentValue represents current value of the metric + that triggered the alert. Only present for alerts of type + HOST_METRIC. + properties: + number: + description: The value of the metric. + type: string + units: + description: The units for the value. Depends on the type + of metric. + type: string + type: object + enabled: + description: If omitted, the configuration is disabled. + type: boolean + errorMessage: + description: ErrorMessage is massage if the alert configuration + is in an incorrect state. + type: string + eventTypeName: + description: The type of event that will trigger an alert. + type: string + groupId: + description: Unique identifier of the project that owns this + alert configuration. + type: string + hostId: + description: ID of the host to which the metric pertains. Only + present for alerts of type HOST, HOST_METRIC, and REPLICA_SET. + type: string + hostnameAndPort: + description: The hostname and port of each host to which the + alert applies. Only present for alerts of type HOST, HOST_METRIC, + and REPLICA_SET. + type: string + id: + description: Unique identifier. + type: string + lastNotified: + description: When the last notification was sent for this alert. + Only present if notifications have been sent. + type: string + matchers: + description: You can filter using the matchers array only when + the EventTypeName specifies an event for a host, replica set, + or sharded cluster. + items: + properties: + fieldName: + description: Name of the field in the target object to + match on. + type: string + operator: + description: The operator to test the field’s value. + type: string + value: + description: Value to test with the specified operator. + type: string + type: object + type: array + metricName: + description: The name of the measurement whose value went outside + the threshold. Only present if eventTypeName is set to OUTSIDE_METRIC_THRESHOLD. + type: string + metricThreshold: + description: MetricThreshold causes an alert to be triggered. + properties: + metricName: + description: Name of the metric to check. + type: string + mode: + description: This must be set to AVERAGE. Atlas computes + the current metric value as an average. + type: string + operator: + description: Operator to apply when checking the current + metric value against the threshold value. + type: string + threshold: + description: Threshold value outside which an alert will + be triggered. + type: string + units: + description: The units for the threshold value. + type: string + required: + - threshold + type: object + notifications: + description: Notifications are sending when an alert condition + is detected. + items: + properties: + apiToken: + description: Slack API token or Bot token. Populated for + the SLACK notifications type. If the token later becomes + invalid, Atlas sends an email to the project owner and + eventually removes the token. + type: string + channelName: + description: Slack channel name. Populated for the SLACK + notifications type. + type: string + datadogApiKey: + description: Datadog API Key. Found in the Datadog dashboard. + Populated for the DATADOG notifications type. + type: string + datadogRegion: + description: Region that indicates which API URL to use + type: string + delayMin: + description: Number of minutes to wait after an alert + condition is detected before sending out the first notification. + type: integer + emailAddress: + description: Email address to which alert notifications + are sent. Populated for the EMAIL notifications type. + type: string + emailEnabled: + description: Flag indicating if email notifications should + be sent. Populated for ORG, GROUP, and USER notifications + types. + type: boolean + flowName: + description: Flowdock flow namse in lower-case letters. + type: string + flowdockApiToken: + description: The Flowdock personal API token. Populated + for the FLOWDOCK notifications type. If the token later + becomes invalid, Atlas sends an email to the project + owner and eventually removes the token. + type: string + intervalMin: + description: Number of minutes to wait between successive + notifications for unacknowledged alerts that are not + resolved. + type: integer + mobileNumber: + description: Mobile number to which alert notifications + are sent. Populated for the SMS notifications type. + type: string + opsGenieApiKey: + description: Opsgenie API Key. Populated for the OPS_GENIE + notifications type. If the key later becomes invalid, + Atlas sends an email to the project owner and eventually + removes the token. + type: string + opsGenieRegion: + description: Region that indicates which API URL to use. + type: string + orgName: + description: Flowdock organization name in lower-case + letters. This is the name that appears after www.flowdock.com/app/ + in the URL string. Populated for the FLOWDOCK notifications + type. + type: string + roles: + description: The following roles grant privileges within + a project. + items: + type: string + type: array + serviceKey: + description: PagerDuty service key. Populated for the + PAGER_DUTY notifications type. If the key later becomes + invalid, Atlas sends an email to the project owner and + eventually removes the key. + type: string + smsEnabled: + description: Flag indicating if text message notifications + should be sent. Populated for ORG, GROUP, and USER notifications + types. + type: boolean + teamId: + description: Unique identifier of a team. + type: string + teamName: + description: Label for the team that receives this notification. + type: string + typeName: + description: Type of alert notification. + type: string + username: + description: Name of the Atlas user to which to send notifications. + Only a user in the project that owns the alert configuration + is allowed here. Populated for the USER notifications + type. + type: string + victorOpsApiKey: + description: VictorOps API key. Populated for the VICTOR_OPS + notifications type. If the key later becomes invalid, + Atlas sends an email to the project owner and eventually + removes the key. + type: string + victorOpsRoutingKey: + description: VictorOps routing key. Populated for the + VICTOR_OPS notifications type. If the key later becomes + invalid, Atlas sends an email to the project owner and + eventually removes the key. + type: string + type: object + type: array + replicaSetName: + description: Name of the replica set. Only present for alerts + of type HOST, HOST_METRIC, BACKUP, and REPLICA_SET. + type: string + resolved: + description: When the alert was closed. Only present if the + status is CLOSED. + type: string + sourceTypeName: + description: For alerts of the type BACKUP, the type of server + being backed up. + type: string + status: + description: 'The current state of the alert. Possible values + are: TRACKING, OPEN, CLOSED, CANCELED' + type: string + threshold: + description: Threshold causes an alert to be triggered. + properties: + operator: + description: 'Operator to apply when checking the current + metric value against the threshold value. it accepts the + following values: GREATER_THAN, LESS_THAN' + type: string + threshold: + description: Threshold value outside which an alert will + be triggered. + type: string + units: + description: The units for the threshold value + type: string + type: object + updated: + description: Timestamp in ISO 8601 date and time format in UTC + when this alert configuration was last updated. + type: string + type: object + type: array + authModes: + description: AuthModes contains a list of configured authentication + modes "SCRAM" is default authentication method and requires a password + for each user "X509" signifies that self-managed X.509 authentication + is configured + items: + type: string + type: array + cloudProviderAccessRoles: + description: CloudProviderAccessRoles contains a list of configured + cloud provider access roles. AWS support only + items: + properties: + atlasAWSAccountArn: + type: string + atlasAssumedRoleExternalId: + type: string + authorizedDate: + type: string + createdDate: + type: string + errorMessage: + type: string + featureUsages: + items: + properties: + featureId: + type: string + featureType: + type: string + type: object + type: array + iamAssumedRoleArn: + type: string + providerName: + type: string + roleId: + type: string + status: + type: string + required: + - atlasAssumedRoleExternalId + - providerName + type: object + type: array + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + customRoles: + description: CustomRoles contains a list of custom roles statuses + items: + properties: + error: + description: The message when the custom role is in the FAILED + status + type: string + name: + description: Role name which is unique + type: string + status: + description: The status of the given custom role (OK or FAILED) + type: string + required: + - name + - status + type: object + type: array + expiredIpAccessList: + description: The list of IP Access List entries that are expired due + to 'deleteAfterDate' being less than the current date. Note, that + this field is updated by the Atlas Operator only after specification + changes + items: + properties: + awsSecurityGroup: + description: Unique identifier of AWS security group in this + access list entry. + type: string + cidrBlock: + description: Range of IP addresses in CIDR notation in this + access list entry. + type: string + comment: + description: Comment associated with this access list entry. + type: string + deleteAfterDate: + description: Timestamp in ISO 8601 date and time format in UTC + after which Atlas deletes the temporary access list entry. + type: string + ipAddress: + description: Entry using an IP address in this access list entry. + type: string + type: object + type: array + id: + description: The ID of the Atlas Project + type: string + networkPeers: + description: The list of network peers that are configured for current + project + items: + properties: + atlasGcpProjectId: + description: ProjectID of Atlas container. Applicable only for + GCP. It's needed to add network peer connection. + type: string + atlasNetworkName: + description: Atlas Network Name. Applicable only for GCP. It's + needed to add network peer connection. + type: string + connectionId: + description: Unique identifier of the network peer connection. + Applicable only for AWS. + type: string + containerId: + description: ContainerID of Atlas network peer container. + type: string + errorMessage: + description: Error state of the network peer. Applicable only + for GCP. + type: string + errorState: + description: Error state of the network peer. Applicable only + for Azure. + type: string + errorStateName: + description: Error state of the network peer. Applicable only + for AWS. + type: string + gcpProjectId: + description: ProjectID of the user's vpc. Applicable only for + GCP. + type: string + id: + description: Unique identifier for NetworkPeer. + type: string + providerName: + description: Cloud provider for which you want to retrieve a + network peer. + type: string + region: + description: Region for which you want to create the network + peer. It isn't needed for GCP + type: string + status: + description: Status of the network peer. Applicable only for + GCP and Azure. + type: string + statusName: + description: Status of the network peer. Applicable only for + AWS. + type: string + vpc: + description: VPC is general purpose field for storing the name + of the VPC. VPC is vpcID for AWS, user networkName for GCP, + and vnetName for Azure. + type: string + required: + - id + - providerName + - region + type: object + type: array + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + privateEndpoints: + description: The list of private endpoints configured for current + project + items: + properties: + endpoints: + description: Collection of individual GCP private endpoints + that comprise your network endpoint group. + items: + properties: + endpointName: + type: string + ipAddress: + type: string + status: + type: string + required: + - endpointName + - ipAddress + - status + type: object + type: array + id: + description: Unique identifier for AWS or AZURE Private Link + Connection. + type: string + interfaceEndpointId: + description: Unique identifier of the AWS or Azure Private Link + Interface Endpoint. + type: string + provider: + description: Cloud provider for which you want to retrieve a + private endpoint service. Atlas accepts AWS or AZURE. + type: string + region: + description: Cloud provider region for which you want to create + the private endpoint service. + type: string + serviceAttachmentNames: + description: Unique alphanumeric and special character strings + that identify the service attachments associated with the + GCP Private Service Connect endpoint service. + items: + type: string + type: array + serviceName: + description: Name of the AWS or Azure Private Link Service that + Atlas manages. + type: string + serviceResourceId: + description: Unique identifier of the Azure Private Link Service + (for AWS the same as ID). + type: string + required: + - provider + - region + type: object + type: array + prometheus: + description: Prometheus contains the status for Prometheus integration + including the prometheusDiscoveryURL + properties: + prometheusDiscoveryURL: + type: string + scheme: + type: string + type: object + teams: + description: Teams contains a list of teams assignment statuses + items: + properties: + id: + type: string + teamRef: + description: ResourceRefNamespaced is a reference to a Kubernetes + Resource that allows to configure the namespace + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + namespace: + description: Namespace is the namespace of the Kubernetes + Resource + type: string + required: + - name + type: object + required: + - teamRef + type: object + type: array + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasteams.yaml b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasteams.yaml new file mode 100644 index 00000000000..94bd2d1ba9f --- /dev/null +++ b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/atlas.mongodb.com_atlasteams.yaml @@ -0,0 +1,130 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: mongodb-atlas-kubernetes-operator + app.kubernetes.io/name: mongodb-atlas-kubernetes-operator + name: atlasteams.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasTeam + listKind: AtlasTeamList + plural: atlasteams + singular: atlasteam + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.name + name: Name + type: string + name: v1 + schema: + openAPIV3Schema: + description: AtlasTeam is the Schema for the Atlas Teams API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TeamSpec defines the desired state of a Team in Atlas + properties: + name: + description: The name of the team you want to create. + type: string + usernames: + description: Valid email addresses of users to add to the new team + items: + format: email + type: string + type: array + required: + - name + - usernames + type: object + status: + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + id: + description: ID of the team + type: string + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + projects: + description: List of projects which the team is assigned + items: + properties: + id: + description: Unique identifier of the project inside atlas + type: string + name: + description: Name given to the project + type: string + required: + - id + - name + type: object + type: array + required: + - conditions + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/mongodb-atlas-kubernetes/2.0.1/manifests/mongodb-atlas-controller-manager-metrics-service_v1_service.yaml b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/mongodb-atlas-controller-manager-metrics-service_v1_service.yaml new file mode 100644 index 00000000000..4999beebf39 --- /dev/null +++ b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/mongodb-atlas-controller-manager-metrics-service_v1_service.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: mongodb-atlas-kubernetes-operator + app.kubernetes.io/name: mongodb-atlas-kubernetes-operator + name: mongodb-atlas-controller-manager-metrics-service +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: mongodb-atlas-kubernetes-operator + app.kubernetes.io/name: mongodb-atlas-kubernetes-operator +status: + loadBalancer: {} diff --git a/operators/mongodb-atlas-kubernetes/2.0.1/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml new file mode 100644 index 00000000000..1e865279d5a --- /dev/null +++ b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml @@ -0,0 +1,604 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "atlas.mongodb.com/v1", + "kind": "AtlasBackupPolicy", + "metadata": { + "name": "atlasbackuppolicy-sample" + }, + "spec": { + "items": [ + { + "frequencyInterval": 3, + "frequencyType": "daily", + "retentionUnit": "weeks", + "retentionValue": 2 + } + ] + } + }, + { + "apiVersion": "atlas.mongodb.com/v1", + "kind": "AtlasBackupSchedule", + "metadata": { + "name": "atlasbackupschedule-sample" + }, + "spec": { + "autoExportEnabled": false, + "copySettings": [ + { + "cloudProvider": "AWS", + "frequencies": [ + "WEEKLY" + ], + "regionName": "US_WEST_1", + "replicationSpecId": "a1b2c3", + "shouldCopyOplogs": false + } + ], + "policy": { + "name": "atlasbackuppolicy-sample" + }, + "referenceHourOfDay": 10, + "referenceMinuteOfHour": 10, + "restoreWindowDays": 2, + "useOrgAndGroupNamesInExportPrefix": true + } + }, + { + "apiVersion": "atlas.mongodb.com/v1", + "kind": "AtlasDatabaseUser", + "metadata": { + "name": "my-database-user" + }, + "spec": { + "databaseName": "admin", + "passwordSecretRef": { + "name": "my-database-user-password" + }, + "projectRef": { + "name": "my-project" + }, + "roles": [ + { + "databaseName": "admin", + "roleName": "readWriteAnyDatabase" + } + ], + "username": "david" + } + }, + { + "apiVersion": "atlas.mongodb.com/v1", + "kind": "AtlasDeployment", + "metadata": { + "name": "my-atlas-deployment" + }, + "spec": { + "deploymentSpec": { + "name": "test-deployment", + "providerSettings": { + "instanceSizeName": "M10", + "providerName": "AWS", + "regionName": "US_EAST_1" + } + }, + "projectRef": { + "name": "my-project" + } + } + }, + { + "apiVersion": "atlas.mongodb.com/v1", + "kind": "AtlasProject", + "metadata": { + "name": "my-project" + }, + "spec": { + "name": "Test Atlas Operator Project", + "projectIpAccessList": [ + { + "comment": "IP address for Application Server A", + "ipAddress": "192.0.2.15" + } + ] + } + }, + { + "apiVersion": "atlas.mongodb.com/v1", + "kind": "AtlasTeam", + "metadata": { + "name": "atlasteam-sample" + }, + "spec": { + "name": "my-team", + "usernames": [ + "username@mongodb.com" + ] + } + } + ] + capabilities: Full Lifecycle + categories: Database + description: The MongoDB Atlas Kubernetes Operator enables easy management of Clusters in MongoDB Atlas + operators.operatorframework.io/builder: operator-sdk-v1.15.0+git + operators.operatorframework.io/project_layout: go.kubebuilder.io/v2 + containerImage: mongodb/mongodb-atlas-kubernetes-operator:2.0.1 + labels: + operatorframework.io/arch.amd64: supported + operatorframework.io/arch.arm64: supported + operatorframework.io/os.linux: supported + name: mongodb-atlas-kubernetes.v2.0.1 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: AtlasBackupPolicy is the Schema for the atlasbackuppolicies API + displayName: Atlas Backup Policy + kind: AtlasBackupPolicy + name: atlasbackuppolicies.atlas.mongodb.com + version: v1 + - description: AtlasBackupSchedule is the Schema for the atlasbackupschedules API + displayName: Atlas Backup Schedule + kind: AtlasBackupSchedule + name: atlasbackupschedules.atlas.mongodb.com + version: v1 + - description: AtlasDatabaseUser is the Schema for the Atlas Database User API + displayName: Atlas Database User + kind: AtlasDatabaseUser + name: atlasdatabaseusers.atlas.mongodb.com + version: v1 + - description: AtlasDataFederation is the Schema for the Atlas Data Federation API + displayName: Atlas Data Federation + kind: AtlasDataFederation + name: atlasdatafederations.atlas.mongodb.com + version: v1 + - description: AtlasDeployment is the Schema for the atlasdeployments API + displayName: Atlas Deployment + kind: AtlasDeployment + name: atlasdeployments.atlas.mongodb.com + version: v1 + - description: AtlasFederatedAuth is the Schema for the Atlasfederatedauth API + displayName: Atlas Federated Auth + kind: AtlasFederatedAuth + name: atlasfederatedauths.atlas.mongodb.com + version: v1 + - description: AtlasProject is the Schema for the atlasprojects API + displayName: Atlas Project + kind: AtlasProject + name: atlasprojects.atlas.mongodb.com + version: v1 + - description: AtlasTeam is the Schema for the Atlas Teams API + displayName: Atlas Team + kind: AtlasTeam + name: atlasteams.atlas.mongodb.com + version: v1 + description: | + The MongoDB Atlas Operator provides a native integration between the Kubernetes orchestration platform and MongoDB Atlas — + the only multi-cloud document database service that gives you the versatility you need to build sophisticated and resilient applications that can adapt to changing customer demands and market trends. + + > Current Status: *Stable*. The Operator gives users the ability to provision + > Atlas projects, clusters and database users using Kubernetes Specifications and bind connection information + > into applications deployed to Kubernetes. + + ## Quick Start guide + ### Step 1. Deploy Kubernetes operator by clicking Install button. + + ### Step 2. Create Atlas Cluster + + **1.** Create an Atlas API Key Secret + In order to work with the Atlas Operator you need to provide [authentication information](https://docs.atlas.mongodb.com/configure-api-access) + to allow the Atlas Operator to communicate with Atlas API. Once you have generated a Public and Private key in Atlas, you can create a Kuberentes Secret with: + ``` + kubectl create secret generic mongodb-atlas-operator-api-key \ + --from-literal="orgId=" \ + --from-literal="publicApiKey=" \ + --from-literal="privateApiKey=" \ + -n openshift-operators + ``` + (Note, that you should use the namespace where the Operator was installed - it's `openshift-operators` by default) + + **2.** Create an `AtlasProject` Custom Resource + + The `AtlasProject` CustomResource represents Atlas Projects in our Kubernetes cluster. You need to specify + `projectIpAccessList` with the IP addresses or CIDR blocks of any hosts that will connect to the Atlas Cluster. + ``` + apiVersion: atlas.mongodb.com/v1 + kind: AtlasProject + metadata: + name: my-project + spec: + name: Test Atlas Operator Project + projectIpAccessList: + - ipAddress: "192.0.2.15" + comment: "IP address for Application Server A" + - cidrBlock: "203.0.113.0/24" + comment: "CIDR block for Application Server B - D" + ``` + **3.** Create an `AtlasDeployment` Custom Resource. + The example below is a minimal configuration to create an M10 Atlas cluster in the AWS US East region. For a full list of properties, check + `atlasdeployments.atlas.mongodb.com` [CRD specification](config/crd/bases/atlas.mongodb.com_atlasdeployments.yaml)): + ``` + apiVersion: atlas.mongodb.com/v1 + kind: AtlasDeployment + metadata: + name: my-atlas-cluster + spec: + name: "Test-cluster" + projectRef: + name: my-project + providerSettings: + instanceSizeName: M10 + providerName: AWS + regionName: US_EAST_1 + ``` + + **4.** Create a database user password Kubernetes Secret + The Secret must be created in the same namespace as the `AtlasDeployment` and `AtlasProject` were created. + ``` + kubectl create secret generic the-user-password --from-literal="password=P@@sword%" + ``` + + **5.** Create an `AtlasDatabaseUser` Custom Resource + + In order to connect to an Atlas Cluster the database user needs to be created. `AtlasDatabaseUser` resource should reference + the password Kubernetes Secret created in the previous step. + ``` + apiVersion: atlas.mongodb.com/v1 + kind: AtlasDatabaseUser + metadata: + name: my-database-user + spec: + roles: + - roleName: "readWriteAnyDatabase" + databaseName: "admin" + projectRef: + name: my-project + username: theuser + passwordSecretRef: + name: the-user-password + ``` + **6.** Wait for the `AtlasDatabaseUser` Custom Resource to be ready + + Wait until the AtlasDatabaseUser resource gets to "ready" status (it will wait until the cluster is created that may take around 10 minutes): + ``` + kubectl get atlasdatabaseusers my-database-user -o=jsonpath='{.status.conditions[?(@.type=="Ready")].status}' + True + ``` + ### Step 3. Connect your application to the Atlas Cluster + + The Atlas Operator will create a Kubernetes Secret with the information necessary to connect to the Atlas Cluster created + in the previous step. An application in the same Kubernetes Cluster can mount and use the Secret: + + ``` + ... + containers: + - name: test-app + env: + - name: "CONNECTION_STRING" + valueFrom: + secretKeyRef: + name: test-atlas-operator-project-test-cluster-theuser + key: connectionStringStandardSrv + + ``` + displayName: MongoDB Atlas Operator + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAEAAAABACAYAAACqaXHeAAAJEXpUWHRSYXcgcHJvZmlsZSB0eXBlIGV4aWYAAHjarVhtdiMpDPzPKfYIDUIIHYfP9/YGe/wtQXcnsZ1JMjP2xLQBg1CVSmLc+O/f6f7BiwIFF1ly0pQOvKJGDQUP+divsj79EdfnesVzCN8/9Lt7IKCL0NL+mtM5/+r39wK7KXjidwvldg7UjwN67hDyw0LnRmQWBTz0cyE9F6KwB/y5QNnHOpJmeX+EOnbbr5Pk/efsI7VjHcSfo4/fo8B7nbEPhTDI04HPQHEbQPbnHRUbwCe+YKKnjOe4ejxdlsAhr/x0vLPKPaJyP/lP+h9AobT7HTo+OjPd7ct+z6+d75aL3+1M7d75Qz/3oz4e5/qbs2c359inKzHBpek81HWU9YSJWCTS+lnCW/DHeJb1VryzA3sbIO9Hw44Vz+oDvD999N0XP/1YbfMNJsYwgqANoQEb68skQUOjwxk29vYzCCl1oBaoAV5Cb7ht8WtfXds1n7Fx95gZPBbzK9bs42+8P11oTqO890e+fQW7ggUFzDDk7BOzAIifF494Ofh6P74MVwKCvNycccBy1L1EZX9yy3hEC2jCREa7Y81LPxeAi7A3wxhPQOBIntgnf0gI4j38mIFPwUIZQRMqIPDMocPKEIkSwMnB9sZvxK+5gcPuhmYBCKZEAmiUCrCKEDbwR2IGhwoTR2ZOLJxZuSRKMXFKSZKJXxGSKCxJRLKolEw5Zs4pS84uay4alCCOrElFs6qWgk0LVi74dcGEUmqoVGPlmqrUXLWWBvq02LilJi27pq300KlDJ3rq0nPXXoYfoNKIg0caMvLQUSaoNmnGyTNNmXnqLDdq3m1Yn97fR81fqIWFlE2UGzX8VORawpucsGEGxEL0QFwMARA6GGZH9jEGZ9AZZocGRAUHWMkGTveGGBCMwwee/sbuDbkPuLkY/wi3cCHnDLq/gZwz6D5B7hm3F6h1yzbtILcQsjA0px6E8MOEkUvIxZLat1t3d9QCRxsxap9zbTJnSpC9Ujts4Njb6FI9zspJeXbVkeaYtbVJSEezUW6JaKAvwg/D5hQZLDanrtM00jbEY0rHKkDDT6qjjyI1Tvi0x0mumC00PWvDJgQFlzlr6JBLDpCAfhT8JmmB17ocZZ0GOWg/HHfrHjt+t10LAbGArAzLYWMFIjiYSgUyBMqQThxLoUockGq0iRauh56ughvMVW77wZ9+oOWHXtjDEyFKmyAyYgHI19rzRglrZxYvpcA/8Ec1h7rT63Q63Tw690qqSBQJdCs5llETtVGW9VzNejNAzPo0VWt1MD+hwMgT1lTWuj1MBWGlfqQ8kPXMvgMxs56QdF+17rOBX7WS9IlLzsj0nkswang2SsLdcyIt4xRwm+8UBaGTU0gRkaOh10kbtJLBoye6g78sscDpBA9P6YMn4ngidXfgQR1AIWLLjFyG1Mbw/UzR2d7Z2yfcx6EhKA+P6DfFAW1nywjatUeUGk5/Hc+t+2zgkxYhUnAuglk6BGE0m4lCmm4eaSwCwWjITao1orWjGS3EjpZENeNoxg6Qc0pZEYQv5m4m+E+rg/b47bE2dXwVCQDlNY2me6QRBA1iGCEhRbBjNe8F0L/N03a/bc8FWAUaKJ7FAsVBF7mPWO/Ahnz+XNZCdu86wOgwYwXw4fSOAb+8M1bowkooSoXgmAKCKaaBSwER/RBBCHJR5F0klsyWSyrl2vVkchv+ay0Z5IgTNARSNpvOJbKgdkog+dGr8b23CUVLwm3MXGAv9zf5i0grEqY2dchhniumDwkX78a3afXWuruDC3R9mMCg2ZH4pFQxsNVXIAEKVghKRpe2vqIfodLqTwXAD0EOsNTbjSm4FrCboDvIQtJa77P5ihzfpOrk0jpKqQEZ7DHj30T4X6IfnjjiviTJynfQ74d8NyRZ9rkzoXsbghrGJoIikuGb1hDza7FCQ/LrfeLpbnpOR3Asbg+2S4ERh9mALLv3h+dZXowU1hkdQYwG7ohDpp6qnEf9eXpzI9cWdmgiBua6CmmpVo28HNFiAtLnGDi/IqehYLLd3Urk7acMROiNULaywxE4lTNlYaszIj8MXSMIAxMLMiO81TxpLxc+CIX7plJ8UvScIGDEPQ49k2B8RYKHQut9i9BqjOQWhtomW3G6pguDF2NuDWpCnjZpyP5zL/y6dd8IhbzrPyQdZJhmjcKstRWoSBtK9xFbVKVqmeuN+i+Z/1TdVUuQfAgywAEVaqBb5jGvGCf+AbMfNsTNwZtkGeOslliVhF3371oCOWdAc1jWzoXOnfdCFO6VqDKjipiVCMkYgm2VSwIM1S8Fr33UuDLJhwg2GbEQRgIFRCgbAvlCuOD03tu7Qu8SSNxJSi3FYFjpE76mhtw+vUM+N0WU2lNeBwpqB4ofqpRdBsYiKONYcc3BfWosqbYCLxy8q5HfqNnu2s3qCbWCytHwsH1WvnPmihPU+zgkNxTMioQiqPKROhd1/PDXWS0Fn7nOvWNDLB3FmJYHN24vKtdqBTMuc/gFLogWAJRONyL636yEhYjY7Uv7T7q5vYnIXaXI4a12X+6Ezxni0lHxJpgdU+jNVbkDq+bfqkNeRT8KUJzPWBRn64tFuCcNAotWugWLirEIpXvd1MX+DaXc8K6Q/U9WkwT7ruqDnuh2+ukAQWQJ6SNBGIVWhI7g1qpdEMsDPMINBJBdGLWMKxhmwIhVoOPeYSGyrx28rx0dlxoL9WTGIj1ZjYIyEXV5UsKN/SqRUBi27+vRd9sa5fQjoqPf0ejoDEdZ4UjI0kdWVC3mRZArW4GP0hO6hmi+a2a6auawa2bU2YKyMMAD+2qGKrJ4lNuofE7Zhg1LnMnSI1IGDg0esfENVp1sQ7J0F91M8I1uCJakKNxHE/C0FNw+Ajg3QhWWmrsdcIR5ak2cp9aIA03kpImJTclWlaYGPtVWWk0HfmBnOq84dF1xglVxGWdK2GuVx4o8mvyRO7pD+0Up9evW/TleGy73BV77WqdpX0Is8iEsdgnx+yZeJ0hmIupmwlUcl5BT7SKus9BBm/ft6+xqXfwzibyq3OxgyhFHqt/IHuuMUMrBHLhVjyI/7AoDgDkkjh8GiTETsfU/ZHuEtrDMfYEAAAGFaUNDUElDQyBwcm9maWxlAAB4nH2RPUjDQBzFX1O1UioiVhBxyFB1sSAq4qhVKEKFUCu06mBy6YfQpCFJcXEUXAsOfixWHVycdXVwFQTBDxA3NydFFynxf2mhRYwHx/14d+9x9w4QqkWmWW1jgKbbZjIeE9OZFTHwiiD60IMRdMjMMmYlKQHP8XUPH1/vojzL+9yfo0vNWgzwicQzzDBt4nXiqU3b4LxPHGYFWSU+Jx416YLEj1xX6vzGOe+ywDPDZio5RxwmFvMtrLQwK5ga8SRxRNV0yhfSdVY5b3HWimXWuCd/YSirLy9xneYg4ljAIiSIUFDGBoqwEaVVJ8VCkvZjHv4B1y+RSyHXBhg55lGCBtn1g//B726t3MR4PSkUA9pfHOdjCAjsArWK43wfO07tBPA/A1d601+qAtOfpFeaWuQI6N4GLq6bmrIHXO4A/U+GbMqu5Kcp5HLA+xl9UwbovQWCq/XeGvs4fQBS1FXiBjg4BIbzlL3m8e7O1t7+PdPo7wdVb3KbaWTEXAAADRxpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+Cjx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IlhNUCBDb3JlIDQuNC4wLUV4aXYyIj4KIDxyZGY6UkRGIHhtbG5zOnJkZj0iaHR0cDovL3d3dy53My5vcmcvMTk5OS8wMi8yMi1yZGYtc3ludGF4LW5zIyI+CiAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgIHhtbG5zOnhtcE1NPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvbW0vIgogICAgeG1sbnM6c3RFdnQ9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZUV2ZW50IyIKICAgIHhtbG5zOmRjPSJodHRwOi8vcHVybC5vcmcvZGMvZWxlbWVudHMvMS4xLyIKICAgIHhtbG5zOkdJTVA9Imh0dHA6Ly93d3cuZ2ltcC5vcmcveG1wLyIKICAgIHhtbG5zOnRpZmY9Imh0dHA6Ly9ucy5hZG9iZS5jb20vdGlmZi8xLjAvIgogICAgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIgogICB4bXBNTTpEb2N1bWVudElEPSJnaW1wOmRvY2lkOmdpbXA6ZDk1YjhmMjctMWM0NS00YjU1LWEwZTMtNmNmMjM0Yzk1ZWVkIgogICB4bXBNTTpJbnN0YW5jZUlEPSJ4bXAuaWlkOmVhMGY5MTI5LWJlMDItNDVjOS1iNGU4LTU3N2MxZTBiZGJhNyIKICAgeG1wTU06T3JpZ2luYWxEb2N1bWVudElEPSJ4bXAuZGlkOjcyNmY4ZGFlLTM4ZTYtNGQ4Ni1hNTI4LWM0NTc4ZGE4ODA0NSIKICAgZGM6Rm9ybWF0PSJpbWFnZS9wbmciCiAgIEdJTVA6QVBJPSIyLjAiCiAgIEdJTVA6UGxhdGZvcm09Ik1hYyBPUyIKICAgR0lNUDpUaW1lU3RhbXA9IjE2MzQ4MzgwMTYyMTQ2MTMiCiAgIEdJTVA6VmVyc2lvbj0iMi4xMC4yNCIKICAgdGlmZjpPcmllbnRhdGlvbj0iMSIKICAgeG1wOkNyZWF0b3JUb29sPSJHSU1QIDIuMTAiPgogICA8eG1wTU06SGlzdG9yeT4KICAgIDxyZGY6U2VxPgogICAgIDxyZGY6bGkKICAgICAgc3RFdnQ6YWN0aW9uPSJzYXZlZCIKICAgICAgc3RFdnQ6Y2hhbmdlZD0iLyIKICAgICAgc3RFdnQ6aW5zdGFuY2VJRD0ieG1wLmlpZDo1YWNhZmVhMC0xZmY5LTRiMmUtYmY0NC02NTM3MzYwMGQzNjEiCiAgICAgIHN0RXZ0OnNvZnR3YXJlQWdlbnQ9IkdpbXAgMi4xMCAoTWFjIE9TKSIKICAgICAgc3RFdnQ6d2hlbj0iMjAyMS0xMC0yMVQxODo0MDoxNiswMTowMCIvPgogICAgPC9yZGY6U2VxPgogICA8L3htcE1NOkhpc3Rvcnk+CiAgPC9yZGY6RGVzY3JpcHRpb24+CiA8L3JkZjpSREY+CjwveDp4bXBtZXRhPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgCjw/eHBhY2tldCBlbmQ9InciPz6528V0AAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAABYlAAAWJQFJUiTwAAAAB3RJTUUH5QoVESgQ+iToFAAAA8xJREFUeNrlW01PU0EUPTPV+oqb4h+wENYKXbmzsjLEKPAHwB1xQ6N7adiboBtrSAT5AaQmBpuYSN25MS17k5Zf0MemFGznungttCkf782bmTels2w6mbnnnnPv3DvzYrBhrMytIT01gz9/f5temkVv/NMUwKsg1MFEGvlizeTy3ALj9zuuGAf4T2QzydEBACwHINXzwwSOE29N7iAWqe7BsoOYsEdITx2ZigcsIupnzqh/8SC0/6Wx+aNy8yTg6X7rWsfEbu96/71JAGQzyY7n/Rg2AcZ3dQdFswA0Exs+je8KYUZ3UDQXA1bmlgFsScwkMFrEx++F4QXgPN/LaZpQR6IxiY2SO6QSGMj3Qd00jpPE5+FkgDz1B3kAMYt8sTQ8AGQzSTTHyqG83z+qcBpplVLQK4Hm2KpC473U2BzLDgcDwgY+QwFRIwP4knLjuwFRIQv0MGB5PgnntKwFAMUs0MMA53Rem/Ge25I4ufvCXgkQVrVXsSSW7JTAq7lpCJQNnK4IEJNhW2jqGdDGsrH6QrB5GyXwWMKXLoi5gdnL8dwuCXjRvy4xs0vjVGDonMa9MNlALQPiJxlJOcvruOlM2yMBzuQ3Q3Al44BFADA8lJ9LrtSKnD2wBwAhe/hhIVIZpWxiQJgG5qHkohYBoPP4q6tks2Qfh1GBzu3xhWQckM0eWgAIfprrBE+SN4LZBACTNIQzF4KO5EAnmxgQwhtckj2WMeBA8gARpqQ9sAcAAfnrbLk4QGBUsQcAHmIzXFLLrbZFDMgXS1KZoN2W1DHVwj6iUH8O4FQKPCcWc3t6AkGCTin0dpUDQPhq6OREgNixD4BmvBBYBlKNTaqpuChVD8B2wQWj98EnOrVA3hf4YHExJLb1l3FUsBeAfLEG0Bef//Y8H28FqSW2VT2p1VgNUi5QLKC4z1qCqoBYt78fkC/WfMWCwMUM21H5oFrzA4n4xrUt724xQy0fxRRVkd/LKQ0lWgHYLrgAvfQXN1vXSYAAmlUeS7VH63yxBMIVUvDdB1jX8S2BmZbYp70scNkRmXtXaQkOXN4b3FJNfbMAAEDzzoLcFRhV4TReaztOGAPAiwdPLgDh8OqUR7M6XoiaB6CbGtts4cLzwbtv1N8Z7hiv+Rsi823xzb0KRB8T7gMA3jxj59dcZoz3snBUY+VpCmD7nautXGcva2Aog8Siqa/Hov1sbuAxJZXgHC/o1Hz0Ehgsmn71/FIxaXz0AAwS8sj0ihYAcBb5CVJ9weFnwLnR1K6PHgC9FyJsFCVwq+9afAQlIITbnxXMjv+6222dh4/VtAAAAABJRU5ErkJggg== + mediatype: image/png + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - atlas.mongodb.com + resources: + - atlasbackuppolicies + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - atlas.mongodb.com + resources: + - atlasbackuppolicies/status + verbs: + - get + - patch + - update + - apiGroups: + - atlas.mongodb.com + resources: + - atlasbackupschedules + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - atlas.mongodb.com + resources: + - atlasbackupschedules/status + verbs: + - get + - patch + - update + - apiGroups: + - atlas.mongodb.com + resources: + - atlasdatabaseusers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - atlas.mongodb.com + resources: + - atlasdatabaseusers/status + verbs: + - get + - patch + - update + - apiGroups: + - atlas.mongodb.com + resources: + - atlasdatafederations + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - atlas.mongodb.com + resources: + - atlasdatafederations/status + verbs: + - get + - patch + - update + - apiGroups: + - atlas.mongodb.com + resources: + - atlasdeployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - atlas.mongodb.com + resources: + - atlasdeployments/status + verbs: + - get + - patch + - update + - apiGroups: + - atlas.mongodb.com + resources: + - atlasprojects + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - atlas.mongodb.com + resources: + - atlasprojects/status + verbs: + - get + - patch + - update + - apiGroups: + - atlas.mongodb.com + resources: + - atlasteams + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - atlas.mongodb.com + resources: + - atlasteams/status + verbs: + - get + - patch + - update + - apiGroups: + - atlas.mongodb.com + resources: + - atlasfederatedauths + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - atlas.mongodb.com + resources: + - atlasfederatedauths/status + verbs: + - get + - patch + - update + serviceAccountName: mongodb-atlas-operator + deployments: + - name: mongodb-atlas-operator + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: mongodb-atlas-kubernetes-operator + app.kubernetes.io/name: mongodb-atlas-kubernetes-operator + strategy: {} + template: + metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: mongodb-atlas-kubernetes-operator + app.kubernetes.io/name: mongodb-atlas-kubernetes-operator + spec: + containers: + - args: + - --atlas-domain=https://cloud.mongodb.com/ + - --leader-elect + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --log-level=info + - --log-encoder=json + command: + - /manager + env: + - name: OPERATOR_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + image: mongodb/mongodb-atlas-kubernetes-operator:2.0.1 + imagePullPolicy: Always + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 100m + memory: 50Mi + securityContext: + allowPrivilegeEscalation: false + serviceAccountName: mongodb-atlas-operator + terminationGracePeriodSeconds: 10 + permissions: + - rules: + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + serviceAccountName: mongodb-atlas-operator + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: true + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - MongoDB + - Atlas + - Database + - Replica Set + - Cluster + links: + - name: MongoDB Atlas Kubernetes + url: https://github.com/mongodb/mongodb-atlas-kubernetes + maintainers: + - email: support@mongodb.com + name: MongoDB, Inc + maturity: beta + provider: + name: MongoDB, Inc + version: 2.0.1 + replaces: mongodb-atlas-kubernetes.v2.0.0 diff --git a/operators/mongodb-atlas-kubernetes/2.0.1/manifests/mongodb-atlas-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/mongodb-atlas-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..764c59c9c6c --- /dev/null +++ b/operators/mongodb-atlas-kubernetes/2.0.1/manifests/mongodb-atlas-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,10 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: mongodb-atlas-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get diff --git a/operators/mongodb-atlas-kubernetes/2.0.1/metadata/annotations.yaml b/operators/mongodb-atlas-kubernetes/2.0.1/metadata/annotations.yaml new file mode 100644 index 00000000000..dae31a6cbe8 --- /dev/null +++ b/operators/mongodb-atlas-kubernetes/2.0.1/metadata/annotations.yaml @@ -0,0 +1,15 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: mongodb-atlas-kubernetes + operators.operatorframework.io.bundle.channels.v1: stable + operators.operatorframework.io.bundle.channel.default.v1: stable + operators.operatorframework.io.metrics.builder: operator-sdk-v1.15.0+git + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v2 + + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ diff --git a/operators/mongodb-atlas-kubernetes/2.0.1/tests/scorecard/config.yaml b/operators/mongodb-atlas-kubernetes/2.0.1/tests/scorecard/config.yaml new file mode 100644 index 00000000000..ffc0447e073 --- /dev/null +++ b/operators/mongodb-atlas-kubernetes/2.0.1/tests/scorecard/config.yaml @@ -0,0 +1,70 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-resources + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: olm + test: olm-crds-have-resources-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: olm + test: olm-spec-descriptors-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-status-descriptors + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: olm + test: olm-status-descriptors-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {}