├── .github └── workflows │ ├── bundle.yaml │ ├── ci.yaml │ └── release.yaml ├── .gitignore ├── .mailmap ├── Dockerfile ├── LICENSE ├── Makefile ├── PROJECT ├── README.md ├── bundle.Dockerfile ├── bundle ├── ci.yaml ├── manifests │ ├── helm.mariadb.mmontes.io_mariadboperators.yaml │ ├── k8s.mariadb.com_backups.yaml │ ├── k8s.mariadb.com_connections.yaml │ ├── k8s.mariadb.com_databases.yaml │ ├── k8s.mariadb.com_grants.yaml │ ├── k8s.mariadb.com_mariadbs.yaml │ ├── k8s.mariadb.com_maxscales.yaml │ ├── k8s.mariadb.com_restores.yaml │ ├── k8s.mariadb.com_sqljobs.yaml │ ├── k8s.mariadb.com_users.yaml │ └── mariadb-operator.clusterserviceversion.yaml ├── metadata │ └── annotations.yaml └── tests │ └── scorecard │ └── config.yaml ├── config ├── crd │ ├── bases │ │ └── helm.mariadb.mmontes.io_mariadboperators.yaml │ └── kustomization.yaml ├── default │ └── kustomization.yaml ├── manager │ ├── kustomization.yaml │ └── manager.yaml ├── manifests │ ├── bases │ │ └── mariadb-operator.clusterserviceversion.yaml │ ├── crds │ │ └── crds.yaml │ └── kustomization.yaml ├── prometheus │ ├── kustomization.yaml │ └── monitor.yaml ├── rbac │ ├── kustomization.yaml │ ├── leader_election_role.yaml │ ├── leader_election_role_binding.yaml │ ├── mariadboperator_editor_role.yaml │ ├── mariadboperator_viewer_role.yaml │ ├── role.yaml │ ├── role_binding.yaml │ └── service_account.yaml ├── samples │ ├── backup.yaml │ ├── connection.yaml │ ├── database.yaml │ ├── grant.yaml │ ├── kustomization.yaml │ ├── mariadb.yaml │ ├── mariadboperator.yaml │ ├── maxscale.yaml │ ├── restore.yaml │ ├── sqljob.yaml │ └── user.yaml └── scorecard │ ├── bases │ └── config.yaml │ ├── kustomization.yaml │ └── patches │ ├── basic.config.yaml │ └── olm.config.yaml ├── hack ├── bump-bundle.sh └── sync-chart.sh ├── helm-charts └── README.md └── watches.yaml /.github/workflows/bundle.yaml: -------------------------------------------------------------------------------- 1 | name: Bundle 2 | 3 | on: 4 | workflow_dispatch: 5 | inputs: 6 | version: 7 | description: "Helm chart version used to bump the bundle" 8 | required: true 9 | type: string 10 | 11 | jobs: 12 | bump: 13 | name: Bump 14 | runs-on: ubuntu-latest 15 | steps: 16 | - name: Checkout 17 | uses: actions/checkout@v3 18 | with: 19 | fetch-depth: 0 20 | token: "${{ secrets.GHA_TOKEN }}" 21 | 22 | - name: Bump bundle 23 | run: ./hack/bump-bundle.sh "${{ inputs.version }}" 24 | -------------------------------------------------------------------------------- /.github/workflows/ci.yaml: -------------------------------------------------------------------------------- 1 | name: CI 2 | 3 | on: 4 | push: 5 | branches: 6 | - main 7 | pull_request: {} 8 | 9 | jobs: 10 | detect-noop: 11 | name: Detect noop 12 | runs-on: ubuntu-latest 13 | outputs: 14 | noop: ${{ steps.noop.outputs.should_skip }} 15 | steps: 16 | - name: Detect no-op changes 17 | id: noop 18 | uses: fkirc/skip-duplicate-actions@v5.3.0 19 | with: 20 | github_token: ${{ secrets.GITHUB_TOKEN }} 21 | paths_ignore: '["**.md"]' 22 | concurrent_skipping: false 23 | 24 | operator: 25 | name: Operator 26 | runs-on: ubuntu-latest 27 | needs: detect-noop 28 | if: ${{ needs.detect-noop.outputs.noop != 'true' }} 29 | steps: 30 | - name: Checkout code 31 | uses: actions/checkout@v3 32 | 33 | - name: Build 34 | run: make docker-build 35 | 36 | bundle: 37 | name: Bundle 38 | runs-on: ubuntu-latest 39 | needs: detect-noop 40 | if: ${{ needs.detect-noop.outputs.noop != 'true' }} 41 | steps: 42 | - name: Checkout code 43 | uses: actions/checkout@v3 44 | 45 | - name: Build 46 | run: make bundle-build 47 | -------------------------------------------------------------------------------- /.github/workflows/release.yaml: -------------------------------------------------------------------------------- 1 | name: Release 2 | 3 | on: 4 | push: 5 | tags: 6 | - "*" 7 | 8 | jobs: 9 | version: 10 | name: Version 11 | runs-on: ubuntu-latest 12 | outputs: 13 | build_date: ${{ steps.version.outputs.buid_date }} 14 | version: ${{ steps.version.outputs.version }} 15 | steps: 16 | - name: Checkout 17 | uses: actions/checkout@v3 18 | with: 19 | fetch-depth: 0 20 | 21 | - name: Fetch tags 22 | run: git fetch --force --tags 23 | 24 | - name: Get Version 25 | id: version 26 | run: | 27 | VERSION=sha-${GITHUB_SHA::8} 28 | if [[ $GITHUB_REF == refs/tags/* ]]; then 29 | VERSION=${GITHUB_REF/refs\/tags\//} 30 | fi 31 | echo "build_date=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT 32 | echo "version=${VERSION}" >> $GITHUB_OUTPUT 33 | 34 | operator: 35 | name: Operator 36 | runs-on: ubuntu-latest 37 | needs: 38 | - version 39 | steps: 40 | - name: Checkout 41 | uses: actions/checkout@v2 42 | with: 43 | fetch-depth: 0 44 | 45 | - name: Fetch tags 46 | run: git fetch --force --tags 47 | 48 | - name: Setup QEMU 49 | uses: docker/setup-qemu-action@v2 50 | 51 | - name: Setup Docker Buildx 52 | uses: docker/setup-buildx-action@v2 53 | id: buildx 54 | 55 | - name: Login to container Registry 56 | uses: docker/login-action@v2 57 | with: 58 | username: ${{ github.repository_owner }} 59 | password: ${{ secrets.GHA_TOKEN }} 60 | registry: ghcr.io 61 | 62 | - name: Sync chart 63 | run: make sync-chart 64 | env: 65 | VERSION: "${{ needs.version.outputs.version }}" 66 | 67 | - name: Publish operator image 68 | uses: docker/build-push-action@v2 69 | with: 70 | push: true 71 | builder: ${{ steps.buildx.outputs.name }} 72 | context: . 73 | file: ./Dockerfile 74 | platforms: linux/arm64,linux/amd64 75 | tags: | 76 | ghcr.io/${{ github.repository_owner }}/mariadb-operator-helm:${{ needs.version.outputs.version }} 77 | ghcr.io/${{ github.repository_owner }}/mariadb-operator-helm:latest 78 | labels: | 79 | org.opencontainers.image.title=${{ github.event.repository.name }} 80 | org.opencontainers.image.description=${{ github.event.repository.description }} 81 | org.opencontainers.image.source=${{ github.event.repository.html_url }} 82 | org.opencontainers.image.url=${{ github.event.repository.html_url }} 83 | org.opencontainers.image.revision=${{ github.sha }} 84 | org.opencontainers.image.version=${{ needs.version.outputs.version }} 85 | org.opencontainers.image.created=${{ needs.version.outputs.build_date }} 86 | 87 | bundle: 88 | name: Bundle 89 | runs-on: ubuntu-latest 90 | needs: 91 | - version 92 | steps: 93 | - name: Checkout 94 | uses: actions/checkout@v2 95 | with: 96 | fetch-depth: 0 97 | 98 | - name: Fetch tags 99 | run: git fetch --force --tags 100 | 101 | - name: Setup QEMU 102 | uses: docker/setup-qemu-action@v2 103 | 104 | - name: Setup Docker Buildx 105 | uses: docker/setup-buildx-action@v2 106 | id: buildx 107 | 108 | - name: Login to container Registry 109 | uses: docker/login-action@v2 110 | with: 111 | username: ${{ github.repository_owner }} 112 | password: ${{ secrets.GHA_TOKEN }} 113 | registry: ghcr.io 114 | 115 | - name: Publish operator image 116 | uses: docker/build-push-action@v2 117 | with: 118 | push: true 119 | builder: ${{ steps.buildx.outputs.name }} 120 | context: . 121 | file: ./bundle.Dockerfile 122 | platforms: linux/arm64,linux/amd64 123 | tags: | 124 | ghcr.io/${{ github.repository_owner }}/mariadb-operator-helm-bundle:${{ needs.version.outputs.version }} 125 | ghcr.io/${{ github.repository_owner }}/mariadb-operator-helm-bundle:latest 126 | labels: | 127 | org.opencontainers.image.title=${{ github.event.repository.name }} 128 | org.opencontainers.image.description=${{ github.event.repository.description }} 129 | org.opencontainers.image.source=${{ github.event.repository.html_url }} 130 | org.opencontainers.image.url=${{ github.event.repository.html_url }} 131 | org.opencontainers.image.revision=${{ github.sha }} 132 | org.opencontainers.image.version=${{ needs.version.outputs.version }} 133 | org.opencontainers.image.created=${{ needs.version.outputs.build_date }} 134 | 135 | operatorhub: 136 | name: OperatorHub 137 | runs-on: ubuntu-latest 138 | needs: 139 | - version 140 | - operator 141 | - bundle 142 | steps: 143 | - name: Checkout 144 | uses: actions/checkout@v4 145 | with: 146 | fetch-depth: 0 147 | 148 | - name: Operator PR 149 | uses: mariadb-operator/openshift-operator-pr@v1 150 | env: 151 | GITHUB_TOKEN: "${{ secrets.GHA_TOKEN }}" 152 | with: 153 | name: "mariadb-operator" 154 | version: "${{ needs.version.outputs.version }}" 155 | fork-repo-name: "mariadb-operator/community-operators" 156 | upstream-repo-name: "k8s-operatorhub/community-operators" 157 | bundle-path-dir: "bundle" 158 | ci-path-file: "bundle/ci.yaml" 159 | user-name: "Martin Montes" 160 | user-email: "martin11lrx@gmail.com" 161 | 162 | openshift: 163 | name: OpenShift 164 | runs-on: ubuntu-latest 165 | needs: 166 | - version 167 | - operator 168 | - bundle 169 | - operatorhub 170 | steps: 171 | - name: Checkout 172 | uses: actions/checkout@v4 173 | with: 174 | fetch-depth: 0 175 | 176 | - name: Operator PR 177 | uses: mariadb-operator/openshift-operator-pr@v1 178 | env: 179 | GITHUB_TOKEN: "${{ secrets.GHA_TOKEN }}" 180 | with: 181 | name: "mariadb-operator" 182 | version: "${{ needs.version.outputs.version }}" 183 | fork-repo-name: "mariadb-operator/community-operators-prod" 184 | upstream-repo-name: "redhat-openshift-ecosystem/community-operators-prod" 185 | bundle-path-dir: "bundle" 186 | ci-path-file: "bundle/ci.yaml" 187 | user-name: "Martin Montes" 188 | user-email: "martin11lrx@gmail.com" -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | bin/ 2 | 3 | helm-charts/* 4 | !helm-charts/README.md 5 | 6 | community-operators/ 7 | community-operators-prod/ 8 | 9 | # Git 10 | .gitconfig 11 | -------------------------------------------------------------------------------- /.mailmap: -------------------------------------------------------------------------------- 1 | Martin Montes Martin Montes 2 | Martin Montes Martin Montes 3 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | # Build the manager binary 2 | FROM quay.io/operator-framework/helm-operator:v1.26.0 3 | 4 | ENV HOME=/opt/helm 5 | COPY watches.yaml ${HOME}/watches.yaml 6 | COPY helm-charts ${HOME}/helm-charts 7 | WORKDIR ${HOME} 8 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2023 Martín Montes 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | VERSION ?= 0.38.1 2 | 3 | CHANNELS ?= alpha 4 | BUNDLE_CHANNELS := --channels=$(CHANNELS) 5 | 6 | DEFAULT_CHANNEL ?= alpha 7 | BUNDLE_DEFAULT_CHANNEL := --default-channel=$(DEFAULT_CHANNEL) 8 | 9 | DEFAULT_PACKAGE ?= mariadb-operator 10 | BUNDLE_PACKAGE := --package=$(DEFAULT_PACKAGE) 11 | 12 | BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL) $(BUNDLE_PACKAGE) 13 | 14 | # IMAGE_TAG_BASE defines the ghcr.io namespace and part of the image name for remote images. 15 | # This variable is used to construct full image tags for bundle and catalog images. 16 | # 17 | # For example, running 'make bundle-build bundle-push catalog-build catalog-push' will build and push both 18 | # mariadb.mmontes.io/helm-operator-bundle:$VERSION and mariadb.mmontes.io/helm-operator-catalog:$VERSION. 19 | IMAGE_TAG_BASE ?= ghcr.io/mariadb-operator/mariadb-operator-helm 20 | 21 | # BUNDLE_IMG defines the image:tag used for the bundle. 22 | # You can use it as an arg. (E.g make bundle-build BUNDLE_IMG=/:) 23 | BUNDLE_IMG ?= $(IMAGE_TAG_BASE)-bundle:$(VERSION) 24 | 25 | # BUNDLE_GEN_FLAGS are the flags passed to the operator-sdk generate bundle command 26 | BUNDLE_GEN_FLAGS ?= -q --overwrite=false --version $(VERSION) $(BUNDLE_METADATA_OPTS) 27 | 28 | # USE_IMAGE_DIGESTS defines if images are resolved via tags or digests 29 | # You can enable this value if you would like to use SHA Based Digests 30 | # To enable set flag to true 31 | USE_IMAGE_DIGESTS ?= false 32 | ifeq ($(USE_IMAGE_DIGESTS), true) 33 | BUNDLE_GEN_FLAGS += --use-image-digests 34 | endif 35 | 36 | # Image URL to use all building/pushing image targets 37 | IMG ?= ghcr.io/mariadb-operator/mariadb-operator-helm:$(VERSION) 38 | 39 | .PHONY: all 40 | all: help 41 | 42 | ##@ General 43 | 44 | # The help target prints out all targets with their descriptions organized 45 | # beneath their categories. The categories are represented by '##@' and the 46 | # target descriptions by '##'. The awk commands is responsible for reading the 47 | # entire set of makefiles included in this invocation, looking for lines of the 48 | # file as xyz: ## something, and then pretty-format the target and help. Then, 49 | # if there's a line with ##@ something, that gets pretty-printed as a category. 50 | # More info on the usage of ANSI control characters for terminal formatting: 51 | # https://en.wikipedia.org/wiki/ANSI_escape_code#SGR_parameters 52 | # More info on the awk command: 53 | # http://linuxcommand.org/lc3_adv_awk.php 54 | 55 | .PHONY: help 56 | help: ## Display this help. 57 | @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf " \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) 58 | 59 | ##@ Sync 60 | 61 | .PHONY: sync-chart 62 | sync-chart: ## Sync helm chart. 63 | @./hack/sync-chart.sh $(VERSION) 64 | 65 | ##@ Build 66 | 67 | .PHONY: run 68 | run: helm-operator ## Run against the configured Kubernetes cluster in ~/.kube/config. 69 | $(HELM_OPERATOR) run 70 | 71 | .PHONY: docker-build 72 | docker-build: ## Build docker image with the manager. 73 | docker build -t ${IMG} . 74 | 75 | .PHONY: docker-push 76 | docker-push: ## Push docker image with the manager. 77 | docker push ${IMG} 78 | 79 | CLUSTER ?= mdb 80 | .PHONY: docker-load 81 | docker-load: kind ## Load docker image in KIND. 82 | $(KIND) load docker-image --name ${CLUSTER} ${IMG} 83 | 84 | # PLATFORMS defines the target platforms for the manager image be build to provide support to multiple 85 | # architectures. (i.e. make docker-buildx IMG=myregistry/mypoperator:0.0.1). To use this option you need to: 86 | # - able to use docker buildx . More info: https://docs.docker.com/build/buildx/ 87 | # - have enable BuildKit, More info: https://docs.docker.com/develop/develop-images/build_enhancements/ 88 | # - be able to push the image for your registry (i.e. if you do not inform a valid value via IMG=> than the export will fail) 89 | # To properly provided solutions that supports more than one platform you should use this option. 90 | PLATFORMS ?= linux/arm64,linux/amd64 91 | .PHONY: docker-buildx 92 | docker-buildx: ## Build and push docker image for the manager for cross-platform support. 93 | # copy existing Dockerfile and insert --platform=${BUILDPLATFORM} into Dockerfile.cross, and preserve the original Dockerfile 94 | sed -e '1 s/\(^FROM\)/FROM --platform=\$$\{BUILDPLATFORM\}/; t' -e ' 1,// s//FROM --platform=\$$\{BUILDPLATFORM\}/' Dockerfile > Dockerfile.cross 95 | - docker buildx create --name project-v3-builder 96 | docker buildx use project-v3-builder 97 | - docker buildx build --push --platform=$(PLATFORMS) --tag ${IMG} -f Dockerfile.cross . 98 | - docker buildx rm project-v3-builder 99 | rm Dockerfile.cross 100 | 101 | ##@ Deployment 102 | 103 | .PHONY: install 104 | install: kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config. 105 | $(KUSTOMIZE) build config/crd | kubectl apply -f - 106 | 107 | .PHONY: uninstall 108 | uninstall: kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config. 109 | $(KUSTOMIZE) build config/crd | kubectl delete -f - 110 | 111 | .PHONY: deploy 112 | deploy: kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config. 113 | cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} 114 | $(KUSTOMIZE) build config/default | kubectl apply -f - 115 | 116 | .PHONY: undeploy 117 | undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/config. 118 | $(KUSTOMIZE) build config/default | kubectl delete -f - 119 | 120 | OS := $(shell uname -s | tr '[:upper:]' '[:lower:]') 121 | ARCH := $(shell uname -m | sed 's/x86_64/amd64/' | sed 's/aarch64/arm64/') 122 | 123 | .PHONY: bundle 124 | bundle: operator-sdk kustomize sync-chart ## Generate bundle manifests and metadata, then validate generated files. 125 | $(OPERATOR_SDK) generate kustomize manifests -q 126 | cd config/manager && $(KUSTOMIZE) edit set image controller=$(IMG) 127 | $(YQ) e -i '.metadata.annotations.containerImage = "$(IMG)"' config/manifests/bases/mariadb-operator.clusterserviceversion.yaml 128 | $(KUSTOMIZE) build config/manifests | $(OPERATOR_SDK) generate bundle $(BUNDLE_GEN_FLAGS) 129 | $(OPERATOR_SDK) bundle validate ./bundle --select-optional suite=operatorframework 130 | 131 | .PHONY: bundle-build 132 | bundle-build: ## Build the bundle image. 133 | docker build -f bundle.Dockerfile -t $(BUNDLE_IMG) . 134 | 135 | .PHONY: bundle-push 136 | bundle-push: ## Push the bundle image. 137 | $(MAKE) docker-push IMG=$(BUNDLE_IMG) 138 | 139 | # A comma-separated list of bundle images (e.g. make catalog-build BUNDLE_IMGS=example.com/operator-bundle:v0.1.0,example.com/operator-bundle:v0.2.0). 140 | # These images MUST exist in a registry and be pull-able. 141 | BUNDLE_IMGS ?= $(BUNDLE_IMG) 142 | 143 | # The image tag given to the resulting catalog image (e.g. make catalog-build CATALOG_IMG=example.com/operator-catalog:v0.2.0). 144 | CATALOG_IMG ?= $(IMAGE_TAG_BASE)-catalog:$(VERSION) 145 | 146 | # Set CATALOG_BASE_IMG to an existing catalog image tag to add $BUNDLE_IMGS to that image. 147 | ifneq ($(origin CATALOG_BASE_IMG), undefined) 148 | FROM_INDEX_OPT := --from-index $(CATALOG_BASE_IMG) 149 | endif 150 | 151 | # Build a catalog image by adding bundle images to an empty catalog using the operator package manager tool, 'opm'. 152 | # This recipe invokes 'opm' in 'semver' bundle add mode. For more information on add modes, see: 153 | # https://github.com/operator-framework/community-operators/blob/7f1438c/docs/packaging-operator.md#updating-your-existing-operator 154 | .PHONY: catalog-build 155 | catalog-build: opm ## Build a catalog image. 156 | $(OPM) index add --container-tool docker --mode semver --tag $(CATALOG_IMG) --bundles $(BUNDLE_IMGS) $(FROM_INDEX_OPT) 157 | 158 | # Push the catalog image. 159 | .PHONY: catalog-push 160 | catalog-push: ## Push a catalog image. 161 | $(MAKE) docker-push IMG=$(CATALOG_IMG) 162 | 163 | ##@ Tooling 164 | 165 | .PHONY: kustomize 166 | KUSTOMIZE = $(shell pwd)/bin/kustomize 167 | kustomize: ## Download kustomize locally if necessary. 168 | ifeq (,$(wildcard $(KUSTOMIZE))) 169 | ifeq (,$(shell which kustomize 2>/dev/null)) 170 | @{ \ 171 | set -e ;\ 172 | mkdir -p $(dir $(KUSTOMIZE)) ;\ 173 | curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v4.5.7/kustomize_v4.5.7_$(OS)_$(ARCH).tar.gz | \ 174 | tar xzf - -C bin/ ;\ 175 | } 176 | else 177 | KUSTOMIZE = $(shell which kustomize) 178 | endif 179 | endif 180 | 181 | .PHONY: helm-operator 182 | HELM_OPERATOR = $(shell pwd)/bin/helm-operator 183 | helm-operator: ## Download helm-operator locally if necessary, preferring the $(pwd)/bin path over global if both exist. 184 | ifeq (,$(wildcard $(HELM_OPERATOR))) 185 | ifeq (,$(shell which helm-operator 2>/dev/null)) 186 | @{ \ 187 | set -e ;\ 188 | mkdir -p $(dir $(HELM_OPERATOR)) ;\ 189 | curl -sSLo $(HELM_OPERATOR) https://github.com/operator-framework/operator-sdk/releases/download/v1.26.0/helm-operator_$(OS)_$(ARCH) ;\ 190 | chmod +x $(HELM_OPERATOR) ;\ 191 | } 192 | else 193 | HELM_OPERATOR = $(shell which helm-operator) 194 | endif 195 | endif 196 | 197 | OPERATOR_SDK_RELEASE = v1.26.0 198 | OPERATOR_SDK = $(shell pwd)/bin/operator-sdk-$(OPERATOR_SDK_RELEASE) 199 | OPERATOR_SDK_DL_URL = https://github.com/operator-framework/operator-sdk/releases/download/$(OPERATOR_SDK_RELEASE)/operator-sdk_$(OS)_$(ARCH) 200 | .PHONY: operator-sdk 201 | operator-sdk: 202 | ifeq (,$(wildcard $(OPERATOR_SDK))) 203 | ifeq (,$(shell which $(OPERATOR_SDK) 2>/dev/null)) 204 | @{ \ 205 | set -e ;\ 206 | mkdir -p $(shell pwd)/bin ;\ 207 | curl -sL -o $(OPERATOR_SDK) $(OPERATOR_SDK_DL_URL) ;\ 208 | chmod +x $(OPERATOR_SDK) ;\ 209 | } 210 | else 211 | OPERATOR_SDK = $(shell which $(OPERATOR_SDK)) 212 | endif 213 | endif 214 | 215 | .PHONY: yq 216 | YQ = $(shell pwd)/bin/yq 217 | yq: ## Download yq locally if necessary. 218 | ifeq (,$(wildcard $(YQ))) 219 | ifeq (,$(shell which yq 2>/dev/null)) 220 | @{ \ 221 | set -e ;\ 222 | mkdir -p $(dir $(YQ)) ;\ 223 | curl -sSLo - https://github.com/mikefarah/yq/releases/download/v4.16.1/yq_linux_amd64.tar.gz | \ 224 | tar xzf - -C bin/ ;\ 225 | mv bin/yq_linux_amd64 bin/yq ;\ 226 | } 227 | else 228 | YQ = $(shell which yq) 229 | endif 230 | endif 231 | 232 | .PHONY: opm 233 | OPM = ./bin/opm 234 | opm: ## Download opm locally if necessary. 235 | ifeq (,$(wildcard $(OPM))) 236 | ifeq (,$(shell which opm 2>/dev/null)) 237 | @{ \ 238 | set -e ;\ 239 | mkdir -p $(dir $(OPM)) ;\ 240 | curl -sSLo $(OPM) https://github.com/operator-framework/operator-registry/releases/download/v1.23.0/$(OS)-$(ARCH)-opm ;\ 241 | chmod +x $(OPM) ;\ 242 | } 243 | else 244 | OPM = $(shell which opm) 245 | endif 246 | endif 247 | 248 | LOCALBIN ?= $(shell pwd)/bin 249 | $(LOCALBIN): 250 | mkdir -p $(LOCALBIN) 251 | 252 | .PHONY: kind 253 | KIND = ./bin/kind 254 | KIND_VERSION ?= 0.38.1 255 | kind: ## Download kind locally if necessary. 256 | ifeq (,$(wildcard $(KIND))) 257 | ifeq (,$(shell which kind 2>/dev/null)) 258 | @{ \ 259 | set -e ;\ 260 | mkdir -p $(dir $(KIND)) ;\ 261 | GOBIN=$(LOCALBIN) go install sigs.k8s.io/kind@$(KIND_VERSION) ;\ 262 | chmod +x $(KIND) ;\ 263 | } 264 | else 265 | KIND = $(shell which kind) 266 | endif 267 | endif 268 | -------------------------------------------------------------------------------- /PROJECT: -------------------------------------------------------------------------------- 1 | domain: mariadb.mmontes.io 2 | layout: 3 | - helm.sdk.operatorframework.io/v1 4 | plugins: 5 | manifests.sdk.operatorframework.io/v2: {} 6 | scorecard.sdk.operatorframework.io/v2: {} 7 | projectName: mariadb-operator 8 | resources: 9 | - api: 10 | crdVersion: v1 11 | namespaced: true 12 | domain: mariadb.mmontes.io 13 | group: helm 14 | kind: MariadbOperator 15 | version: v1alpha1 16 | version: "3" 17 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 |

2 | mariadb 3 |

4 | 5 |

6 | CI 7 | Bundle 8 | Release 9 |

10 | 11 |

12 | Slack 13 | Operator Hub 14 | Artifact Hub 15 |

16 | 17 | # 🦭 mariadb-operator-helm 18 | 19 | Install [`mariadb-operator`](https://github.com/mariadb-operator/mariadb-operator) via [OLM](https://olm.operatorframework.io/) using the [helm chart](https://artifacthub.io/packages/helm/mariadb-operator/mariadb-operator). 20 | 21 | This helm operator provides provides a 1:1 mapping between the official helm chart and the [`MariadbOperator`](https://github.com/mariadb-operator/mariadb-operator-helm/blob/main/config/samples/helm_v1alpha1_mariadboperator.yaml) CRD, allowing to install [`mariadb-operator`](https://github.com/mariadb-operator/mariadb-operator) via OLM without having to do any change in the helm chart. 22 | 23 | Normally, you would install [`mariadb-operator`](https://github.com/mariadb-operator/mariadb-operator) providing this `values.yaml` to the helm chart: 24 | ```yaml 25 | image: 26 | repository: ghcr.io/mariadb-operator/mariadb-operator 27 | pullPolicy: IfNotPresent 28 | logLevel: INFO 29 | ha: 30 | enabled: true 31 | metrics: 32 | enabled: true 33 | serviceMonitor: 34 | enabled: true 35 | webhook: 36 | cert: 37 | certManager: 38 | enabled: true 39 | ``` 40 | 41 | This helm chart installation is abstracted in the [`MariadbOperator`](https://github.com/mariadb-operator/mariadb-operator-helm/blob/main/config/samples/helm_v1alpha1_mariadboperator.yaml) CRD, which will be reconciled by the helm operator: 42 | ```yaml 43 | apiVersion: helm.mariadb.mmontes.io/v1alpha1 44 | kind: MariadbOperator 45 | metadata: 46 | name: mariadb-operator 47 | spec: 48 | image: 49 | repository: ghcr.io/mariadb-operator/mariadb-operator 50 | pullPolicy: IfNotPresent 51 | logLevel: INFO 52 | ha: 53 | enabled: true 54 | metrics: 55 | enabled: true 56 | serviceMonitor: 57 | enabled: true 58 | webhook: 59 | cert: 60 | certManager: 61 | enabled: true 62 | ``` 63 | 64 | Once you have installed the operator, you will able to install a [`MariaDB`](https://github.com/mariadb-operator/mariadb-operator/blob/main/examples/manifests/mariadb_v1alpha1_mariadb.yaml) instance. Refer to the main [`mariadb-operator`](https://github.com/mariadb-operator/mariadb-operator) documentation for getting started with the rest of CRDs. 65 | 66 | ## Documentation 67 | * [mariadb-operator](https://github.com/mariadb-operator/mariadb-operator/blob/main/README.md) 68 | * [mariadb-operator-helm](https://github.com/mariadb-operator/mariadb-operator-helm/blob/main/README.md) 69 | 70 | ## Releases 71 | This operator is automatically published in the following repositories whenever a new version of the [helm chart](https://artifacthub.io/packages/helm/mariadb-operator/mariadb-operator) is released: 72 | - [k8s-operatorhub/community-operators](https://github.com/k8s-operatorhub/community-operators) 73 | - [redhat-openshift-ecosystem/community-operators-prod](https://github.com/redhat-openshift-ecosystem/community-operators-prod) 74 | 75 | ## Roadmap 76 | Take a look at our [roadmap](https://github.com/mariadb-operator/mariadb-operator/blob/main/ROADMAP.md) and feel free to open an issue to suggest new features. 77 | 78 | ## Contributing 79 | We welcome and encourage contributions to this project! Please check our [contributing](https://github.com/mariadb-operator/mariadb-operator/blob/main/CONTRIBUTING.md) and [development](https://github.com/mariadb-operator/mariadb-operator/blob/main/docs/DEVELOPMENT.md) guides. PRs welcome! 80 | 81 | ## Community 82 | - [We Tested and Compared 6 Database Operators. The Results are In!](https://www.youtube.com/watch?v=l33pcnQ4cUQ&t=17m25s) - KubeCon EU, March 2024 83 | - [Get Started with MariaDB in Kubernetes and mariadb-operator](https://mariadb.com/resources/blog/get-started-with-mariadb-in-kubernetes-and-mariadb-operator/) - MariaDB Corporation blog, February 2024 84 | - [Run and operate MariaDB in Kubernetes with mariadb-operator](https://mariadb.org/mariadb-in-kubernetes-with-mariadb-operator/) - MariaDB Foundation blog, July 2023 85 | - [L'enfer des DB SQL sur Kubernetes face à la promesse des opérateurs](https://www.youtube.com/watch?v=d_ka7PlWo1I&t=2415s&ab_channel=KCDFrance) - KCD France, March 2023 86 | 87 | ## Get in touch 88 | Join us on Slack: **[MariaDB Community Slack](https://r.mariadb.com/join-community-slack)**. 89 | -------------------------------------------------------------------------------- /bundle.Dockerfile: -------------------------------------------------------------------------------- 1 | FROM scratch 2 | 3 | # Core bundle labels. 4 | LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 5 | LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ 6 | LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ 7 | LABEL operators.operatorframework.io.bundle.package.v1=mariadb-operator 8 | LABEL operators.operatorframework.io.bundle.channels.v1=alpha 9 | LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha 10 | LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.26.0 11 | LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 12 | LABEL operators.operatorframework.io.metrics.project_layout=helm.sdk.operatorframework.io/v1 13 | LABEL com.redhat.openshift.versions=v4.12 14 | LABEL com.redhat.delivery.operator.bundle=true 15 | LABEL com.redhat.delivery.backport=false 16 | 17 | # Labels for testing. 18 | LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1 19 | LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/ 20 | 21 | # Copy files to locations specified by labels. 22 | COPY bundle/manifests /manifests/ 23 | COPY bundle/metadata /metadata/ 24 | COPY bundle/tests/scorecard /tests/scorecard/ 25 | -------------------------------------------------------------------------------- /bundle/ci.yaml: -------------------------------------------------------------------------------- 1 | updateGraph: semver-mode 2 | addReviewers: true 3 | 4 | reviewers: 5 | - mmontes11 -------------------------------------------------------------------------------- /bundle/manifests/helm.mariadb.mmontes.io_mariadboperators.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | creationTimestamp: null 5 | name: mariadboperators.helm.mariadb.mmontes.io 6 | spec: 7 | group: helm.mariadb.mmontes.io 8 | names: 9 | kind: MariadbOperator 10 | listKind: MariadbOperatorList 11 | plural: mariadboperators 12 | singular: mariadboperator 13 | scope: Namespaced 14 | versions: 15 | - name: v1alpha1 16 | schema: 17 | openAPIV3Schema: 18 | description: MariadbOperator is the Schema for the mariadboperators API 19 | properties: 20 | apiVersion: 21 | description: 'APIVersion defines the versioned schema of this representation 22 | of an object. Servers should convert recognized schemas to the latest 23 | internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 24 | type: string 25 | kind: 26 | description: 'Kind is a string value representing the REST resource this 27 | object represents. Servers may infer this from the endpoint the client 28 | submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 29 | type: string 30 | metadata: 31 | type: object 32 | spec: 33 | description: Spec defines the desired state of MariadbOperator 34 | type: object 35 | x-kubernetes-preserve-unknown-fields: true 36 | status: 37 | description: Status defines the observed state of MariadbOperator 38 | type: object 39 | x-kubernetes-preserve-unknown-fields: true 40 | type: object 41 | served: true 42 | storage: true 43 | subresources: 44 | status: {} 45 | status: 46 | acceptedNames: 47 | kind: "" 48 | plural: "" 49 | conditions: null 50 | storedVersions: null 51 | -------------------------------------------------------------------------------- /bundle/manifests/k8s.mariadb.com_connections.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | annotations: 5 | controller-gen.kubebuilder.io/version: v0.17.2 6 | creationTimestamp: null 7 | name: connections.k8s.mariadb.com 8 | spec: 9 | group: k8s.mariadb.com 10 | names: 11 | kind: Connection 12 | listKind: ConnectionList 13 | plural: connections 14 | shortNames: 15 | - cmdb 16 | singular: connection 17 | scope: Namespaced 18 | versions: 19 | - additionalPrinterColumns: 20 | - jsonPath: .status.conditions[?(@.type=="Ready")].status 21 | name: Ready 22 | type: string 23 | - jsonPath: .status.conditions[?(@.type=="Ready")].message 24 | name: Status 25 | type: string 26 | - jsonPath: .spec.secretName 27 | name: Secret 28 | type: string 29 | - jsonPath: .metadata.creationTimestamp 30 | name: Age 31 | type: date 32 | name: v1alpha1 33 | schema: 34 | openAPIV3Schema: 35 | description: Connection is the Schema for the connections API. It is used 36 | to configure connection strings for the applications connecting to MariaDB. 37 | properties: 38 | apiVersion: 39 | description: |- 40 | APIVersion defines the versioned schema of this representation of an object. 41 | Servers should convert recognized schemas to the latest internal value, and 42 | may reject unrecognized values. 43 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 44 | type: string 45 | kind: 46 | description: |- 47 | Kind is a string value representing the REST resource this object represents. 48 | Servers may infer this from the endpoint the client submits requests to. 49 | Cannot be updated. 50 | In CamelCase. 51 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 52 | type: string 53 | metadata: 54 | type: object 55 | spec: 56 | description: ConnectionSpec defines the desired state of Connection 57 | properties: 58 | database: 59 | description: Database to use when configuring the Connection. 60 | type: string 61 | healthCheck: 62 | description: HealthCheck to be used in the Connection. 63 | properties: 64 | interval: 65 | description: Interval used to perform health checks. 66 | type: string 67 | retryInterval: 68 | description: RetryInterval is the interval used to perform health 69 | check retries. 70 | type: string 71 | type: object 72 | host: 73 | description: Host to connect to. If not provided, it defaults to the 74 | MariaDB host or to the MaxScale host. 75 | type: string 76 | mariaDbRef: 77 | description: MariaDBRef is a reference to the MariaDB to connect to. 78 | Either MariaDBRef or MaxScaleRef must be provided. 79 | properties: 80 | name: 81 | type: string 82 | namespace: 83 | type: string 84 | waitForIt: 85 | default: true 86 | description: WaitForIt indicates whether the controller using 87 | this reference should wait for MariaDB to be ready. 88 | type: boolean 89 | type: object 90 | maxScaleRef: 91 | description: MaxScaleRef is a reference to the MaxScale to connect 92 | to. Either MariaDBRef or MaxScaleRef must be provided. 93 | properties: 94 | name: 95 | type: string 96 | namespace: 97 | type: string 98 | type: object 99 | params: 100 | additionalProperties: 101 | type: string 102 | description: Params to be used in the Connection. 103 | type: object 104 | passwordSecretKeyRef: 105 | description: |- 106 | PasswordSecretKeyRef is a reference to the password to use for configuring the Connection. 107 | Either passwordSecretKeyRef or tlsClientCertSecretRef must be provided as client credentials. 108 | If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password. 109 | properties: 110 | key: 111 | type: string 112 | name: 113 | default: "" 114 | type: string 115 | required: 116 | - key 117 | type: object 118 | x-kubernetes-map-type: atomic 119 | port: 120 | description: Port to connect to. If not provided, it defaults to the 121 | MariaDB port or to the first MaxScale listener. 122 | format: int32 123 | type: integer 124 | secretName: 125 | description: SecretName to be used in the Connection. 126 | type: string 127 | secretTemplate: 128 | description: SecretTemplate to be used in the Connection. 129 | properties: 130 | databaseKey: 131 | description: DatabaseKey to be used in the Secret. 132 | type: string 133 | format: 134 | description: Format to be used in the Secret. 135 | type: string 136 | hostKey: 137 | description: HostKey to be used in the Secret. 138 | type: string 139 | key: 140 | description: Key to be used in the Secret. 141 | type: string 142 | metadata: 143 | description: Metadata to be added to the Secret object. 144 | properties: 145 | annotations: 146 | additionalProperties: 147 | type: string 148 | description: Annotations to be added to children resources. 149 | type: object 150 | labels: 151 | additionalProperties: 152 | type: string 153 | description: Labels to be added to children resources. 154 | type: object 155 | type: object 156 | passwordKey: 157 | description: PasswordKey to be used in the Secret. 158 | type: string 159 | portKey: 160 | description: PortKey to be used in the Secret. 161 | type: string 162 | usernameKey: 163 | description: UsernameKey to be used in the Secret. 164 | type: string 165 | type: object 166 | serviceName: 167 | description: ServiceName to be used in the Connection. 168 | type: string 169 | tlsClientCertSecretRef: 170 | description: |- 171 | TLSClientCertSecretRef is a reference to a Kubernetes TLS Secret used as authentication when checking the connection health. 172 | Either passwordSecretKeyRef or tlsClientCertSecretRef must be provided as client credentials. 173 | If not provided, the client certificate provided by the referred MariaDB is used if TLS is enabled. 174 | If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the client certificate. 175 | properties: 176 | name: 177 | default: "" 178 | type: string 179 | type: object 180 | username: 181 | description: Username to use for configuring the Connection. 182 | type: string 183 | required: 184 | - username 185 | type: object 186 | status: 187 | description: ConnectionStatus defines the observed state of Connection 188 | properties: 189 | conditions: 190 | description: Conditions for the Connection object. 191 | items: 192 | description: Condition contains details for one aspect of the current 193 | state of this API Resource. 194 | properties: 195 | lastTransitionTime: 196 | description: |- 197 | lastTransitionTime is the last time the condition transitioned from one status to another. 198 | This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 199 | format: date-time 200 | type: string 201 | message: 202 | description: |- 203 | message is a human readable message indicating details about the transition. 204 | This may be an empty string. 205 | maxLength: 32768 206 | type: string 207 | observedGeneration: 208 | description: |- 209 | observedGeneration represents the .metadata.generation that the condition was set based upon. 210 | For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 211 | with respect to the current state of the instance. 212 | format: int64 213 | minimum: 0 214 | type: integer 215 | reason: 216 | description: |- 217 | reason contains a programmatic identifier indicating the reason for the condition's last transition. 218 | Producers of specific condition types may define expected values and meanings for this field, 219 | and whether the values are considered a guaranteed API. 220 | The value should be a CamelCase string. 221 | This field may not be empty. 222 | maxLength: 1024 223 | minLength: 1 224 | pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 225 | type: string 226 | status: 227 | description: status of the condition, one of True, False, Unknown. 228 | enum: 229 | - "True" 230 | - "False" 231 | - Unknown 232 | type: string 233 | type: 234 | description: type of condition in CamelCase or in foo.example.com/CamelCase. 235 | maxLength: 316 236 | pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 237 | type: string 238 | required: 239 | - lastTransitionTime 240 | - message 241 | - reason 242 | - status 243 | - type 244 | type: object 245 | type: array 246 | type: object 247 | type: object 248 | served: true 249 | storage: true 250 | subresources: 251 | status: {} 252 | status: 253 | acceptedNames: 254 | kind: "" 255 | plural: "" 256 | conditions: null 257 | storedVersions: null 258 | -------------------------------------------------------------------------------- /bundle/manifests/k8s.mariadb.com_databases.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | annotations: 5 | controller-gen.kubebuilder.io/version: v0.17.2 6 | creationTimestamp: null 7 | name: databases.k8s.mariadb.com 8 | spec: 9 | group: k8s.mariadb.com 10 | names: 11 | kind: Database 12 | listKind: DatabaseList 13 | plural: databases 14 | shortNames: 15 | - dmdb 16 | singular: database 17 | scope: Namespaced 18 | versions: 19 | - additionalPrinterColumns: 20 | - jsonPath: .status.conditions[?(@.type=="Ready")].status 21 | name: Ready 22 | type: string 23 | - jsonPath: .status.conditions[?(@.type=="Ready")].message 24 | name: Status 25 | type: string 26 | - jsonPath: .spec.characterSet 27 | name: CharSet 28 | type: string 29 | - jsonPath: .spec.collate 30 | name: Collate 31 | type: string 32 | - jsonPath: .spec.mariaDbRef.name 33 | name: MariaDB 34 | type: string 35 | - jsonPath: .metadata.creationTimestamp 36 | name: Age 37 | type: date 38 | - jsonPath: .spec.name 39 | name: Name 40 | type: string 41 | name: v1alpha1 42 | schema: 43 | openAPIV3Schema: 44 | description: Database is the Schema for the databases API. It is used to define 45 | a logical database as if you were running a 'CREATE DATABASE' statement. 46 | properties: 47 | apiVersion: 48 | description: |- 49 | APIVersion defines the versioned schema of this representation of an object. 50 | Servers should convert recognized schemas to the latest internal value, and 51 | may reject unrecognized values. 52 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 53 | type: string 54 | kind: 55 | description: |- 56 | Kind is a string value representing the REST resource this object represents. 57 | Servers may infer this from the endpoint the client submits requests to. 58 | Cannot be updated. 59 | In CamelCase. 60 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 61 | type: string 62 | metadata: 63 | type: object 64 | spec: 65 | description: DatabaseSpec defines the desired state of Database 66 | properties: 67 | characterSet: 68 | default: utf8 69 | description: CharacterSet to use in the Database. 70 | type: string 71 | cleanupPolicy: 72 | description: CleanupPolicy defines the behavior for cleaning up a 73 | SQL resource. 74 | enum: 75 | - Skip 76 | - Delete 77 | type: string 78 | collate: 79 | default: utf8_general_ci 80 | description: Collate to use in the Database. 81 | type: string 82 | mariaDbRef: 83 | description: MariaDBRef is a reference to a MariaDB object. 84 | properties: 85 | name: 86 | type: string 87 | namespace: 88 | type: string 89 | waitForIt: 90 | default: true 91 | description: WaitForIt indicates whether the controller using 92 | this reference should wait for MariaDB to be ready. 93 | type: boolean 94 | type: object 95 | name: 96 | description: Name overrides the default Database name provided by 97 | metadata.name. 98 | maxLength: 80 99 | type: string 100 | requeueInterval: 101 | description: RequeueInterval is used to perform requeue reconciliations. 102 | type: string 103 | retryInterval: 104 | description: RetryInterval is the interval used to perform retries. 105 | type: string 106 | required: 107 | - mariaDbRef 108 | type: object 109 | status: 110 | description: DatabaseStatus defines the observed state of Database 111 | properties: 112 | conditions: 113 | description: Conditions for the Database object. 114 | items: 115 | description: Condition contains details for one aspect of the current 116 | state of this API Resource. 117 | properties: 118 | lastTransitionTime: 119 | description: |- 120 | lastTransitionTime is the last time the condition transitioned from one status to another. 121 | This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 122 | format: date-time 123 | type: string 124 | message: 125 | description: |- 126 | message is a human readable message indicating details about the transition. 127 | This may be an empty string. 128 | maxLength: 32768 129 | type: string 130 | observedGeneration: 131 | description: |- 132 | observedGeneration represents the .metadata.generation that the condition was set based upon. 133 | For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 134 | with respect to the current state of the instance. 135 | format: int64 136 | minimum: 0 137 | type: integer 138 | reason: 139 | description: |- 140 | reason contains a programmatic identifier indicating the reason for the condition's last transition. 141 | Producers of specific condition types may define expected values and meanings for this field, 142 | and whether the values are considered a guaranteed API. 143 | The value should be a CamelCase string. 144 | This field may not be empty. 145 | maxLength: 1024 146 | minLength: 1 147 | pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 148 | type: string 149 | status: 150 | description: status of the condition, one of True, False, Unknown. 151 | enum: 152 | - "True" 153 | - "False" 154 | - Unknown 155 | type: string 156 | type: 157 | description: type of condition in CamelCase or in foo.example.com/CamelCase. 158 | maxLength: 316 159 | pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 160 | type: string 161 | required: 162 | - lastTransitionTime 163 | - message 164 | - reason 165 | - status 166 | - type 167 | type: object 168 | type: array 169 | type: object 170 | type: object 171 | served: true 172 | storage: true 173 | subresources: 174 | status: {} 175 | status: 176 | acceptedNames: 177 | kind: "" 178 | plural: "" 179 | conditions: null 180 | storedVersions: null 181 | -------------------------------------------------------------------------------- /bundle/manifests/k8s.mariadb.com_grants.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | annotations: 5 | controller-gen.kubebuilder.io/version: v0.17.2 6 | creationTimestamp: null 7 | name: grants.k8s.mariadb.com 8 | spec: 9 | group: k8s.mariadb.com 10 | names: 11 | kind: Grant 12 | listKind: GrantList 13 | plural: grants 14 | shortNames: 15 | - gmdb 16 | singular: grant 17 | scope: Namespaced 18 | versions: 19 | - additionalPrinterColumns: 20 | - jsonPath: .status.conditions[?(@.type=="Ready")].status 21 | name: Ready 22 | type: string 23 | - jsonPath: .status.conditions[?(@.type=="Ready")].message 24 | name: Status 25 | type: string 26 | - jsonPath: .spec.database 27 | name: Database 28 | type: string 29 | - jsonPath: .spec.table 30 | name: Table 31 | type: string 32 | - jsonPath: .spec.username 33 | name: Username 34 | type: string 35 | - jsonPath: .spec.grantOption 36 | name: GrantOpt 37 | type: string 38 | - jsonPath: .spec.mariaDbRef.name 39 | name: MariaDB 40 | type: string 41 | - jsonPath: .metadata.creationTimestamp 42 | name: Age 43 | type: date 44 | name: v1alpha1 45 | schema: 46 | openAPIV3Schema: 47 | description: Grant is the Schema for the grants API. It is used to define 48 | grants as if you were running a 'GRANT' statement. 49 | properties: 50 | apiVersion: 51 | description: |- 52 | APIVersion defines the versioned schema of this representation of an object. 53 | Servers should convert recognized schemas to the latest internal value, and 54 | may reject unrecognized values. 55 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 56 | type: string 57 | kind: 58 | description: |- 59 | Kind is a string value representing the REST resource this object represents. 60 | Servers may infer this from the endpoint the client submits requests to. 61 | Cannot be updated. 62 | In CamelCase. 63 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 64 | type: string 65 | metadata: 66 | type: object 67 | spec: 68 | description: GrantSpec defines the desired state of Grant 69 | properties: 70 | cleanupPolicy: 71 | description: CleanupPolicy defines the behavior for cleaning up a 72 | SQL resource. 73 | enum: 74 | - Skip 75 | - Delete 76 | type: string 77 | database: 78 | default: '*' 79 | description: Database to use in the Grant. 80 | type: string 81 | grantOption: 82 | default: false 83 | description: GrantOption to use in the Grant. 84 | type: boolean 85 | host: 86 | description: Host to use in the Grant. It can be localhost, an IP 87 | or '%'. 88 | type: string 89 | mariaDbRef: 90 | description: MariaDBRef is a reference to a MariaDB object. 91 | properties: 92 | name: 93 | type: string 94 | namespace: 95 | type: string 96 | waitForIt: 97 | default: true 98 | description: WaitForIt indicates whether the controller using 99 | this reference should wait for MariaDB to be ready. 100 | type: boolean 101 | type: object 102 | privileges: 103 | description: Privileges to use in the Grant. 104 | items: 105 | type: string 106 | minItems: 1 107 | type: array 108 | requeueInterval: 109 | description: RequeueInterval is used to perform requeue reconciliations. 110 | type: string 111 | retryInterval: 112 | description: RetryInterval is the interval used to perform retries. 113 | type: string 114 | table: 115 | default: '*' 116 | description: Table to use in the Grant. 117 | type: string 118 | username: 119 | description: Username to use in the Grant. 120 | type: string 121 | required: 122 | - mariaDbRef 123 | - privileges 124 | - username 125 | type: object 126 | status: 127 | description: GrantStatus defines the observed state of Grant 128 | properties: 129 | conditions: 130 | description: Conditions for the Grant object. 131 | items: 132 | description: Condition contains details for one aspect of the current 133 | state of this API Resource. 134 | properties: 135 | lastTransitionTime: 136 | description: |- 137 | lastTransitionTime is the last time the condition transitioned from one status to another. 138 | This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 139 | format: date-time 140 | type: string 141 | message: 142 | description: |- 143 | message is a human readable message indicating details about the transition. 144 | This may be an empty string. 145 | maxLength: 32768 146 | type: string 147 | observedGeneration: 148 | description: |- 149 | observedGeneration represents the .metadata.generation that the condition was set based upon. 150 | For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 151 | with respect to the current state of the instance. 152 | format: int64 153 | minimum: 0 154 | type: integer 155 | reason: 156 | description: |- 157 | reason contains a programmatic identifier indicating the reason for the condition's last transition. 158 | Producers of specific condition types may define expected values and meanings for this field, 159 | and whether the values are considered a guaranteed API. 160 | The value should be a CamelCase string. 161 | This field may not be empty. 162 | maxLength: 1024 163 | minLength: 1 164 | pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 165 | type: string 166 | status: 167 | description: status of the condition, one of True, False, Unknown. 168 | enum: 169 | - "True" 170 | - "False" 171 | - Unknown 172 | type: string 173 | type: 174 | description: type of condition in CamelCase or in foo.example.com/CamelCase. 175 | maxLength: 316 176 | pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 177 | type: string 178 | required: 179 | - lastTransitionTime 180 | - message 181 | - reason 182 | - status 183 | - type 184 | type: object 185 | type: array 186 | type: object 187 | type: object 188 | served: true 189 | storage: true 190 | subresources: 191 | status: {} 192 | status: 193 | acceptedNames: 194 | kind: "" 195 | plural: "" 196 | conditions: null 197 | storedVersions: null 198 | -------------------------------------------------------------------------------- /bundle/manifests/k8s.mariadb.com_sqljobs.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | annotations: 5 | controller-gen.kubebuilder.io/version: v0.17.2 6 | creationTimestamp: null 7 | name: sqljobs.k8s.mariadb.com 8 | spec: 9 | group: k8s.mariadb.com 10 | names: 11 | kind: SqlJob 12 | listKind: SqlJobList 13 | plural: sqljobs 14 | shortNames: 15 | - smdb 16 | singular: sqljob 17 | scope: Namespaced 18 | versions: 19 | - additionalPrinterColumns: 20 | - jsonPath: .status.conditions[?(@.type=="Complete")].status 21 | name: Complete 22 | type: string 23 | - jsonPath: .status.conditions[?(@.type=="Complete")].message 24 | name: Status 25 | type: string 26 | - jsonPath: .spec.mariaDbRef.name 27 | name: MariaDB 28 | type: string 29 | - jsonPath: .metadata.creationTimestamp 30 | name: Age 31 | type: date 32 | name: v1alpha1 33 | schema: 34 | openAPIV3Schema: 35 | description: SqlJob is the Schema for the sqljobs API. It is used to run sql 36 | scripts as jobs. 37 | properties: 38 | apiVersion: 39 | description: |- 40 | APIVersion defines the versioned schema of this representation of an object. 41 | Servers should convert recognized schemas to the latest internal value, and 42 | may reject unrecognized values. 43 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 44 | type: string 45 | kind: 46 | description: |- 47 | Kind is a string value representing the REST resource this object represents. 48 | Servers may infer this from the endpoint the client submits requests to. 49 | Cannot be updated. 50 | In CamelCase. 51 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 52 | type: string 53 | metadata: 54 | type: object 55 | spec: 56 | description: SqlJobSpec defines the desired state of SqlJob 57 | properties: 58 | affinity: 59 | description: Affinity to be used in the Pod. 60 | properties: 61 | antiAffinityEnabled: 62 | description: |- 63 | AntiAffinityEnabled configures PodAntiAffinity so each Pod is scheduled in a different Node, enabling HA. 64 | Make sure you have at least as many Nodes available as the replicas to not end up with unscheduled Pods. 65 | type: boolean 66 | nodeAffinity: 67 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#nodeaffinity-v1-core' 68 | properties: 69 | preferredDuringSchedulingIgnoredDuringExecution: 70 | items: 71 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#preferredschedulingterm-v1-core' 72 | properties: 73 | preference: 74 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#nodeselectorterm-v1-core' 75 | properties: 76 | matchExpressions: 77 | items: 78 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#nodeselectorrequirement-v1-core' 79 | properties: 80 | key: 81 | type: string 82 | operator: 83 | description: |- 84 | A node selector operator is the set of operators that can be used in 85 | a node selector requirement. 86 | type: string 87 | values: 88 | items: 89 | type: string 90 | type: array 91 | x-kubernetes-list-type: atomic 92 | required: 93 | - key 94 | - operator 95 | type: object 96 | type: array 97 | x-kubernetes-list-type: atomic 98 | matchFields: 99 | items: 100 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#nodeselectorrequirement-v1-core' 101 | properties: 102 | key: 103 | type: string 104 | operator: 105 | description: |- 106 | A node selector operator is the set of operators that can be used in 107 | a node selector requirement. 108 | type: string 109 | values: 110 | items: 111 | type: string 112 | type: array 113 | x-kubernetes-list-type: atomic 114 | required: 115 | - key 116 | - operator 117 | type: object 118 | type: array 119 | x-kubernetes-list-type: atomic 120 | type: object 121 | weight: 122 | format: int32 123 | type: integer 124 | required: 125 | - preference 126 | - weight 127 | type: object 128 | type: array 129 | x-kubernetes-list-type: atomic 130 | requiredDuringSchedulingIgnoredDuringExecution: 131 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#nodeselector-v1-core' 132 | properties: 133 | nodeSelectorTerms: 134 | items: 135 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#nodeselectorterm-v1-core' 136 | properties: 137 | matchExpressions: 138 | items: 139 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#nodeselectorrequirement-v1-core' 140 | properties: 141 | key: 142 | type: string 143 | operator: 144 | description: |- 145 | A node selector operator is the set of operators that can be used in 146 | a node selector requirement. 147 | type: string 148 | values: 149 | items: 150 | type: string 151 | type: array 152 | x-kubernetes-list-type: atomic 153 | required: 154 | - key 155 | - operator 156 | type: object 157 | type: array 158 | x-kubernetes-list-type: atomic 159 | matchFields: 160 | items: 161 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#nodeselectorrequirement-v1-core' 162 | properties: 163 | key: 164 | type: string 165 | operator: 166 | description: |- 167 | A node selector operator is the set of operators that can be used in 168 | a node selector requirement. 169 | type: string 170 | values: 171 | items: 172 | type: string 173 | type: array 174 | x-kubernetes-list-type: atomic 175 | required: 176 | - key 177 | - operator 178 | type: object 179 | type: array 180 | x-kubernetes-list-type: atomic 181 | type: object 182 | type: array 183 | x-kubernetes-list-type: atomic 184 | required: 185 | - nodeSelectorTerms 186 | type: object 187 | type: object 188 | podAntiAffinity: 189 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#podantiaffinity-v1-core.' 190 | properties: 191 | preferredDuringSchedulingIgnoredDuringExecution: 192 | items: 193 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#weightedpodaffinityterm-v1-core.' 194 | properties: 195 | podAffinityTerm: 196 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#podaffinityterm-v1-core.' 197 | properties: 198 | labelSelector: 199 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#labelselector-v1-meta' 200 | properties: 201 | matchExpressions: 202 | items: 203 | description: 'Refer to the Kubernetes docs: 204 | https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#labelselectorrequirement-v1-meta' 205 | properties: 206 | key: 207 | type: string 208 | operator: 209 | description: A label selector operator 210 | is the set of operators that can be 211 | used in a selector requirement. 212 | type: string 213 | values: 214 | items: 215 | type: string 216 | type: array 217 | x-kubernetes-list-type: atomic 218 | required: 219 | - key 220 | - operator 221 | type: object 222 | type: array 223 | x-kubernetes-list-type: atomic 224 | matchLabels: 225 | additionalProperties: 226 | type: string 227 | type: object 228 | type: object 229 | topologyKey: 230 | type: string 231 | required: 232 | - topologyKey 233 | type: object 234 | weight: 235 | format: int32 236 | type: integer 237 | required: 238 | - podAffinityTerm 239 | - weight 240 | type: object 241 | type: array 242 | x-kubernetes-list-type: atomic 243 | requiredDuringSchedulingIgnoredDuringExecution: 244 | items: 245 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#podaffinityterm-v1-core.' 246 | properties: 247 | labelSelector: 248 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#labelselector-v1-meta' 249 | properties: 250 | matchExpressions: 251 | items: 252 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#labelselectorrequirement-v1-meta' 253 | properties: 254 | key: 255 | type: string 256 | operator: 257 | description: A label selector operator is 258 | the set of operators that can be used in 259 | a selector requirement. 260 | type: string 261 | values: 262 | items: 263 | type: string 264 | type: array 265 | x-kubernetes-list-type: atomic 266 | required: 267 | - key 268 | - operator 269 | type: object 270 | type: array 271 | x-kubernetes-list-type: atomic 272 | matchLabels: 273 | additionalProperties: 274 | type: string 275 | type: object 276 | type: object 277 | topologyKey: 278 | type: string 279 | required: 280 | - topologyKey 281 | type: object 282 | type: array 283 | x-kubernetes-list-type: atomic 284 | type: object 285 | type: object 286 | args: 287 | description: Args to be used in the Container. 288 | items: 289 | type: string 290 | type: array 291 | backoffLimit: 292 | default: 5 293 | description: BackoffLimit defines the maximum number of attempts to 294 | successfully execute a SqlJob. 295 | format: int32 296 | type: integer 297 | database: 298 | description: Username to be used when executing the SqlJob. 299 | type: string 300 | dependsOn: 301 | description: DependsOn defines dependencies with other SqlJob objectecs. 302 | items: 303 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#localobjectreference-v1-core.' 304 | properties: 305 | name: 306 | default: "" 307 | type: string 308 | type: object 309 | type: array 310 | failedJobsHistoryLimit: 311 | description: FailedJobsHistoryLimit defines the maximum number of 312 | failed Jobs to be displayed. 313 | format: int32 314 | minimum: 0 315 | type: integer 316 | imagePullSecrets: 317 | description: ImagePullSecrets is the list of pull Secrets to be used 318 | to pull the image. 319 | items: 320 | description: 'Refer to the Kubernetes docs: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#localobjectreference-v1-core.' 321 | properties: 322 | name: 323 | default: "" 324 | type: string 325 | type: object 326 | type: array 327 | inheritMetadata: 328 | description: InheritMetadata defines the metadata to be inherited 329 | by children resources. 330 | properties: 331 | annotations: 332 | additionalProperties: 333 | type: string 334 | description: Annotations to be added to children resources. 335 | type: object 336 | labels: 337 | additionalProperties: 338 | type: string 339 | description: Labels to be added to children resources. 340 | type: object 341 | type: object 342 | mariaDbRef: 343 | description: MariaDBRef is a reference to a MariaDB object. 344 | properties: 345 | name: 346 | type: string 347 | namespace: 348 | type: string 349 | waitForIt: 350 | default: true 351 | description: WaitForIt indicates whether the controller using 352 | this reference should wait for MariaDB to be ready. 353 | type: boolean 354 | type: object 355 | nodeSelector: 356 | additionalProperties: 357 | type: string 358 | description: NodeSelector to be used in the Pod. 359 | type: object 360 | passwordSecretKeyRef: 361 | description: UserPasswordSecretKeyRef is a reference to the impersonated 362 | user's password to be used when executing the SqlJob. 363 | properties: 364 | key: 365 | type: string 366 | name: 367 | default: "" 368 | type: string 369 | required: 370 | - key 371 | type: object 372 | x-kubernetes-map-type: atomic 373 | podMetadata: 374 | description: PodMetadata defines extra metadata for the Pod. 375 | properties: 376 | annotations: 377 | additionalProperties: 378 | type: string 379 | description: Annotations to be added to children resources. 380 | type: object 381 | labels: 382 | additionalProperties: 383 | type: string 384 | description: Labels to be added to children resources. 385 | type: object 386 | type: object 387 | podSecurityContext: 388 | description: SecurityContext holds pod-level security attributes and 389 | common container settings. 390 | properties: 391 | appArmorProfile: 392 | description: AppArmorProfile defines a pod or container's AppArmor 393 | settings. 394 | properties: 395 | localhostProfile: 396 | description: |- 397 | localhostProfile indicates a profile loaded on the node that should be used. 398 | The profile must be preconfigured on the node to work. 399 | Must match the loaded name of the profile. 400 | Must be set if and only if type is "Localhost". 401 | type: string 402 | type: 403 | description: |- 404 | type indicates which kind of AppArmor profile will be applied. 405 | Valid options are: 406 | Localhost - a profile pre-loaded on the node. 407 | RuntimeDefault - the container runtime's default profile. 408 | Unconfined - no AppArmor enforcement. 409 | type: string 410 | required: 411 | - type 412 | type: object 413 | fsGroup: 414 | format: int64 415 | type: integer 416 | fsGroupChangePolicy: 417 | description: |- 418 | PodFSGroupChangePolicy holds policies that will be used for applying fsGroup to a volume 419 | when volume is mounted. 420 | type: string 421 | runAsGroup: 422 | format: int64 423 | type: integer 424 | runAsNonRoot: 425 | type: boolean 426 | runAsUser: 427 | format: int64 428 | type: integer 429 | seLinuxOptions: 430 | description: SELinuxOptions are the labels to be applied to the 431 | container 432 | properties: 433 | level: 434 | description: Level is SELinux level label that applies to 435 | the container. 436 | type: string 437 | role: 438 | description: Role is a SELinux role label that applies to 439 | the container. 440 | type: string 441 | type: 442 | description: Type is a SELinux type label that applies to 443 | the container. 444 | type: string 445 | user: 446 | description: User is a SELinux user label that applies to 447 | the container. 448 | type: string 449 | type: object 450 | seccompProfile: 451 | description: |- 452 | SeccompProfile defines a pod/container's seccomp profile settings. 453 | Only one profile source may be set. 454 | properties: 455 | localhostProfile: 456 | description: |- 457 | localhostProfile indicates a profile defined in a file on the node should be used. 458 | The profile must be preconfigured on the node to work. 459 | Must be a descending path, relative to the kubelet's configured seccomp profile location. 460 | Must be set if type is "Localhost". Must NOT be set for any other type. 461 | type: string 462 | type: 463 | description: |- 464 | type indicates which kind of seccomp profile will be applied. 465 | Valid options are: 466 | 467 | Localhost - a profile defined in a file on the node should be used. 468 | RuntimeDefault - the container runtime default profile should be used. 469 | Unconfined - no profile should be applied. 470 | type: string 471 | required: 472 | - type 473 | type: object 474 | supplementalGroups: 475 | items: 476 | format: int64 477 | type: integer 478 | type: array 479 | x-kubernetes-list-type: atomic 480 | type: object 481 | priorityClassName: 482 | description: PriorityClassName to be used in the Pod. 483 | type: string 484 | resources: 485 | description: Resouces describes the compute resource requirements. 486 | properties: 487 | limits: 488 | additionalProperties: 489 | anyOf: 490 | - type: integer 491 | - type: string 492 | pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 493 | x-kubernetes-int-or-string: true 494 | description: ResourceList is a set of (resource name, quantity) 495 | pairs. 496 | type: object 497 | requests: 498 | additionalProperties: 499 | anyOf: 500 | - type: integer 501 | - type: string 502 | pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ 503 | x-kubernetes-int-or-string: true 504 | description: ResourceList is a set of (resource name, quantity) 505 | pairs. 506 | type: object 507 | type: object 508 | restartPolicy: 509 | default: OnFailure 510 | description: RestartPolicy to be added to the SqlJob Pod. 511 | enum: 512 | - Always 513 | - OnFailure 514 | - Never 515 | type: string 516 | schedule: 517 | description: Schedule defines when the SqlJob will be executed. 518 | properties: 519 | cron: 520 | description: Cron is a cron expression that defines the schedule. 521 | type: string 522 | suspend: 523 | default: false 524 | description: Suspend defines whether the schedule is active or 525 | not. 526 | type: boolean 527 | required: 528 | - cron 529 | type: object 530 | securityContext: 531 | description: SecurityContext holds security configuration that will 532 | be applied to a container. 533 | properties: 534 | allowPrivilegeEscalation: 535 | type: boolean 536 | capabilities: 537 | description: Adds and removes POSIX capabilities from running 538 | containers. 539 | properties: 540 | add: 541 | description: Added capabilities 542 | items: 543 | description: Capability represent POSIX capabilities type 544 | type: string 545 | type: array 546 | x-kubernetes-list-type: atomic 547 | drop: 548 | description: Removed capabilities 549 | items: 550 | description: Capability represent POSIX capabilities type 551 | type: string 552 | type: array 553 | x-kubernetes-list-type: atomic 554 | type: object 555 | privileged: 556 | type: boolean 557 | readOnlyRootFilesystem: 558 | type: boolean 559 | runAsGroup: 560 | format: int64 561 | type: integer 562 | runAsNonRoot: 563 | type: boolean 564 | runAsUser: 565 | format: int64 566 | type: integer 567 | type: object 568 | serviceAccountName: 569 | description: ServiceAccountName is the name of the ServiceAccount 570 | to be used by the Pods. 571 | type: string 572 | sql: 573 | description: Sql is the script to be executed by the SqlJob. 574 | type: string 575 | sqlConfigMapKeyRef: 576 | description: |- 577 | SqlConfigMapKeyRef is a reference to a ConfigMap containing the Sql script. 578 | It is defaulted to a ConfigMap with the contents of the Sql field. 579 | properties: 580 | key: 581 | type: string 582 | name: 583 | default: "" 584 | type: string 585 | required: 586 | - key 587 | type: object 588 | x-kubernetes-map-type: atomic 589 | successfulJobsHistoryLimit: 590 | description: SuccessfulJobsHistoryLimit defines the maximum number 591 | of successful Jobs to be displayed. 592 | format: int32 593 | minimum: 0 594 | type: integer 595 | timeZone: 596 | description: TimeZone defines the timezone associated with the cron 597 | expression. 598 | type: string 599 | tlsCASecretRef: 600 | description: |- 601 | TLSCACertSecretRef is a reference toa CA Secret used to establish trust when executing the SqlJob. 602 | If not provided, the CA bundle provided by the referred MariaDB is used. 603 | properties: 604 | name: 605 | default: "" 606 | type: string 607 | type: object 608 | tlsClientCertSecretRef: 609 | description: |- 610 | TLSClientCertSecretRef is a reference to a Kubernetes TLS Secret used as authentication when executing the SqlJob. 611 | If not provided, the client certificate provided by the referred MariaDB is used. 612 | properties: 613 | name: 614 | default: "" 615 | type: string 616 | type: object 617 | tolerations: 618 | description: Tolerations to be used in the Pod. 619 | items: 620 | description: |- 621 | The pod this Toleration is attached to tolerates any taint that matches 622 | the triple using the matching operator . 623 | properties: 624 | effect: 625 | description: |- 626 | Effect indicates the taint effect to match. Empty means match all taint effects. 627 | When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. 628 | type: string 629 | key: 630 | description: |- 631 | Key is the taint key that the toleration applies to. Empty means match all taint keys. 632 | If the key is empty, operator must be Exists; this combination means to match all values and all keys. 633 | type: string 634 | operator: 635 | description: |- 636 | Operator represents a key's relationship to the value. 637 | Valid operators are Exists and Equal. Defaults to Equal. 638 | Exists is equivalent to wildcard for value, so that a pod can 639 | tolerate all taints of a particular category. 640 | type: string 641 | tolerationSeconds: 642 | description: |- 643 | TolerationSeconds represents the period of time the toleration (which must be 644 | of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, 645 | it is not set, which means tolerate the taint forever (do not evict). Zero and 646 | negative values will be treated as 0 (evict immediately) by the system. 647 | format: int64 648 | type: integer 649 | value: 650 | description: |- 651 | Value is the taint value the toleration matches to. 652 | If the operator is Exists, the value should be empty, otherwise just a regular string. 653 | type: string 654 | type: object 655 | type: array 656 | username: 657 | description: Username to be impersonated when executing the SqlJob. 658 | type: string 659 | required: 660 | - mariaDbRef 661 | - passwordSecretKeyRef 662 | - username 663 | type: object 664 | status: 665 | description: SqlJobStatus defines the observed state of SqlJob 666 | properties: 667 | conditions: 668 | description: Conditions for the SqlJob object. 669 | items: 670 | description: Condition contains details for one aspect of the current 671 | state of this API Resource. 672 | properties: 673 | lastTransitionTime: 674 | description: |- 675 | lastTransitionTime is the last time the condition transitioned from one status to another. 676 | This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 677 | format: date-time 678 | type: string 679 | message: 680 | description: |- 681 | message is a human readable message indicating details about the transition. 682 | This may be an empty string. 683 | maxLength: 32768 684 | type: string 685 | observedGeneration: 686 | description: |- 687 | observedGeneration represents the .metadata.generation that the condition was set based upon. 688 | For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 689 | with respect to the current state of the instance. 690 | format: int64 691 | minimum: 0 692 | type: integer 693 | reason: 694 | description: |- 695 | reason contains a programmatic identifier indicating the reason for the condition's last transition. 696 | Producers of specific condition types may define expected values and meanings for this field, 697 | and whether the values are considered a guaranteed API. 698 | The value should be a CamelCase string. 699 | This field may not be empty. 700 | maxLength: 1024 701 | minLength: 1 702 | pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 703 | type: string 704 | status: 705 | description: status of the condition, one of True, False, Unknown. 706 | enum: 707 | - "True" 708 | - "False" 709 | - Unknown 710 | type: string 711 | type: 712 | description: type of condition in CamelCase or in foo.example.com/CamelCase. 713 | maxLength: 316 714 | pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 715 | type: string 716 | required: 717 | - lastTransitionTime 718 | - message 719 | - reason 720 | - status 721 | - type 722 | type: object 723 | type: array 724 | type: object 725 | type: object 726 | served: true 727 | storage: true 728 | subresources: 729 | status: {} 730 | status: 731 | acceptedNames: 732 | kind: "" 733 | plural: "" 734 | conditions: null 735 | storedVersions: null 736 | -------------------------------------------------------------------------------- /bundle/manifests/k8s.mariadb.com_users.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | annotations: 5 | controller-gen.kubebuilder.io/version: v0.17.2 6 | creationTimestamp: null 7 | name: users.k8s.mariadb.com 8 | spec: 9 | group: k8s.mariadb.com 10 | names: 11 | kind: User 12 | listKind: UserList 13 | plural: users 14 | shortNames: 15 | - umdb 16 | singular: user 17 | scope: Namespaced 18 | versions: 19 | - additionalPrinterColumns: 20 | - jsonPath: .status.conditions[?(@.type=="Ready")].status 21 | name: Ready 22 | type: string 23 | - jsonPath: .status.conditions[?(@.type=="Ready")].message 24 | name: Status 25 | type: string 26 | - jsonPath: .spec.maxUserConnections 27 | name: MaxConns 28 | type: string 29 | - jsonPath: .spec.mariaDbRef.name 30 | name: MariaDB 31 | type: string 32 | - jsonPath: .metadata.creationTimestamp 33 | name: Age 34 | type: date 35 | name: v1alpha1 36 | schema: 37 | openAPIV3Schema: 38 | description: User is the Schema for the users API. It is used to define grants 39 | as if you were running a 'CREATE USER' statement. 40 | properties: 41 | apiVersion: 42 | description: |- 43 | APIVersion defines the versioned schema of this representation of an object. 44 | Servers should convert recognized schemas to the latest internal value, and 45 | may reject unrecognized values. 46 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 47 | type: string 48 | kind: 49 | description: |- 50 | Kind is a string value representing the REST resource this object represents. 51 | Servers may infer this from the endpoint the client submits requests to. 52 | Cannot be updated. 53 | In CamelCase. 54 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 55 | type: string 56 | metadata: 57 | type: object 58 | spec: 59 | description: UserSpec defines the desired state of User 60 | properties: 61 | cleanupPolicy: 62 | description: CleanupPolicy defines the behavior for cleaning up a 63 | SQL resource. 64 | enum: 65 | - Skip 66 | - Delete 67 | type: string 68 | host: 69 | description: Host related to the User. 70 | maxLength: 255 71 | type: string 72 | mariaDbRef: 73 | description: MariaDBRef is a reference to a MariaDB object. 74 | properties: 75 | name: 76 | type: string 77 | namespace: 78 | type: string 79 | waitForIt: 80 | default: true 81 | description: WaitForIt indicates whether the controller using 82 | this reference should wait for MariaDB to be ready. 83 | type: boolean 84 | type: object 85 | maxUserConnections: 86 | default: 10 87 | description: MaxUserConnections defines the maximum number of simultaneous 88 | connections that the User can establish. 89 | format: int32 90 | type: integer 91 | name: 92 | description: Name overrides the default name provided by metadata.name. 93 | maxLength: 80 94 | type: string 95 | passwordHashSecretKeyRef: 96 | description: |- 97 | PasswordHashSecretKeyRef is a reference to the password hash to be used by the User. 98 | If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password hash. 99 | properties: 100 | key: 101 | type: string 102 | name: 103 | default: "" 104 | type: string 105 | required: 106 | - key 107 | type: object 108 | x-kubernetes-map-type: atomic 109 | passwordPlugin: 110 | description: PasswordPlugin is a reference to the password plugin 111 | and arguments to be used by the User. 112 | properties: 113 | pluginArgSecretKeyRef: 114 | description: |- 115 | PluginArgSecretKeyRef is a reference to the arguments to be provided to the authentication plugin for the User. 116 | If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the authentication plugin arguments. 117 | properties: 118 | key: 119 | type: string 120 | name: 121 | default: "" 122 | type: string 123 | required: 124 | - key 125 | type: object 126 | x-kubernetes-map-type: atomic 127 | pluginNameSecretKeyRef: 128 | description: |- 129 | PluginNameSecretKeyRef is a reference to the authentication plugin to be used by the User. 130 | If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the authentication plugin. 131 | properties: 132 | key: 133 | type: string 134 | name: 135 | default: "" 136 | type: string 137 | required: 138 | - key 139 | type: object 140 | x-kubernetes-map-type: atomic 141 | type: object 142 | passwordSecretKeyRef: 143 | description: |- 144 | PasswordSecretKeyRef is a reference to the password to be used by the User. 145 | If not provided, the account will be locked and the password will expire. 146 | If the referred Secret is labeled with "k8s.mariadb.com/watch", updates may be performed to the Secret in order to update the password. 147 | properties: 148 | key: 149 | type: string 150 | name: 151 | default: "" 152 | type: string 153 | required: 154 | - key 155 | type: object 156 | x-kubernetes-map-type: atomic 157 | requeueInterval: 158 | description: RequeueInterval is used to perform requeue reconciliations. 159 | type: string 160 | require: 161 | description: 'Require specifies TLS requirements for the user to connect. 162 | See: https://mariadb.com/kb/en/securing-connections-for-client-and-server/#requiring-tls.' 163 | properties: 164 | issuer: 165 | description: Issuer indicates that the TLS certificate provided 166 | by the user must be issued by a specific issuer. 167 | type: string 168 | ssl: 169 | description: SSL indicates that the user must connect via TLS. 170 | type: boolean 171 | subject: 172 | description: Subject indicates that the TLS certificate provided 173 | by the user must have a specific subject. 174 | type: string 175 | x509: 176 | description: X509 indicates that the user must provide a valid 177 | x509 certificate to connect. 178 | type: boolean 179 | type: object 180 | retryInterval: 181 | description: RetryInterval is the interval used to perform retries. 182 | type: string 183 | required: 184 | - mariaDbRef 185 | type: object 186 | status: 187 | description: UserStatus defines the observed state of User 188 | properties: 189 | conditions: 190 | description: Conditions for the User object. 191 | items: 192 | description: Condition contains details for one aspect of the current 193 | state of this API Resource. 194 | properties: 195 | lastTransitionTime: 196 | description: |- 197 | lastTransitionTime is the last time the condition transitioned from one status to another. 198 | This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. 199 | format: date-time 200 | type: string 201 | message: 202 | description: |- 203 | message is a human readable message indicating details about the transition. 204 | This may be an empty string. 205 | maxLength: 32768 206 | type: string 207 | observedGeneration: 208 | description: |- 209 | observedGeneration represents the .metadata.generation that the condition was set based upon. 210 | For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date 211 | with respect to the current state of the instance. 212 | format: int64 213 | minimum: 0 214 | type: integer 215 | reason: 216 | description: |- 217 | reason contains a programmatic identifier indicating the reason for the condition's last transition. 218 | Producers of specific condition types may define expected values and meanings for this field, 219 | and whether the values are considered a guaranteed API. 220 | The value should be a CamelCase string. 221 | This field may not be empty. 222 | maxLength: 1024 223 | minLength: 1 224 | pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ 225 | type: string 226 | status: 227 | description: status of the condition, one of True, False, Unknown. 228 | enum: 229 | - "True" 230 | - "False" 231 | - Unknown 232 | type: string 233 | type: 234 | description: type of condition in CamelCase or in foo.example.com/CamelCase. 235 | maxLength: 316 236 | pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ 237 | type: string 238 | required: 239 | - lastTransitionTime 240 | - message 241 | - reason 242 | - status 243 | - type 244 | type: object 245 | type: array 246 | type: object 247 | type: object 248 | served: true 249 | storage: true 250 | subresources: 251 | status: {} 252 | status: 253 | acceptedNames: 254 | kind: "" 255 | plural: "" 256 | conditions: null 257 | storedVersions: null 258 | -------------------------------------------------------------------------------- /bundle/manifests/mariadb-operator.clusterserviceversion.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: operators.coreos.com/v1alpha1 2 | kind: ClusterServiceVersion 3 | metadata: 4 | annotations: 5 | alm-examples: |- 6 | [ 7 | { 8 | "apiVersion": "helm.mariadb.mmontes.io/v1alpha1", 9 | "kind": "MariadbOperator", 10 | "metadata": { 11 | "name": "mariadb-operator" 12 | }, 13 | "spec": { 14 | "affinity": {}, 15 | "certController": { 16 | "affinity": {}, 17 | "caValidity": "35064h", 18 | "certValidity": "8766h", 19 | "enabled": true, 20 | "extrArgs": [], 21 | "extraVolumeMounts": [], 22 | "extraVolumes": [], 23 | "ha": { 24 | "enabled": false, 25 | "replicas": 3 26 | }, 27 | "image": { 28 | "pullPolicy": "IfNotPresent", 29 | "repository": "ghcr.io/mariadb-operator/mariadb-operator", 30 | "tag": "" 31 | }, 32 | "imagePullSecrets": [], 33 | "lookaheadValidity": "2160h", 34 | "nodeSelector": {}, 35 | "podAnnotations": {}, 36 | "podSecurityContext": {}, 37 | "requeueDuration": "5m", 38 | "resources": {}, 39 | "securityContext": {}, 40 | "serviceAccount": { 41 | "annotations": {}, 42 | "automount": true, 43 | "enabled": true, 44 | "extraLabels": {}, 45 | "name": "" 46 | }, 47 | "serviceMonitor": { 48 | "additionalLabels": {}, 49 | "enabled": true, 50 | "interval": "30s", 51 | "scrapeTimeout": "25s" 52 | }, 53 | "tolerations": [] 54 | }, 55 | "clusterName": "cluster.local", 56 | "extrArgs": [], 57 | "extraVolumeMounts": [], 58 | "extraVolumes": [], 59 | "fullnameOverride": "", 60 | "ha": { 61 | "enabled": false, 62 | "replicas": 3 63 | }, 64 | "image": { 65 | "pullPolicy": "IfNotPresent", 66 | "repository": "ghcr.io/mariadb-operator/mariadb-operator", 67 | "tag": "" 68 | }, 69 | "imagePullSecrets": [], 70 | "logLevel": "INFO", 71 | "metrics": { 72 | "enabled": false, 73 | "serviceMonitor": { 74 | "additionalLabels": {}, 75 | "enabled": true, 76 | "interval": "30s", 77 | "scrapeTimeout": "25s" 78 | } 79 | }, 80 | "nameOverride": "", 81 | "nodeSelector": {}, 82 | "podAnnotations": {}, 83 | "podSecurityContext": {}, 84 | "rbac": { 85 | "enabled": true 86 | }, 87 | "resources": {}, 88 | "securityContext": {}, 89 | "serviceAccount": { 90 | "annotations": {}, 91 | "automount": true, 92 | "enabled": true, 93 | "extraLabels": {}, 94 | "name": "" 95 | }, 96 | "tolerations": [], 97 | "webhook": { 98 | "affinity": {}, 99 | "annotations": {}, 100 | "cert": { 101 | "caPath": "/tmp/k8s-webhook-server/certificate-authority", 102 | "certManager": { 103 | "duration": "", 104 | "enabled": false, 105 | "issuerRef": {}, 106 | "renewBefore": "" 107 | }, 108 | "path": "/tmp/k8s-webhook-server/serving-certs", 109 | "secretAnnotations": {} 110 | }, 111 | "extrArgs": [], 112 | "extraVolumeMounts": [], 113 | "extraVolumes": [], 114 | "ha": { 115 | "enabled": false, 116 | "replicas": 3 117 | }, 118 | "hostNetwork": false, 119 | "image": { 120 | "pullPolicy": "IfNotPresent", 121 | "repository": "ghcr.io/mariadb-operator/mariadb-operator", 122 | "tag": "" 123 | }, 124 | "imagePullSecrets": [], 125 | "nodeSelector": {}, 126 | "podAnnotations": {}, 127 | "podSecurityContext": {}, 128 | "port": 10250, 129 | "resources": {}, 130 | "securityContext": {}, 131 | "serviceAccount": { 132 | "annotations": {}, 133 | "automount": true, 134 | "enabled": true, 135 | "extraLabels": {}, 136 | "name": "" 137 | }, 138 | "serviceMonitor": { 139 | "additionalLabels": {}, 140 | "enabled": true, 141 | "interval": "30s", 142 | "scrapeTimeout": "25s" 143 | }, 144 | "tolerations": [] 145 | } 146 | } 147 | }, 148 | { 149 | "apiVersion": "k8s.mariadb.com/v1alpha1", 150 | "kind": "Backup", 151 | "metadata": { 152 | "name": "backup" 153 | }, 154 | "spec": { 155 | "args": [ 156 | "--single-transaction", 157 | "--all-databases" 158 | ], 159 | "logLevel": "info", 160 | "mariaDbRef": { 161 | "name": "mariadb" 162 | }, 163 | "maxRetention": "720h", 164 | "resources": { 165 | "limits": { 166 | "cpu": "300m", 167 | "memory": "512Mi" 168 | }, 169 | "requests": { 170 | "cpu": "100m", 171 | "memory": "128Mi" 172 | } 173 | }, 174 | "schedule": { 175 | "cron": "*/1 * * * *", 176 | "suspend": false 177 | }, 178 | "storage": { 179 | "s3": { 180 | "accessKeyIdSecretKeyRef": { 181 | "key": "access-key-id", 182 | "name": "minio" 183 | }, 184 | "bucket": "backups", 185 | "endpoint": "minio.minio.svc.cluster.local:9000", 186 | "prefix": "mariadb", 187 | "secretAccessKeySecretKeyRef": { 188 | "key": "secret-access-key", 189 | "name": "minio" 190 | }, 191 | "tls": { 192 | "caSecretKeyRef": { 193 | "key": "ca.crt", 194 | "name": "minio-ca" 195 | }, 196 | "enabled": true 197 | } 198 | } 199 | } 200 | } 201 | }, 202 | { 203 | "apiVersion": "k8s.mariadb.com/v1alpha1", 204 | "kind": "Connection", 205 | "metadata": { 206 | "name": "connection" 207 | }, 208 | "spec": { 209 | "database": "mariadb", 210 | "healthCheck": { 211 | "interval": "10s", 212 | "retryInterval": "3s" 213 | }, 214 | "mariaDbRef": { 215 | "name": "mariadb" 216 | }, 217 | "params": { 218 | "parseTime": "true" 219 | }, 220 | "passwordSecretKeyRef": { 221 | "key": "password", 222 | "name": "mariadb" 223 | }, 224 | "secretName": "connection", 225 | "secretTemplate": { 226 | "annotations": { 227 | "k8s.mariadb.com/connection": "sample" 228 | }, 229 | "databaseKey": "database", 230 | "hostKey": "host", 231 | "key": "dsn", 232 | "labels": { 233 | "k8s.mariadb.com/connection": "sample" 234 | }, 235 | "passwordKey": "password", 236 | "portKey": "port", 237 | "usernameKey": "username" 238 | }, 239 | "serviceName": "mariadb", 240 | "username": "mariadb" 241 | } 242 | }, 243 | { 244 | "apiVersion": "k8s.mariadb.com/v1alpha1", 245 | "kind": "Database", 246 | "metadata": { 247 | "name": "data-test" 248 | }, 249 | "spec": { 250 | "characterSet": "utf8", 251 | "collate": "utf8_general_ci", 252 | "mariaDbRef": { 253 | "name": "mariadb" 254 | }, 255 | "retryInterval": "5s" 256 | } 257 | }, 258 | { 259 | "apiVersion": "k8s.mariadb.com/v1alpha1", 260 | "kind": "Grant", 261 | "metadata": { 262 | "name": "grant" 263 | }, 264 | "spec": { 265 | "database": "*", 266 | "grantOption": true, 267 | "host": "%", 268 | "mariaDbRef": { 269 | "name": "mariadb" 270 | }, 271 | "privileges": [ 272 | "SELECT", 273 | "INSERT", 274 | "UPDATE" 275 | ], 276 | "requeueInterval": "30s", 277 | "retryInterval": "5s", 278 | "table": "*", 279 | "username": "user" 280 | } 281 | }, 282 | { 283 | "apiVersion": "k8s.mariadb.com/v1alpha1", 284 | "kind": "MariaDB", 285 | "metadata": { 286 | "name": "mariadb" 287 | }, 288 | "spec": { 289 | "connection": { 290 | "secretName": "mariadb-conn", 291 | "secretTemplate": { 292 | "key": "dsn" 293 | } 294 | }, 295 | "database": "mariadb", 296 | "galera": { 297 | "enabled": true 298 | }, 299 | "metrics": { 300 | "enabled": true, 301 | "passwordSecretKeyRef": { 302 | "generate": true, 303 | "key": "password", 304 | "name": "mariadb-metrics" 305 | } 306 | }, 307 | "myCnf": "[mariadb]\nbind-address=*\ndefault_storage_engine=InnoDB\nbinlog_format=row\ninnodb_autoinc_lock_mode=2\ninnodb_buffer_pool_size=1024M\nmax_allowed_packet=256M\n", 308 | "passwordSecretKeyRef": { 309 | "generate": true, 310 | "key": "password", 311 | "name": "mariadb-password" 312 | }, 313 | "primaryConnection": { 314 | "secretName": "mariadb-conn-primary", 315 | "secretTemplate": { 316 | "key": "dsn" 317 | } 318 | }, 319 | "primaryService": { 320 | "type": "ClusterIP" 321 | }, 322 | "replicas": 3, 323 | "rootPasswordSecretKeyRef": { 324 | "generate": true, 325 | "key": "password", 326 | "name": "mariadb-root" 327 | }, 328 | "secondaryConnection": { 329 | "secretName": "mariadb-conn-secondary", 330 | "secretTemplate": { 331 | "key": "dsn" 332 | } 333 | }, 334 | "secondaryService": { 335 | "type": "ClusterIP" 336 | }, 337 | "service": { 338 | "type": "ClusterIP" 339 | }, 340 | "storage": { 341 | "size": "1Gi" 342 | }, 343 | "updateStrategy": { 344 | "type": "ReplicasFirstPrimaryLast" 345 | }, 346 | "username": "mariadb" 347 | } 348 | }, 349 | { 350 | "apiVersion": "k8s.mariadb.com/v1alpha1", 351 | "kind": "MaxScale", 352 | "metadata": { 353 | "name": "maxscale-galera" 354 | }, 355 | "spec": { 356 | "admin": { 357 | "guiEnabled": true, 358 | "port": 8989 359 | }, 360 | "auth": { 361 | "generate": true 362 | }, 363 | "config": { 364 | "sync": { 365 | "database": "mysql", 366 | "interval": "5s", 367 | "timeout": "10s" 368 | } 369 | }, 370 | "connection": { 371 | "port": 3306, 372 | "secretName": "mxs-galera-conn" 373 | }, 374 | "guiKubernetesService": { 375 | "metadata": { 376 | "annotations": { 377 | "metallb.universe.tf/loadBalancerIPs": "172.18.0.231" 378 | } 379 | }, 380 | "type": "LoadBalancer" 381 | }, 382 | "kubernetesService": { 383 | "annotations": { 384 | "metallb.universe.tf/loadBalancerIPs": "172.18.0.224" 385 | }, 386 | "type": "LoadBalancer" 387 | }, 388 | "mariaDbRef": { 389 | "name": "mariadb-galera" 390 | }, 391 | "monitor": { 392 | "cooperativeMonitoring": "majority_of_all", 393 | "interval": "2s", 394 | "params": { 395 | "available_when_donor": "false", 396 | "disable_master_failback": "false", 397 | "disable_master_role_setting": "false" 398 | } 399 | }, 400 | "replicas": 3, 401 | "requeueInterval": "10s", 402 | "services": [ 403 | { 404 | "listener": { 405 | "params": { 406 | "connection_metadata": "tx_isolation=auto" 407 | }, 408 | "port": 3306, 409 | "protocol": "MariaDBProtocol" 410 | }, 411 | "name": "rw-router", 412 | "params": { 413 | "master_accept_reads": "true", 414 | "max_replication_lag": "3s", 415 | "max_slave_connections": "255", 416 | "transaction_replay": "true", 417 | "transaction_replay_attempts": "10", 418 | "transaction_replay_timeout": "5s" 419 | }, 420 | "router": "readwritesplit" 421 | }, 422 | { 423 | "listener": { 424 | "port": 3307 425 | }, 426 | "name": "rconn-master-router", 427 | "params": { 428 | "master_accept_reads": "true", 429 | "max_replication_lag": "3s", 430 | "router_options": "master" 431 | }, 432 | "router": "readconnroute" 433 | }, 434 | { 435 | "listener": { 436 | "port": 3308 437 | }, 438 | "name": "rconn-slave-router", 439 | "params": { 440 | "max_replication_lag": "3s", 441 | "router_options": "slave" 442 | }, 443 | "router": "readconnroute" 444 | } 445 | ] 446 | } 447 | }, 448 | { 449 | "apiVersion": "k8s.mariadb.com/v1alpha1", 450 | "kind": "Restore", 451 | "metadata": { 452 | "name": "restore" 453 | }, 454 | "spec": { 455 | "backupRef": { 456 | "name": "backup" 457 | }, 458 | "mariaDbRef": { 459 | "name": "mariadb" 460 | }, 461 | "resources": { 462 | "limits": { 463 | "cpu": "300m", 464 | "memory": "512Mi" 465 | }, 466 | "requests": { 467 | "cpu": "100m", 468 | "memory": "128Mi" 469 | } 470 | }, 471 | "targetRecoveryTime": "2023-12-19T09:00:00Z" 472 | } 473 | }, 474 | { 475 | "apiVersion": "k8s.mariadb.com/v1alpha1", 476 | "kind": "SqlJob", 477 | "metadata": { 478 | "name": "03-stars" 479 | }, 480 | "spec": { 481 | "database": "mariadb", 482 | "dependsOn": [ 483 | { 484 | "name": "01-users" 485 | }, 486 | { 487 | "name": "02-repos" 488 | } 489 | ], 490 | "mariaDbRef": { 491 | "name": "mariadb" 492 | }, 493 | "passwordSecretKeyRef": { 494 | "key": "password", 495 | "name": "mariadb" 496 | }, 497 | "schedule": { 498 | "cron": "*/1 * * * *", 499 | "suspend": false 500 | }, 501 | "sql": "CREATE TABLE IF NOT EXISTS stars (\n id bigint PRIMARY KEY AUTO_INCREMENT,\n user_id bigint NOT NULL,\n repo_id bigint NOT NULL,\n FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,\n FOREIGN KEY (repo_id) REFERENCES repos(id) ON DELETE CASCADE,\n UNIQUE KEY (user_id, repo_id)\n);\nINSERT INTO stars(user_id, repo_id) \n VALUES((SELECT id FROM users ORDER BY RAND() LIMIT 1), (SELECT id FROM repos ORDER BY RAND() LIMIT 1))\n ON DUPLICATE KEY UPDATE id=id;\nDELETE FROM stars WHERE id = (SELECT id FROM stars ORDER BY RAND() LIMIT 1);\nSELECT r.name AS repo, COUNT(*) AS stars\nFROM stars s\nJOIN repos r\nON s.repo_id = r.id\nGROUP BY r.id\nORDER BY stars DESC;", 502 | "username": "mariadb" 503 | } 504 | }, 505 | { 506 | "apiVersion": "k8s.mariadb.com/v1alpha1", 507 | "kind": "User", 508 | "metadata": { 509 | "name": "user" 510 | }, 511 | "spec": { 512 | "host": "%", 513 | "mariaDbRef": { 514 | "name": "mariadb" 515 | }, 516 | "maxUserConnections": 20, 517 | "passwordSecretKeyRef": { 518 | "key": "password", 519 | "name": "mariadb" 520 | }, 521 | "retryInterval": "5s" 522 | } 523 | } 524 | ] 525 | capabilities: Deep Insights 526 | categories: Database 527 | containerImage: ghcr.io/mariadb-operator/mariadb-operator-helm:0.38.1 528 | createdAt: "2025-04-15T16:55:22Z" 529 | description: Run and operate MariaDB in a cloud native way 530 | features.operators.openshift.io/disconnected: "false" 531 | features.operators.openshift.io/fips-compliant: "false" 532 | features.operators.openshift.io/proxy-aware: "false" 533 | features.operators.openshift.io/tls-profiles: "false" 534 | features.operators.openshift.io/token-auth-aws: "false" 535 | features.operators.openshift.io/token-auth-azure: "false" 536 | features.operators.openshift.io/token-auth-gcp: "false" 537 | operators.operatorframework.io/builder: operator-sdk-v1.26.0 538 | operators.operatorframework.io/project_layout: helm.sdk.operatorframework.io/v1 539 | repository: https://github.com/mariadb-operator/mariadb-operator 540 | support: mariadb-operator 541 | name: mariadb-operator.v0.38.1 542 | namespace: placeholder 543 | spec: 544 | apiservicedefinitions: {} 545 | customresourcedefinitions: 546 | owned: 547 | - description: Configures a backup 548 | displayName: Backup 549 | kind: Backup 550 | name: backups.k8s.mariadb.com 551 | version: v1alpha1 552 | - description: Configures a connection 553 | displayName: Connection 554 | kind: Connection 555 | name: connections.k8s.mariadb.com 556 | version: v1alpha1 557 | - description: Defines a logical database 558 | displayName: Database 559 | kind: Database 560 | name: databases.k8s.mariadb.com 561 | version: v1alpha1 562 | - description: Grants permissions to an user in a database 563 | displayName: Grant 564 | kind: Grant 565 | name: grants.k8s.mariadb.com 566 | version: v1alpha1 567 | - description: Configures MariaDB helm chart based operator 568 | displayName: MariadbOperator 569 | kind: MariadbOperator 570 | name: mariadboperators.helm.mariadb.mmontes.io 571 | version: v1alpha1 572 | - description: Provisions a MariaDB instance 573 | displayName: MariaDB 574 | kind: MariaDB 575 | name: mariadbs.k8s.mariadb.com 576 | version: v1alpha1 577 | - description: Defines a MaxScale database proxy 578 | displayName: MaxScale 579 | kind: MaxScale 580 | name: maxscales.k8s.mariadb.com 581 | version: v1alpha1 582 | - description: Restores a backup 583 | displayName: Restore 584 | kind: Restore 585 | name: restores.k8s.mariadb.com 586 | version: v1alpha1 587 | - description: Defines a SQL job 588 | displayName: SqlJob 589 | kind: SqlJob 590 | name: sqljobs.k8s.mariadb.com 591 | version: v1alpha1 592 | - description: Defines a user 593 | displayName: User 594 | kind: User 595 | name: users.k8s.mariadb.com 596 | version: v1alpha1 597 | description: | 598 | Install [`mariadb-operator`](https://github.com/mariadb-operator/mariadb-operator) via [OLM](https://olm.operatorframework.io/) using the [helm chart](https://artifacthub.io/packages/helm/mariadb-operator/mariadb-operator). 599 | 600 | This helm operator provides provides a 1:1 mapping between the official helm chart and the [`MariadbOperator`](https://github.com/mariadb-operator/mariadb-operator-helm/blob/main/config/samples/helm_v1alpha1_mariadboperator.yaml) CRD, allowing to install [`mariadb-operator`](https://github.com/mariadb-operator/mariadb-operator) via OLM without having to do any change in the helm chart. 601 | 602 | Normally, you would install [`mariadb-operator`](https://github.com/mariadb-operator/mariadb-operator) providing this `values.yaml` to the helm chart: 603 | ```yaml 604 | image: 605 | repository: ghcr.io/mariadb-operator/mariadb-operator 606 | pullPolicy: IfNotPresent 607 | logLevel: INFO 608 | ha: 609 | enabled: true 610 | metrics: 611 | enabled: true 612 | serviceMonitor: 613 | enabled: true 614 | webhook: 615 | cert: 616 | certManager: 617 | enabled: true 618 | ``` 619 | 620 | This helm chart installation is abstracted in the [`MariadbOperator`](https://github.com/mariadb-operator/mariadb-operator-helm/blob/main/config/samples/helm_v1alpha1_mariadboperator.yaml) CRD, which will be reconciled by the helm operator: 621 | ```yaml 622 | apiVersion: helm.k8s.mariadb.com/v1alpha1 623 | kind: MariadbOperator 624 | metadata: 625 | name: mariadb-operator 626 | spec: 627 | image: 628 | repository: ghcr.io/mariadb-operator/mariadb-operator 629 | pullPolicy: IfNotPresent 630 | logLevel: INFO 631 | ha: 632 | enabled: true 633 | metrics: 634 | enabled: true 635 | serviceMonitor: 636 | enabled: true 637 | webhook: 638 | cert: 639 | certManager: 640 | enabled: true 641 | ``` 642 | 643 | Once you have installed the operator, you will able to install a [`MariaDB`](https://github.com/mariadb-operator/mariadb-operator/blob/main/examples/manifests/mariadb_v1alpha1_mariadb.yaml) instance. Refer to the main [`mariadb-operator`](https://github.com/mariadb-operator/mariadb-operator) documentation for getting started with the rest of CRDs. 644 | 645 | ## Documentation 646 | * [mariadb-operator](https://github.com/mariadb-operator/mariadb-operator/blob/main/README.md) 647 | * [mariadb-operator-helm](https://github.com/mariadb-operator/mariadb-operator-helm/blob/main/README.md) 648 | 649 | ## Releases 650 | This operator is automatically published in the following repositories whenever a new version of the [helm chart](https://artifacthub.io/packages/helm/mariadb-operator/mariadb-operator) is released: 651 | - [k8s-operatorhub/community-operators](https://github.com/k8s-operatorhub/community-operators) 652 | - [redhat-openshift-ecosystem/community-operators-prod](https://github.com/redhat-openshift-ecosystem/community-operators-prod) 653 | 654 | ## Roadmap 655 | Take a look at our [roadmap](https://github.com/mariadb-operator/mariadb-operator/blob/main/ROADMAP.md) and feel free to open an issue to suggest new features. 656 | 657 | ## Contributing 658 | We welcome and encourage contributions to this project! Please check our [contributing](https://github.com/mariadb-operator/mariadb-operator/blob/main/CONTRIBUTING.md) and [development](https://github.com/mariadb-operator/mariadb-operator/blob/main/docs/DEVELOPMENT.md) guides. PRs welcome! 659 | 660 | ## Get in touch 661 | Join us on Slack: **[MariaDB Community Slack](https://r.mariadb.com/join-community-slack)**. 662 | displayName: MariaDB Operator 663 | icon: 664 | - base64data: iVBORw0KGgoAAAANSUhEUgAAASAAAAEgCAYAAAAUg66AAAAABHNCSVQICAgIfAhkiAAAHOVJREFUeJzt3XlgTOfCBvBnsm/VBJGIBBE0tTXETrm1VC1JVGtLShE7tS+t0trrKom2qJbartJaQpEQkrSWoATtp733qy1BNllkkE2SyXx/6PVZYkxmzpl3luf3l2Rmznlo+uQ9y/sehVqtVoOISAAr0QGIyHKxgIhIGBYQEQnDAiIiYVhARCQMC4iIhGEBEZEwLCAiEoYFRETCsICISBgWEBEJwwIiImFYQEQkDAuIiIRhARGRMCwgIhKGBUREwrCAiEgYFhARCcMCIiJhWEBEJAwLiIiEYQERkTAsICIShgVERMKwgIhIGBYQEQnDAiIiYVhARCQMC4iIhGEBEZEwLCAiEoYFRETCsICISBgWEBEJwwIiImFYQEQkDAuIiIRhARGRMCwgIhKGBUREwrCAiEgYFhARCcMCIiJhWEBEJAwLiIiEYQERkTAsICIShgVERMKwgIhIGBYQEQnDAiIiYVhARCSMjegARGTaLv3PJcREH0TSuSTcSElBWVkZmjRtimkzpiOgeXONn1Wo1Wq1gXISkZkoLS3Fgf378d369fjrf/+q8D22trbYvTcKjZs0ee52eAhGRForLy/Hvqi96N6lK2ZNn/Hc8gEeltT327Zp3B4PwYjohQoKCrAvKgpbN2/BtWvXtP7cuV/PanydBUREFcrPz8eJY8cRF3cU8UfjkJ+fX+lt3L17V+PrLCAiC3Pv3j3cu3cPRYWFKCwqQv79fOTn30dOdjZycnJw88ZN/HHpEpKTk1FeXq7XvkpKSjS+zgIiMiN5d/KQkpKM69evIyU5BRkZ6cjNyUVOdjZy79zBndxclJWVGSzPi65xsYCITNitmzeReDIRSUnncPbMr0hPTxcd6Qnu7u4aX2cBEZmYK5cv41BMDPZG7cWtmzdFx9HIw9NT4+ssICITUFhQiB9//AHb/7UNycnJouNorUaNGhpfZwERGbHc3Fxs2bQZ27dtg1KpFB2n0jw8PTS+zgIiMkIlJSXYvHET1q5erdPlb2Ph4+Oj8XUWEJGRSYhPwJJFC3Ej5YboKHp70VwwFhCRkSgqKsKK5cuxZdNm0VEk4ejoCH9/f43vYQERGYGLFy5g2pSpRn9VqzKat2gBaxvNFcPJqESC7fzhR4QOHGRW5QMAwX1DXvgeLsdBJIhKpULEihX45ut1oqNIztHJCWfOnYWzs7PG9/EQjEiABw8e4IPx45EQnyA6iiz6BAW9sHwAjoCIDK6oqAjjRo/GyRMnRUeRhb29PY4kxKNWrVovfC9HQEQGVFBQgPBhw5B0Lkl0FNkMHzFCq/IBOAIiMpiSkhKMHD4CpxITRUeRjbe3Nw4ePgQXFxet3s+rYEQGoFKpMH3qVLMuH2sba0R8sUrr8gFYQEQGsfDT+TgUHSM6hqxmzpqNFoGBlfoMC4hIZtu2bn3h4uymLmzIEIwcParSn+M5ICIZnTl9GsOGDDXoKoSG1rff21i+YgWsrCo/nmEBEckkMyMTQb17Ie9OnugoshkcGor5ixbC2tpap8/zMjyRDFRlZZg6eZJZl8+kKZMxacoUvbbBAiKSQWREJM6dPSc6hiwcHBywcMli9HvnHb23xUMwIomdOX0aQ8Pe0/uRNsbI19cXa9atQ8NXGkqyPV4FI5JQfn4+Zs+YaZbl07ff2/jp4EHJygfgIRiRpBYvWIi0tDTRMSRVpUoVzF+0EMEhL15eo7JYQEQS+eXnn7F71y7RMSTVrn17/HPF5/Dy8pJl+zwHRCSBoqIi9HyzB1Jv3RIdRRJ2dnaYPHUqRo0ZrdP9PdriCIhIAqsiIs2mfBo0bIiIVZF4tVEj2ffFERCRnv795594OyQEqjKV6Ch6USgUGB4ejhmzZsLOzs4g++QIiEgP5eXl+GTuPJMvH2dnZyxbvhw9e/cy6H5ZQER62Lp5C367eFF0DL3Uq1cPa79Zh/oNGhh83zwEI9JRZkYmenTrhoKCAtFRdPZWz55YvmIFnJydhOyfNyIS6WjZ0qUmXT5Dh72PL9esFlY+AA/BiHSSdC4J0QcPio6hs4mTPsCUadNEx+AhGFFlqVQqvB0cgn//+afoKDoZO348ZsyaKToGAB6CEVXaDzt2mGz59AkKwvSZM0THeIQjIKJKUCqV6N6li0mu89MiMBDbdmw32D0+2uAIiKgSVkVEmmT5vPTSS4j4YpVRlQ/AAiLS2l//+xd2bP9edAydzJk3F97e3qJjPIMFRKSlRQsWmOQdz6/4v4J33n1XdIwKsYCItBB98CDOnD4tOoZOxowbJ+uMdn3wJDTRCxQXF6NH124mudCYq5sbEs+chr29vegoFTLOWiQyIl+vWWOS5QMAPd7qYbTlA7CAiDS6dfMmNny7XnQMnXXt2k10BI1YQEQaLFm0GA8ePBAdQycODg5o16G96BgasYCInuPYL78g7uhR0TF01rZdOzg6OoqOoRELiKgCRUVFmP/Jp6Jj6KVrd+M+/AJYQEQVWhURiVs3b4qOoZfXO3USHeGFWEBET/nPf/6DLZs2iY6hF8+ankZ55/PTWEBEj1GpVPho1myUlZWJjqKXNm3bio6gFRYQ0WO2bNqEPy5dEh1Db61atRYdQSssIKK/paenY1VkpOgYkmjVhgVEZDLUajXmzP4QhQWFoqPorVq1aqhXr57oGFphAREB+NeWrTh54oToGJJo1bo1FAqF6BhaYQGRxbt29SqWL1smOoZkWgS2EB1BaywgsmglJSWYNmUqiouLRUeRzGsBAaIjaI0FRBZtyaLF+POPP0THkIyNjQ0aN2kiOobWWEBksaIPHsT3//qX6BiSaty4MRwcHETH0BoLiCzStWvXMGf2h6JjSK5ZwGuiI1QKC4gsjlKpxNiRo0z6scrP07yF6ZyABlhAZGHKysowacJEJCcni44ii+bNm4uOUCksILIocz+ag1OJiaJjyKJatWrwqV1bdIxKYQGRxVj5+Qrs3rVLdAzZtAgMFB2h0lhAZBE2btiAr9esER1DVqZ2/gdgAZEF2LxxE5YuXiI6huyatzCt8z8AC4jM3OaNm7Bk0SLRMWRnY2ODJk2bio5RaTaiAxDJQa1W45+ffWbSj9SpjMaNGxv9AvQVYQGR2SkoKMDMadNxJDZWdBSDCTDBwy+ABURmJiU5BePGjMGVy5dFRzEoU7wCBvAcEJmRA/v34+3gYIsrH8A0r4ABHAGRGbh//z4WfPop9kXtFR1FiBoeHvDy8hIdQycsIDJpPyckYN7HHyMzI1N0FGFMaQGyp7GAyCRlZWVh+bJlFjvqeVygiZ7/AVhAZGJKS0uxdfNmfLnqC7Ocza4LUz3/A7CAyESo1Wocio7B58uXm/wjk6Vkb2+PRo0bi46hMxYQGb3Ek4mIXLkSv128KDqK0XktIAB2dnaiY+iMBURGK+lcEr6IjMTpU6dERzFabduZxiOYn4cFREalvLwcvyT8jG/WrcP5pCTRcYxe6zZtREfQCwuIjEJhQSH2//QTNm7YgOvXr4uOYxLs7OwQYGIrID6NBURC5eTkYPu2bdi6ZSuUeXmi45iU1wICTOoJGBVhAZHBqdVqnEo8hR92bEfckaMoLS0VHckkmfr5H4AFRAaUk5ODPbt248cffsDNGzdExzF5pn7+B2ABkcxUKhVOnjiB3bt2cbQjIUdHR5OdAf84FhDJ4srly9i3dy+idu9Bdna26Dhmp1Xr1rC3txcdQ28sIJJMeno6Du4/gH17o3D5L8tbEsOQXu/cSXQESbCASC95d/IQe/gw9kZF4cL581Cr1aIjWYROnVhAZKGys7NxJDYWMQejce7sWZSXl4uOZFFq1qwJv/r1RceQBAuItJKeno4jh2Pxc0I8zpw5A1WZSnQki2Uuh18AC4g0uHXzJuLj4nEoJoaHV0akU6fOoiNIhgVET/jj0iXEHo7FkdhYXLt6VXQceoqtrS3ad+wgOoZkWEAWTqVS4cL5CzgSG4sjhw8jLS1NdCTSoG27dqhSpYroGJJhAVkglUqFixcu4lBMNA5FxyArK0t0JNLSWz17io4gKRaQhSguLsapk4mIiYlG/NE43L9/X3QkqiQrKyt06dZVdAxJsYDMmFKpRHxcHI7ExiLxxEkUFxeLjkR6CGzZEu7u7qJjSIoFZGaKi4vxc3wC9kbtwYnjJzj3yoyY2+EXwAIyCyUlJTh5/ARiYqJxJDYWhQWFoiORxBQKBbr3eFN0DMmxgEzU4yeS9//0E/LucDEvc9asWTOTffqpJiwgE6JWq3Hh/Hkc2H8Ah6KjkZubKzoSGcibb70lOoIsWEAm4MrlyzgUE4N9e/dxIS8LZGVlheC+IaJjyIIFZKRSklNwYP9+HDxwgHckW7iOr7+OmjVrio4hCxaQEUlLS8PR2COce0VP6D9ggOgIslGo+VMu1L179/DT3n3Ys3s3/rh0SXQcMjKubm449esZk376qSYcAQly4fx57Ni+HYeiY3iDID1XcEiw2ZYPwAIyuPNJSfjm66+REJ8gOgqZAHM+/AJYQAZzPikJkSsjcOb0adFRyES82qgRXm3USHQMWbGAZKZUKvHPpZ9h965dPKlMlTIodLDoCLLjSWgZHYqOwfxPPuENg1Rprm5uOJF4Eo5OTqKjyIojIBnczszER7M/xPFjx0RHIRM19P2hZl8+AEdAkos9fBgffzQHyjzOzSLdODg44PipRFStWlV0FNlxBCSRgoICLJq/ALt37RIdhUxcv3fesYjyAVhAkrh27RomjhuPK5f5NFDSj5WVFUaMHCk6hsFYiQ5g6n7atw99g4JZPiSJN3v0QF3fuqJjGAxHQDpSqVRYtmQpNm3cKDoKmQkrKyuMHT9OdAyDYgHpoKiwEFMmT0b80TjRUciMBIUEo0nTpqJjGBSvglVS1u3bGD1yFCeOkqRsbW1xJD4OPrVri45iUBwBVUJKcgqGhIYiIyNDdBQyM0OHDbO48gE4AtJacnIy3hscituZmaKjkJl5+eWXEX/sF7i6uoqOYnC8CqaF69evI2zQYJYPyWLCBxMtsnwAjoBeKCU5BYP690dOTo7oKGSGfH19ER172KzX/NGEIyAN8u7kYeTw4SwfkoVCocCCxYsstnwAFtBzFRUVYVR4OFJSUkRHITM1YNBAtO/QQXQMoXgIVgFVWRnGjh6DnxO4aqExcXFxQbm63Cye/Orl5YWDhw+hSpUqoqMIxRFQBSJXRrB8jIy1tTW+27wJjRs3ER1Fb1ZWVlgRGWHx5QOwgJ6REBePb9atEx2DnvL+8OEIbNkSd+8qRUfR2+gxY9C6TRvRMYwCC+gxqbduYeb06Vw61cg4OTth/ITxAACl8q7QLI6OjlAoFDp/vk3btpg6fZqEiUwbC+hvpaWlmDh+Au7eFfsDTs8aNDgUrm5uAIC7SnEjoBoeHvg1KQldunXV6fOeNT3x5ZrVsLbhBIT/YgH9LXLlSs7vMlIDBw0EACjz8vDgwQNhOQYMHAAnZye89NJLlf6so5MT1n37LapVqyZDMtPFAgJw7uw5fLd+g+gYVIHXAgLgV78+gIePrhbF2toa/Qc+LMJ7lRwlW1tbI/KLVRY3010bFl9Ad+/exbTJk6FSqURHoQr0e6ffoz+np6cLy9H5jX+gVq1aAID79+9r/TmFQoFFS5agW/fuckUzaRZdQOXl5Zg5fTpntxspOzs79A4KevR16q1bwrKEhoU9+vOdO9o9cEChUGD+ooUY8PchJD3LogtozVerkRAXLzoGPUeXbl2fmKR55coVITm8vb3RqXPnR19rMynZ2toaCxYvQth778kZzeRZ7On4kydOYvWXX4qOQRr0e+fdJ76+/JeYdbcHDh4EK6uHv6sLCgqQn5+v8f12dnZYERGBXn16GyKeSbPIArp29SomT5zI8z5GrFq1aujUudOjr9VqNa4KGAE5Ojpi4OD/f0Ry5gtGPzVq1MBXa9cgsGVLuaOZBYs7BMvOzkb4sOG838fIBYeEwOax+2WSk5NfOPKQQ/+BA554RldmxvMLqGWrlth38ADLpxIsagRUWFCIUSPCkZqaKjoKaaBQKDBw8KAnvvfbxYsGz2FjY4PwUaOe+N7t288WkI2NDT6YPBljx43lTYaVZDH/Wg/vdB7Pmw1NQKfOnVG/QYMnvvf7xd8MnqNPcNCjS+//9fQJ6FatW2Pep5+gUePGhoxmNvQuoKysLNxIuYGSkpJHN2i5vOQCBwdHODs7obq7O9zd3fWaP6OvsrIyfDB+Ao4fOyYsA2kvfNSzTwb99ddfDZpBoVBg9Jixz3w/M/M2AMDf3x8zZs/CP954w6C5zE2lCygrKwvRBw7g2C/HcPHCBRQUFLzwM7a2tvDw9ISXlxd86/nCz88P9Rs0QD0/P9SqVUvWclKpVJg2ZQrijh6VbR8knUaNGz+zSNftzEyDn4B+o2sXNHyl4TPft7W1wcrISASFBD+6Mka603pBMmVeHlZ8/jmidu9BSUmJZAEcnZzg5+f3dynVh2+9eqhfvz7q1K0LW1tbvbZ97949fDRrNmIPH5YoLclt6/fbnimgPbt3Y/aMmQbLoFAosHPPbjRv0cJg+7RUWo2Ajh87hg9nzkJWVpbkAYoKC/HHpUvPnJuxtrFGbZ/a8KtfH371/VDPzw+1a9eBp6cHPDw9n7uObmlpKS7/9Rfijh7Fjzt+kCWzXKxtrOHi7AJra2s4u7g88VppaQmKCotQXl5eqakApiQ4JKTCJUoNvThcr969WT4G8sIR0KaNG/HZ4iUoLy83VCatuLq64qUqVeDk5AhbWzuUlpagIL8AmZmZKCsrEx3vuV5++WW84u8P/1f90aBhQ3h6esLT0xPV3d1RvXp1rQ9HS0pKoMzLw528PCjz8pCbm4u8O3eQk5ODtLQ0pKelIyMjAxnp6SgtLZX5b6U/n9q1sT/64DMzzYuLi9E6MNBgy7A6ODggNj7umZPPJA+NI6BVERFY/eVXhspSKUqlEkqBa8Noq3adOmjfoT06dOiIgBbNUbNmTUm2a2dnhxoeHqjh4aHxfWq1GtnZ2UhPS0NGegYyMtIfFVR6+sM/K/O0m9skF3d3d2zcsrnCZS5Onjhh0DWgR44exfIxoOeOgPbuicLM6dMNncfkKRQKtGzVCkEhwejUuTO8vb1FR3qhwoJCpKamIjU1FWmpqUhLS31YUqlpSE9PR25urmwjYH9/f3z19Vr4+vpW+PrE8eNxOOaQLPt+mmdNTxyNj4ejk5NB9kcaRkAXzp+HtY01VGWcrqCN6tWrY3BYKN4dMMDkfoM6OTuh4SsNK7zqAzxcNSA3Nxe5ubnIun0buTm5yM7ORnZWFnJzc6FUKqFSlaGwsAilpaUoLi5+YuEwe3t7ODg4wM7ODm5V3eDm6oaq1aqibl1fBPcNgYODQ4X7zc3NRfzROFn+zhWZOXs2y8fANJ4DupFyA5/Om4uTJ04aMpNJqVevHsZNmIDeQX0s+gFzctjw7XosW7rUIPtq2aolduzcKfR+NUuk1WX4Q9ExmP/JJ8jNzTVEJpPg5eWF8RMnov+A/rz9XiY9unXHtatXZd+Po5MTDkRHo65vXdn3RU/S6k6qnr17ITY+7ok1USxVDQ8PLFi0EPHHfsGg0MEsH5mcO3vOIOUDAHPnzWP5CKL1rZyurq5Yv/E7jBj57G3ylsDRyQnTZ85AwrFfEDZkiN43SZJmP2zfbpD9dOna5ZmJr2Q4Oj2aefeuXfjk47mS3hFtzN7q1RMfz5sn2SV00uzmjRvo3rWr7BdAqlatipgjsahevbqs+6Hn02kyy7v9+2Pbju1wd3eXOo9R8fPzw5Zt27B67VqWjwF9vWatQa6+Lv5sKctHMJ1n07UIDMTe/fvRtJn5PWrE0dERsz78ENGxh9Gh47NTA0g+qamp2BsVJft+ho8YgTd79JB9P6SZXtN5PWt6YsfOnQgbMsRsZgZ3fL0jYmIPY/TYMU+syEeGsW7tWtmn0rRr3x4fzvlI1n2QdnQ6B1SR33/7DXPnfIz//PvfUmzO4NyqumHOx3Px9mPPoSLDSktLQ7d/vCHr3LU6detgd9ReuFV1k20fpD3Jhi2vBQRg3/6f8PG8uY+e420qQt7ui9i4OJaPYJ8v+6es5VO1alVs3LyF5WNEJBsBPS4/Px8fzZ6NQ9ExUm9aUrXr1MHCxYvQ8fXXRUexeEnnkjB4wADI8OMI4OFtFNu2f4/XAgJk2T7pRpaTHC4uLkY9CdPGxgZhQ97DjJkzOffHCJSXl2PJooWylY+DgwO+3bCe5WOEZCmgnxMSsOHb9XJsWm+BLVti0ZIlz514SYa3e+cuXPofeR4W4ODggG82bEC79u1l2T7pR/JDsMyMTAT17oU8LZ+fbShVqlTBzA9nY+CgQWZzxc4c3L17F2926SrLPEMXFxd8s2E92rRtK/m2SRqSjoBUZWWYMukDoyofhUKBPkFBmDNvrtnfOGmKli5aLEv5VKtWDd9t3oQmTc3vPjVzImkBRa6MQNK5JCk3qZemzZpizty5aNW6tegoVIFTiYmI2rNH8u36+vrim+82oF69epJvm6Ql2SHYiePHET5suFGsHe3l5YXps2YiOCSE67sYqYKCAvR6swfS0tIk3W6Xrl0Q8cUXcHlqUX8yTpKMgHJycjBr+gzh5VOrVi0MDw/H4LBQ2NvbC81Cmi3/bJmk5WNtY40JEydi4qRJPMdnQvQuIJVKhUkTJiI7O1uKPDqp36ABRo0ZjZC+fTl9wgScSkzEDgmX2/D29kbEF6vQIjBQsm2SYej9f+u369bhrIEfm/tfHTp2wIiRI9Gpc2ceapkIpVKJWTOkGS0rFAqEDRmCWbNnw8mZ93OZIr0KKDk52eCP7bG2tkafoCCMGjsG/v7+Bt036e+TuXORmZGp93Ze8X8F8xcu5AUGE6dzAanVasz9aM4TTz+Qk62tLfr264ex48ahTt06BtknSWtf1F7EHIzWaxuurq6YPHUqQsNCuRyuGdD5v+CuH3fi1zNnpMxSISdnJwwcNBgjRoZzUTATduXyZSz49FOdP+/i4oIRI8MxPDy8wgcYkmnS6TJ8UWEhOnXsKOsNh25V3TD0/WEY8v5QuLq6yrYfkl9KcgpCBw5EVlZWpT9bvXp1vDd0KN4bOoQ/B2ZIpxHQrp27ZCsfbx8fjAgPR/+BA+Do6CjLPshw0tPTMTQsrNLlE9C8OQaFDkZwSAift2bGdCqgw4ekfVSutbU1Or/xD4SGhaFT5868j8NMZGVlYWhoGNLT07V6f61atdCzdy+8278/6jdoIHM6MgY6FdDly5f13rFCocBrAQHoExSEXn16o0aNGnpvk4xH3p08vP/eEKSkpGh8n6+vL7r3eBM9evZEs2bNeDuFhdGpgNzd3aHMq/whmJeXF9q0a4sOHTqifccOLB0zdf/+fQwbOhRXHvtFVaVKFXj7+MDHxwfePj5o1KgRApo35xVNC6fTSegzp09j9Zdf4ffff0dRYSEAwNnZGTY2NnBxcYF7jRrw8PCAZ01PePv4wN/fH682asSTiBYiJycH2VlZcHFxgbOLCxwdHXk+jyoky5KsRETa4NleIhKGBUREwrCAiEgYFhARCcMCIiJhWEBEJAwLiIiEYQERkTAsICIShgVERMKwgIhIGBYQEQnDAiIiYVhARCQMC4iIhGEBEZEwLCAiEoYFRETCsICISBgWEBEJwwIiImFYQEQkDAuIiIRhARGRMCwgIhKGBUREwrCAiEgYFhARCcMCIiJhWEBEJAwLiIiEYQERkTAsICIShgVERMKwgIhIGBYQEQnDAiIiYVhARCQMC4iIhGEBEZEwLCAiEoYFRETCsICISBgWEBEJwwIiImFYQEQkDAuIiIRhARGRMCwgIhKGBUREwrCAiEgYFhARCcMCIiJhWEBEJMz/AbUnAlX5uNt8AAAAAElFTkSuQmCC 665 | mediatype: image/png 666 | install: 667 | spec: 668 | clusterPermissions: 669 | - rules: 670 | - apiGroups: 671 | - "" 672 | resources: 673 | - namespaces 674 | verbs: 675 | - get 676 | - apiGroups: 677 | - "" 678 | resources: 679 | - secrets 680 | verbs: 681 | - '*' 682 | - apiGroups: 683 | - "" 684 | resources: 685 | - events 686 | verbs: 687 | - create 688 | - apiGroups: 689 | - helm.mariadb.mmontes.io 690 | resources: 691 | - mariadboperators 692 | - mariadboperators/status 693 | - mariadboperators/finalizers 694 | verbs: 695 | - create 696 | - delete 697 | - get 698 | - list 699 | - patch 700 | - update 701 | - watch 702 | - apiGroups: 703 | - rbac.authorization.k8s.io 704 | resources: 705 | - clusterrolebindings 706 | - clusterroles 707 | verbs: 708 | - '*' 709 | - apiGroups: 710 | - admissionregistration.k8s.io 711 | resources: 712 | - validatingwebhookconfigurations 713 | - mutatingwebhookconfigurations 714 | verbs: 715 | - '*' 716 | - apiGroups: 717 | - rbac.authorization.k8s.io 718 | resources: 719 | - rolebindings 720 | - roles 721 | verbs: 722 | - '*' 723 | - apiGroups: 724 | - apps 725 | resources: 726 | - deployments 727 | verbs: 728 | - '*' 729 | - apiGroups: 730 | - "" 731 | resources: 732 | - serviceaccounts 733 | - services 734 | verbs: 735 | - '*' 736 | - apiGroups: 737 | - apiextensions.k8s.io 738 | resources: 739 | - customresourcedefinitions 740 | verbs: 741 | - '*' 742 | - apiGroups: 743 | - cert-manager.io 744 | resources: 745 | - certificates 746 | - issuers 747 | verbs: 748 | - '*' 749 | - apiGroups: 750 | - monitoring.coreos.com 751 | resources: 752 | - servicemonitors 753 | verbs: 754 | - '*' 755 | serviceAccountName: mariadb-operator-helm-controller-manager 756 | deployments: 757 | - label: 758 | app.kubernetes.io/component: manager 759 | app.kubernetes.io/created-by: helm-operator 760 | app.kubernetes.io/instance: controller-manager 761 | app.kubernetes.io/managed-by: kustomize 762 | app.kubernetes.io/name: deployment 763 | app.kubernetes.io/part-of: helm-operator 764 | control-plane: controller-manager 765 | name: mariadb-operator-helm-controller-manager 766 | spec: 767 | replicas: 1 768 | selector: 769 | matchLabels: 770 | control-plane: controller-manager 771 | strategy: {} 772 | template: 773 | metadata: 774 | annotations: 775 | kubectl.kubernetes.io/default-container: manager 776 | labels: 777 | control-plane: controller-manager 778 | spec: 779 | containers: 780 | - args: 781 | - --leader-elect 782 | - --leader-election-id=helm-operator 783 | image: ghcr.io/mariadb-operator/mariadb-operator-helm:0.38.1 784 | livenessProbe: 785 | httpGet: 786 | path: /healthz 787 | port: 8081 788 | initialDelaySeconds: 15 789 | periodSeconds: 20 790 | name: manager 791 | readinessProbe: 792 | httpGet: 793 | path: /readyz 794 | port: 8081 795 | initialDelaySeconds: 5 796 | periodSeconds: 10 797 | resources: 798 | limits: 799 | cpu: 500m 800 | memory: 512Mi 801 | requests: 802 | cpu: 10m 803 | memory: 128Mi 804 | securityContext: 805 | allowPrivilegeEscalation: false 806 | capabilities: 807 | drop: 808 | - ALL 809 | securityContext: 810 | runAsNonRoot: true 811 | serviceAccountName: mariadb-operator-helm-controller-manager 812 | terminationGracePeriodSeconds: 10 813 | permissions: 814 | - rules: 815 | - apiGroups: 816 | - "" 817 | resources: 818 | - configmaps 819 | verbs: 820 | - get 821 | - list 822 | - watch 823 | - create 824 | - update 825 | - patch 826 | - delete 827 | - apiGroups: 828 | - coordination.k8s.io 829 | resources: 830 | - leases 831 | verbs: 832 | - get 833 | - list 834 | - watch 835 | - create 836 | - update 837 | - patch 838 | - delete 839 | - apiGroups: 840 | - "" 841 | resources: 842 | - events 843 | verbs: 844 | - create 845 | - patch 846 | serviceAccountName: mariadb-operator-helm-controller-manager 847 | strategy: deployment 848 | installModes: 849 | - supported: true 850 | type: OwnNamespace 851 | - supported: true 852 | type: SingleNamespace 853 | - supported: true 854 | type: MultiNamespace 855 | - supported: true 856 | type: AllNamespaces 857 | keywords: 858 | - mariadb 859 | - mysql 860 | - operator 861 | - mariadb-operator 862 | - database 863 | - maxscale 864 | links: 865 | - name: GitHub 866 | url: https://github.com/mariadb-operator/mariadb-operator 867 | maintainers: 868 | - email: mariadb-operator@proton.me 869 | name: mmontes11 870 | maturity: alpha 871 | minKubeVersion: 1.16.0 872 | provider: 873 | name: mariadb-operator 874 | url: https://github.com/mariadb-operator/mariadb-operator 875 | version: 0.38.1 876 | -------------------------------------------------------------------------------- /bundle/metadata/annotations.yaml: -------------------------------------------------------------------------------- 1 | annotations: 2 | # Core bundle annotations. 3 | operators.operatorframework.io.bundle.mediatype.v1: registry+v1 4 | operators.operatorframework.io.bundle.manifests.v1: manifests/ 5 | operators.operatorframework.io.bundle.metadata.v1: metadata/ 6 | operators.operatorframework.io.bundle.package.v1: mariadb-operator 7 | operators.operatorframework.io.bundle.channels.v1: alpha 8 | operators.operatorframework.io.bundle.channel.default.v1: alpha 9 | operators.operatorframework.io.metrics.builder: operator-sdk-v1.26.0 10 | operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 11 | operators.operatorframework.io.metrics.project_layout: helm.sdk.operatorframework.io/v1 12 | com.redhat.openshift.versions: v4.12 13 | com.redhat.delivery.operator.bundle: true 14 | com.redhat.delivery.backport: false 15 | # Annotations for testing. 16 | operators.operatorframework.io.test.mediatype.v1: scorecard+v1 17 | operators.operatorframework.io.test.config.v1: tests/scorecard/ 18 | -------------------------------------------------------------------------------- /bundle/tests/scorecard/config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: scorecard.operatorframework.io/v1alpha3 2 | kind: Configuration 3 | metadata: 4 | name: config 5 | stages: 6 | - parallel: true 7 | tests: 8 | - entrypoint: 9 | - scorecard-test 10 | - basic-check-spec 11 | image: quay.io/operator-framework/scorecard-test:v1.26.0 12 | labels: 13 | suite: basic 14 | test: basic-check-spec-test 15 | storage: 16 | spec: 17 | mountPath: {} 18 | - entrypoint: 19 | - scorecard-test 20 | - olm-bundle-validation 21 | image: quay.io/operator-framework/scorecard-test:v1.26.0 22 | labels: 23 | suite: olm 24 | test: olm-bundle-validation-test 25 | storage: 26 | spec: 27 | mountPath: {} 28 | - entrypoint: 29 | - scorecard-test 30 | - olm-crds-have-validation 31 | image: quay.io/operator-framework/scorecard-test:v1.26.0 32 | labels: 33 | suite: olm 34 | test: olm-crds-have-validation-test 35 | storage: 36 | spec: 37 | mountPath: {} 38 | - entrypoint: 39 | - scorecard-test 40 | - olm-crds-have-resources 41 | image: quay.io/operator-framework/scorecard-test:v1.26.0 42 | labels: 43 | suite: olm 44 | test: olm-crds-have-resources-test 45 | storage: 46 | spec: 47 | mountPath: {} 48 | - entrypoint: 49 | - scorecard-test 50 | - olm-spec-descriptors 51 | image: quay.io/operator-framework/scorecard-test:v1.26.0 52 | labels: 53 | suite: olm 54 | test: olm-spec-descriptors-test 55 | storage: 56 | spec: 57 | mountPath: {} 58 | - entrypoint: 59 | - scorecard-test 60 | - olm-status-descriptors 61 | image: quay.io/operator-framework/scorecard-test:v1.26.0 62 | labels: 63 | suite: olm 64 | test: olm-status-descriptors-test 65 | storage: 66 | spec: 67 | mountPath: {} 68 | storage: 69 | spec: 70 | mountPath: {} 71 | -------------------------------------------------------------------------------- /config/crd/bases/helm.mariadb.mmontes.io_mariadboperators.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: mariadboperators.helm.mariadb.mmontes.io 6 | spec: 7 | group: helm.mariadb.mmontes.io 8 | names: 9 | kind: MariadbOperator 10 | listKind: MariadbOperatorList 11 | plural: mariadboperators 12 | singular: mariadboperator 13 | scope: Namespaced 14 | versions: 15 | - name: v1alpha1 16 | schema: 17 | openAPIV3Schema: 18 | description: MariadbOperator is the Schema for the mariadboperators API 19 | properties: 20 | apiVersion: 21 | description: 'APIVersion defines the versioned schema of this representation 22 | of an object. Servers should convert recognized schemas to the latest 23 | internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 24 | type: string 25 | kind: 26 | description: 'Kind is a string value representing the REST resource this 27 | object represents. Servers may infer this from the endpoint the client 28 | submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 29 | type: string 30 | metadata: 31 | type: object 32 | spec: 33 | description: Spec defines the desired state of MariadbOperator 34 | type: object 35 | x-kubernetes-preserve-unknown-fields: true 36 | status: 37 | description: Status defines the observed state of MariadbOperator 38 | type: object 39 | x-kubernetes-preserve-unknown-fields: true 40 | type: object 41 | served: true 42 | storage: true 43 | subresources: 44 | status: {} 45 | -------------------------------------------------------------------------------- /config/crd/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # This kustomization.yaml is not intended to be run by itself, 2 | # since it depends on service name and namespace that are out of this kustomize package. 3 | # It should be run by config/default 4 | resources: 5 | - bases/helm.mariadb.mmontes.io_mariadboperators.yaml 6 | #+kubebuilder:scaffold:crdkustomizeresource 7 | -------------------------------------------------------------------------------- /config/default/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # Adds namespace to all resources. 2 | namespace: mariadb-operator-helm-system 3 | 4 | # Value of this field is prepended to the 5 | # names of all resources, e.g. a deployment named 6 | # "wordpress" becomes "alices-wordpress". 7 | # Note that it should also match with the prefix (text before '-') of the namespace 8 | # field above. 9 | namePrefix: mariadb-operator-helm- 10 | 11 | # Labels to add to all resources and selectors. 12 | #labels: 13 | #- includeSelectors: true 14 | # pairs: 15 | # someName: someValue 16 | 17 | resources: 18 | - ../crd 19 | - ../rbac 20 | - ../manager 21 | # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. 22 | #- ../prometheus 23 | -------------------------------------------------------------------------------- /config/manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manager.yaml 3 | apiVersion: kustomize.config.k8s.io/v1beta1 4 | kind: Kustomization 5 | images: 6 | - name: controller 7 | newName: ghcr.io/mariadb-operator/mariadb-operator-helm 8 | newTag: 0.38.1 9 | -------------------------------------------------------------------------------- /config/manager/manager.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | labels: 5 | control-plane: controller-manager 6 | app.kubernetes.io/name: namespace 7 | app.kubernetes.io/instance: system 8 | app.kubernetes.io/component: manager 9 | app.kubernetes.io/created-by: helm-operator 10 | app.kubernetes.io/part-of: helm-operator 11 | app.kubernetes.io/managed-by: kustomize 12 | name: system 13 | --- 14 | apiVersion: apps/v1 15 | kind: Deployment 16 | metadata: 17 | name: controller-manager 18 | namespace: system 19 | labels: 20 | control-plane: controller-manager 21 | app.kubernetes.io/name: deployment 22 | app.kubernetes.io/instance: controller-manager 23 | app.kubernetes.io/component: manager 24 | app.kubernetes.io/created-by: helm-operator 25 | app.kubernetes.io/part-of: helm-operator 26 | app.kubernetes.io/managed-by: kustomize 27 | spec: 28 | selector: 29 | matchLabels: 30 | control-plane: controller-manager 31 | replicas: 1 32 | template: 33 | metadata: 34 | annotations: 35 | kubectl.kubernetes.io/default-container: manager 36 | labels: 37 | control-plane: controller-manager 38 | spec: 39 | # TODO(user): Uncomment the following code to configure the nodeAffinity expression 40 | # according to the platforms which are supported by your solution. 41 | # It is considered best practice to support multiple architectures. You can 42 | # build your manager image using the makefile target docker-buildx. 43 | # affinity: 44 | # nodeAffinity: 45 | # requiredDuringSchedulingIgnoredDuringExecution: 46 | # nodeSelectorTerms: 47 | # - matchExpressions: 48 | # - key: kubernetes.io/arch 49 | # operator: In 50 | # values: 51 | # - amd64 52 | # - arm64 53 | # - ppc64le 54 | # - s390x 55 | # - key: kubernetes.io/os 56 | # operator: In 57 | # values: 58 | # - linux 59 | securityContext: 60 | runAsNonRoot: true 61 | # TODO(user): For common cases that do not require escalating privileges 62 | # it is recommended to ensure that all your Pods/Containers are restrictive. 63 | # More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted 64 | # Please uncomment the following code if your project does NOT have to work on old Kubernetes 65 | # versions < 1.19 or on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ). 66 | # seccompProfile: 67 | # type: RuntimeDefault 68 | # Clean up old ReplicaSets. After making manual changes in the CSV, ReplicaSet is downscaled instead of deleted: 69 | # https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#revision-history-limit 70 | # https://github.com/mariadb-operator/mariadb-operator/issues/251#issuecomment-1760467114 71 | revisionHistoryLimit: 0 72 | containers: 73 | - args: 74 | - --leader-elect 75 | - --leader-election-id=helm-operator 76 | image: controller:latest 77 | name: manager 78 | securityContext: 79 | allowPrivilegeEscalation: false 80 | capabilities: 81 | drop: 82 | - "ALL" 83 | livenessProbe: 84 | httpGet: 85 | path: /healthz 86 | port: 8081 87 | initialDelaySeconds: 15 88 | periodSeconds: 20 89 | readinessProbe: 90 | httpGet: 91 | path: /readyz 92 | port: 8081 93 | initialDelaySeconds: 5 94 | periodSeconds: 10 95 | # TODO(user): Configure the resources accordingly based on the project requirements. 96 | # More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ 97 | resources: 98 | limits: 99 | cpu: 500m 100 | memory: 512Mi 101 | requests: 102 | cpu: 10m 103 | memory: 128Mi 104 | serviceAccountName: controller-manager 105 | terminationGracePeriodSeconds: 10 106 | -------------------------------------------------------------------------------- /config/manifests/bases/mariadb-operator.clusterserviceversion.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: operators.coreos.com/v1alpha1 2 | kind: ClusterServiceVersion 3 | metadata: 4 | annotations: 5 | alm-examples: '[]' 6 | capabilities: Deep Insights 7 | categories: Database 8 | containerImage: ghcr.io/mariadb-operator/mariadb-operator-helm:0.38.1 9 | description: Run and operate MariaDB in a cloud native way 10 | features.operators.openshift.io/disconnected: "false" 11 | features.operators.openshift.io/fips-compliant: "false" 12 | features.operators.openshift.io/proxy-aware: "false" 13 | features.operators.openshift.io/tls-profiles: "false" 14 | features.operators.openshift.io/token-auth-aws: "false" 15 | features.operators.openshift.io/token-auth-azure: "false" 16 | features.operators.openshift.io/token-auth-gcp: "false" 17 | repository: https://github.com/mariadb-operator/mariadb-operator 18 | support: mariadb-operator 19 | name: mariadb-operator.v0.0.0 20 | namespace: placeholder 21 | spec: 22 | apiservicedefinitions: {} 23 | customresourcedefinitions: 24 | owned: 25 | - description: Configures MariaDB helm chart based operator 26 | displayName: MariadbOperator 27 | kind: MariadbOperator 28 | name: mariadboperators.helm.mariadb.mmontes.io 29 | version: v1alpha1 30 | - description: Provisions a MariaDB instance 31 | displayName: MariaDB 32 | kind: MariaDB 33 | name: mariadbs.k8s.mariadb.com 34 | version: v1alpha1 35 | - description: Configures a backup 36 | displayName: Backup 37 | kind: Backup 38 | name: backups.k8s.mariadb.com 39 | version: v1alpha1 40 | - description: Configures a connection 41 | displayName: Connection 42 | kind: Connection 43 | name: connections.k8s.mariadb.com 44 | version: v1alpha1 45 | - description: Restores a backup 46 | displayName: Restore 47 | kind: Restore 48 | name: restores.k8s.mariadb.com 49 | version: v1alpha1 50 | - description: Defines a logical database 51 | displayName: Database 52 | kind: Database 53 | name: databases.k8s.mariadb.com 54 | version: v1alpha1 55 | - description: Grants permissions to an user in a database 56 | displayName: Grant 57 | kind: Grant 58 | name: grants.k8s.mariadb.com 59 | version: v1alpha1 60 | - description: Defines a SQL job 61 | displayName: SqlJob 62 | kind: SqlJob 63 | name: sqljobs.k8s.mariadb.com 64 | version: v1alpha1 65 | - description: Defines a user 66 | displayName: User 67 | kind: User 68 | name: users.k8s.mariadb.com 69 | version: v1alpha1 70 | - description: Defines a MaxScale database proxy 71 | displayName: MaxScale 72 | kind: MaxScale 73 | name: maxscales.k8s.mariadb.com 74 | version: v1alpha1 75 | description: | 76 | Install [`mariadb-operator`](https://github.com/mariadb-operator/mariadb-operator) via [OLM](https://olm.operatorframework.io/) using the [helm chart](https://artifacthub.io/packages/helm/mariadb-operator/mariadb-operator). 77 | 78 | This helm operator provides provides a 1:1 mapping between the official helm chart and the [`MariadbOperator`](https://github.com/mariadb-operator/mariadb-operator-helm/blob/main/config/samples/helm_v1alpha1_mariadboperator.yaml) CRD, allowing to install [`mariadb-operator`](https://github.com/mariadb-operator/mariadb-operator) via OLM without having to do any change in the helm chart. 79 | 80 | Normally, you would install [`mariadb-operator`](https://github.com/mariadb-operator/mariadb-operator) providing this `values.yaml` to the helm chart: 81 | ```yaml 82 | image: 83 | repository: ghcr.io/mariadb-operator/mariadb-operator 84 | pullPolicy: IfNotPresent 85 | logLevel: INFO 86 | ha: 87 | enabled: true 88 | metrics: 89 | enabled: true 90 | serviceMonitor: 91 | enabled: true 92 | webhook: 93 | cert: 94 | certManager: 95 | enabled: true 96 | ``` 97 | 98 | This helm chart installation is abstracted in the [`MariadbOperator`](https://github.com/mariadb-operator/mariadb-operator-helm/blob/main/config/samples/helm_v1alpha1_mariadboperator.yaml) CRD, which will be reconciled by the helm operator: 99 | ```yaml 100 | apiVersion: helm.k8s.mariadb.com/v1alpha1 101 | kind: MariadbOperator 102 | metadata: 103 | name: mariadb-operator 104 | spec: 105 | image: 106 | repository: ghcr.io/mariadb-operator/mariadb-operator 107 | pullPolicy: IfNotPresent 108 | logLevel: INFO 109 | ha: 110 | enabled: true 111 | metrics: 112 | enabled: true 113 | serviceMonitor: 114 | enabled: true 115 | webhook: 116 | cert: 117 | certManager: 118 | enabled: true 119 | ``` 120 | 121 | Once you have installed the operator, you will able to install a [`MariaDB`](https://github.com/mariadb-operator/mariadb-operator/blob/main/examples/manifests/mariadb_v1alpha1_mariadb.yaml) instance. Refer to the main [`mariadb-operator`](https://github.com/mariadb-operator/mariadb-operator) documentation for getting started with the rest of CRDs. 122 | 123 | ## Documentation 124 | * [mariadb-operator](https://github.com/mariadb-operator/mariadb-operator/blob/main/README.md) 125 | * [mariadb-operator-helm](https://github.com/mariadb-operator/mariadb-operator-helm/blob/main/README.md) 126 | 127 | ## Releases 128 | This operator is automatically published in the following repositories whenever a new version of the [helm chart](https://artifacthub.io/packages/helm/mariadb-operator/mariadb-operator) is released: 129 | - [k8s-operatorhub/community-operators](https://github.com/k8s-operatorhub/community-operators) 130 | - [redhat-openshift-ecosystem/community-operators-prod](https://github.com/redhat-openshift-ecosystem/community-operators-prod) 131 | 132 | ## Roadmap 133 | Take a look at our [roadmap](https://github.com/mariadb-operator/mariadb-operator/blob/main/ROADMAP.md) and feel free to open an issue to suggest new features. 134 | 135 | ## Contributing 136 | We welcome and encourage contributions to this project! Please check our [contributing](https://github.com/mariadb-operator/mariadb-operator/blob/main/CONTRIBUTING.md) and [development](https://github.com/mariadb-operator/mariadb-operator/blob/main/docs/DEVELOPMENT.md) guides. PRs welcome! 137 | 138 | ## Get in touch 139 | Join us on Slack: **[MariaDB Community Slack](https://r.mariadb.com/join-community-slack)**. 140 | displayName: MariaDB Operator 141 | icon: 142 | - base64data: iVBORw0KGgoAAAANSUhEUgAAASAAAAEgCAYAAAAUg66AAAAABHNCSVQICAgIfAhkiAAAHOVJREFUeJzt3XlgTOfCBvBnsm/VBJGIBBE0tTXETrm1VC1JVGtLShE7tS+t0trrKom2qJbartJaQpEQkrSWoATtp733qy1BNllkkE2SyXx/6PVZYkxmzpl3luf3l2Rmznlo+uQ9y/sehVqtVoOISAAr0QGIyHKxgIhIGBYQEQnDAiIiYVhARCQMC4iIhGEBEZEwLCAiEoYFRETCsICISBgWEBEJwwIiImFYQEQkDAuIiIRhARGRMCwgIhKGBUREwrCAiEgYFhARCcMCIiJhWEBEJAwLiIiEYQERkTAsICIShgVERMKwgIhIGBYQEQnDAiIiYVhARCQMC4iIhGEBEZEwLCAiEoYFRETCsICISBgWEBEJwwIiImFYQEQkDAuIiIRhARGRMCwgIhKGBUREwrCAiEgYFhARCcMCIiJhWEBEJAwLiIiEYQERkTAsICIShgVERMKwgIhIGBYQEQnDAiIiYVhARCSMjegARGTaLv3PJcREH0TSuSTcSElBWVkZmjRtimkzpiOgeXONn1Wo1Wq1gXISkZkoLS3Fgf378d369fjrf/+q8D22trbYvTcKjZs0ee52eAhGRForLy/Hvqi96N6lK2ZNn/Hc8gEeltT327Zp3B4PwYjohQoKCrAvKgpbN2/BtWvXtP7cuV/PanydBUREFcrPz8eJY8cRF3cU8UfjkJ+fX+lt3L17V+PrLCAiC3Pv3j3cu3cPRYWFKCwqQv79fOTn30dOdjZycnJw88ZN/HHpEpKTk1FeXq7XvkpKSjS+zgIiMiN5d/KQkpKM69evIyU5BRkZ6cjNyUVOdjZy79zBndxclJWVGSzPi65xsYCITNitmzeReDIRSUnncPbMr0hPTxcd6Qnu7u4aX2cBEZmYK5cv41BMDPZG7cWtmzdFx9HIw9NT4+ssICITUFhQiB9//AHb/7UNycnJouNorUaNGhpfZwERGbHc3Fxs2bQZ27dtg1KpFB2n0jw8PTS+zgIiMkIlJSXYvHET1q5erdPlb2Ph4+Oj8XUWEJGRSYhPwJJFC3Ej5YboKHp70VwwFhCRkSgqKsKK5cuxZdNm0VEk4ejoCH9/f43vYQERGYGLFy5g2pSpRn9VqzKat2gBaxvNFcPJqESC7fzhR4QOHGRW5QMAwX1DXvgeLsdBJIhKpULEihX45ut1oqNIztHJCWfOnYWzs7PG9/EQjEiABw8e4IPx45EQnyA6iiz6BAW9sHwAjoCIDK6oqAjjRo/GyRMnRUeRhb29PY4kxKNWrVovfC9HQEQGVFBQgPBhw5B0Lkl0FNkMHzFCq/IBOAIiMpiSkhKMHD4CpxITRUeRjbe3Nw4ePgQXFxet3s+rYEQGoFKpMH3qVLMuH2sba0R8sUrr8gFYQEQGsfDT+TgUHSM6hqxmzpqNFoGBlfoMC4hIZtu2bn3h4uymLmzIEIwcParSn+M5ICIZnTl9GsOGDDXoKoSG1rff21i+YgWsrCo/nmEBEckkMyMTQb17Ie9OnugoshkcGor5ixbC2tpap8/zMjyRDFRlZZg6eZJZl8+kKZMxacoUvbbBAiKSQWREJM6dPSc6hiwcHBywcMli9HvnHb23xUMwIomdOX0aQ8Pe0/uRNsbI19cXa9atQ8NXGkqyPV4FI5JQfn4+Zs+YaZbl07ff2/jp4EHJygfgIRiRpBYvWIi0tDTRMSRVpUoVzF+0EMEhL15eo7JYQEQS+eXnn7F71y7RMSTVrn17/HPF5/Dy8pJl+zwHRCSBoqIi9HyzB1Jv3RIdRRJ2dnaYPHUqRo0ZrdP9PdriCIhIAqsiIs2mfBo0bIiIVZF4tVEj2ffFERCRnv795594OyQEqjKV6Ch6USgUGB4ejhmzZsLOzs4g++QIiEgP5eXl+GTuPJMvH2dnZyxbvhw9e/cy6H5ZQER62Lp5C367eFF0DL3Uq1cPa79Zh/oNGhh83zwEI9JRZkYmenTrhoKCAtFRdPZWz55YvmIFnJydhOyfNyIS6WjZ0qUmXT5Dh72PL9esFlY+AA/BiHSSdC4J0QcPio6hs4mTPsCUadNEx+AhGFFlqVQqvB0cgn//+afoKDoZO348ZsyaKToGAB6CEVXaDzt2mGz59AkKwvSZM0THeIQjIKJKUCqV6N6li0mu89MiMBDbdmw32D0+2uAIiKgSVkVEmmT5vPTSS4j4YpVRlQ/AAiLS2l//+xd2bP9edAydzJk3F97e3qJjPIMFRKSlRQsWmOQdz6/4v4J33n1XdIwKsYCItBB98CDOnD4tOoZOxowbJ+uMdn3wJDTRCxQXF6NH124mudCYq5sbEs+chr29vegoFTLOWiQyIl+vWWOS5QMAPd7qYbTlA7CAiDS6dfMmNny7XnQMnXXt2k10BI1YQEQaLFm0GA8ePBAdQycODg5o16G96BgasYCInuPYL78g7uhR0TF01rZdOzg6OoqOoRELiKgCRUVFmP/Jp6Jj6KVrd+M+/AJYQEQVWhURiVs3b4qOoZfXO3USHeGFWEBET/nPf/6DLZs2iY6hF8+ankZ55/PTWEBEj1GpVPho1myUlZWJjqKXNm3bio6gFRYQ0WO2bNqEPy5dEh1Db61atRYdQSssIKK/paenY1VkpOgYkmjVhgVEZDLUajXmzP4QhQWFoqPorVq1aqhXr57oGFphAREB+NeWrTh54oToGJJo1bo1FAqF6BhaYQGRxbt29SqWL1smOoZkWgS2EB1BaywgsmglJSWYNmUqiouLRUeRzGsBAaIjaI0FRBZtyaLF+POPP0THkIyNjQ0aN2kiOobWWEBksaIPHsT3//qX6BiSaty4MRwcHETH0BoLiCzStWvXMGf2h6JjSK5ZwGuiI1QKC4gsjlKpxNiRo0z6scrP07yF6ZyABlhAZGHKysowacJEJCcni44ii+bNm4uOUCksILIocz+ag1OJiaJjyKJatWrwqV1bdIxKYQGRxVj5+Qrs3rVLdAzZtAgMFB2h0lhAZBE2btiAr9esER1DVqZ2/gdgAZEF2LxxE5YuXiI6huyatzCt8z8AC4jM3OaNm7Bk0SLRMWRnY2ODJk2bio5RaTaiAxDJQa1W45+ffWbSj9SpjMaNGxv9AvQVYQGR2SkoKMDMadNxJDZWdBSDCTDBwy+ABURmJiU5BePGjMGVy5dFRzEoU7wCBvAcEJmRA/v34+3gYIsrH8A0r4ABHAGRGbh//z4WfPop9kXtFR1FiBoeHvDy8hIdQycsIDJpPyckYN7HHyMzI1N0FGFMaQGyp7GAyCRlZWVh+bJlFjvqeVygiZ7/AVhAZGJKS0uxdfNmfLnqC7Ocza4LUz3/A7CAyESo1Wocio7B58uXm/wjk6Vkb2+PRo0bi46hMxYQGb3Ek4mIXLkSv128KDqK0XktIAB2dnaiY+iMBURGK+lcEr6IjMTpU6dERzFabduZxiOYn4cFREalvLwcvyT8jG/WrcP5pCTRcYxe6zZtREfQCwuIjEJhQSH2//QTNm7YgOvXr4uOYxLs7OwQYGIrID6NBURC5eTkYPu2bdi6ZSuUeXmi45iU1wICTOoJGBVhAZHBqdVqnEo8hR92bEfckaMoLS0VHckkmfr5H4AFRAaUk5ODPbt248cffsDNGzdExzF5pn7+B2ABkcxUKhVOnjiB3bt2cbQjIUdHR5OdAf84FhDJ4srly9i3dy+idu9Bdna26Dhmp1Xr1rC3txcdQ28sIJJMeno6Du4/gH17o3D5L8tbEsOQXu/cSXQESbCASC95d/IQe/gw9kZF4cL581Cr1aIjWYROnVhAZKGys7NxJDYWMQejce7sWZSXl4uOZFFq1qwJv/r1RceQBAuItJKeno4jh2Pxc0I8zpw5A1WZSnQki2Uuh18AC4g0uHXzJuLj4nEoJoaHV0akU6fOoiNIhgVET/jj0iXEHo7FkdhYXLt6VXQceoqtrS3ad+wgOoZkWEAWTqVS4cL5CzgSG4sjhw8jLS1NdCTSoG27dqhSpYroGJJhAVkglUqFixcu4lBMNA5FxyArK0t0JNLSWz17io4gKRaQhSguLsapk4mIiYlG/NE43L9/X3QkqiQrKyt06dZVdAxJsYDMmFKpRHxcHI7ExiLxxEkUFxeLjkR6CGzZEu7u7qJjSIoFZGaKi4vxc3wC9kbtwYnjJzj3yoyY2+EXwAIyCyUlJTh5/ARiYqJxJDYWhQWFoiORxBQKBbr3eFN0DMmxgEzU4yeS9//0E/LucDEvc9asWTOTffqpJiwgE6JWq3Hh/Hkc2H8Ah6KjkZubKzoSGcibb70lOoIsWEAm4MrlyzgUE4N9e/dxIS8LZGVlheC+IaJjyIIFZKRSklNwYP9+HDxwgHckW7iOr7+OmjVrio4hCxaQEUlLS8PR2COce0VP6D9ggOgIslGo+VMu1L179/DT3n3Ys3s3/rh0SXQcMjKubm449esZk376qSYcAQly4fx57Ni+HYeiY3iDID1XcEiw2ZYPwAIyuPNJSfjm66+REJ8gOgqZAHM+/AJYQAZzPikJkSsjcOb0adFRyES82qgRXm3USHQMWbGAZKZUKvHPpZ9h965dPKlMlTIodLDoCLLjSWgZHYqOwfxPPuENg1Rprm5uOJF4Eo5OTqKjyIojIBnczszER7M/xPFjx0RHIRM19P2hZl8+AEdAkos9fBgffzQHyjzOzSLdODg44PipRFStWlV0FNlxBCSRgoICLJq/ALt37RIdhUxcv3fesYjyAVhAkrh27RomjhuPK5f5NFDSj5WVFUaMHCk6hsFYiQ5g6n7atw99g4JZPiSJN3v0QF3fuqJjGAxHQDpSqVRYtmQpNm3cKDoKmQkrKyuMHT9OdAyDYgHpoKiwEFMmT0b80TjRUciMBIUEo0nTpqJjGBSvglVS1u3bGD1yFCeOkqRsbW1xJD4OPrVri45iUBwBVUJKcgqGhIYiIyNDdBQyM0OHDbO48gE4AtJacnIy3hscituZmaKjkJl5+eWXEX/sF7i6uoqOYnC8CqaF69evI2zQYJYPyWLCBxMtsnwAjoBeKCU5BYP690dOTo7oKGSGfH19ER172KzX/NGEIyAN8u7kYeTw4SwfkoVCocCCxYsstnwAFtBzFRUVYVR4OFJSUkRHITM1YNBAtO/QQXQMoXgIVgFVWRnGjh6DnxO4aqExcXFxQbm63Cye/Orl5YWDhw+hSpUqoqMIxRFQBSJXRrB8jIy1tTW+27wJjRs3ER1Fb1ZWVlgRGWHx5QOwgJ6REBePb9atEx2DnvL+8OEIbNkSd+8qRUfR2+gxY9C6TRvRMYwCC+gxqbduYeb06Vw61cg4OTth/ITxAACl8q7QLI6OjlAoFDp/vk3btpg6fZqEiUwbC+hvpaWlmDh+Au7eFfsDTs8aNDgUrm5uAIC7SnEjoBoeHvg1KQldunXV6fOeNT3x5ZrVsLbhBIT/YgH9LXLlSs7vMlIDBw0EACjz8vDgwQNhOQYMHAAnZye89NJLlf6so5MT1n37LapVqyZDMtPFAgJw7uw5fLd+g+gYVIHXAgLgV78+gIePrhbF2toa/Qc+LMJ7lRwlW1tbI/KLVRY3010bFl9Ad+/exbTJk6FSqURHoQr0e6ffoz+np6cLy9H5jX+gVq1aAID79+9r/TmFQoFFS5agW/fuckUzaRZdQOXl5Zg5fTpntxspOzs79A4KevR16q1bwrKEhoU9+vOdO9o9cEChUGD+ooUY8PchJD3LogtozVerkRAXLzoGPUeXbl2fmKR55coVITm8vb3RqXPnR19rMynZ2toaCxYvQth778kZzeRZ7On4kydOYvWXX4qOQRr0e+fdJ76+/JeYdbcHDh4EK6uHv6sLCgqQn5+v8f12dnZYERGBXn16GyKeSbPIArp29SomT5zI8z5GrFq1aujUudOjr9VqNa4KGAE5Ojpi4OD/f0Ry5gtGPzVq1MBXa9cgsGVLuaOZBYs7BMvOzkb4sOG838fIBYeEwOax+2WSk5NfOPKQQ/+BA554RldmxvMLqGWrlth38ADLpxIsagRUWFCIUSPCkZqaKjoKaaBQKDBw8KAnvvfbxYsGz2FjY4PwUaOe+N7t288WkI2NDT6YPBljx43lTYaVZDH/Wg/vdB7Pmw1NQKfOnVG/QYMnvvf7xd8MnqNPcNCjS+//9fQJ6FatW2Pep5+gUePGhoxmNvQuoKysLNxIuYGSkpJHN2i5vOQCBwdHODs7obq7O9zd3fWaP6OvsrIyfDB+Ao4fOyYsA2kvfNSzTwb99ddfDZpBoVBg9Jixz3w/M/M2AMDf3x8zZs/CP954w6C5zE2lCygrKwvRBw7g2C/HcPHCBRQUFLzwM7a2tvDw9ISXlxd86/nCz88P9Rs0QD0/P9SqVUvWclKpVJg2ZQrijh6VbR8knUaNGz+zSNftzEyDn4B+o2sXNHyl4TPft7W1wcrISASFBD+6Mka603pBMmVeHlZ8/jmidu9BSUmJZAEcnZzg5+f3dynVh2+9eqhfvz7q1K0LW1tbvbZ97949fDRrNmIPH5YoLclt6/fbnimgPbt3Y/aMmQbLoFAosHPPbjRv0cJg+7RUWo2Ajh87hg9nzkJWVpbkAYoKC/HHpUvPnJuxtrFGbZ/a8KtfH371/VDPzw+1a9eBp6cHPDw9n7uObmlpKS7/9Rfijh7Fjzt+kCWzXKxtrOHi7AJra2s4u7g88VppaQmKCotQXl5eqakApiQ4JKTCJUoNvThcr969WT4G8sIR0KaNG/HZ4iUoLy83VCatuLq64qUqVeDk5AhbWzuUlpagIL8AmZmZKCsrEx3vuV5++WW84u8P/1f90aBhQ3h6esLT0xPV3d1RvXp1rQ9HS0pKoMzLw528PCjz8pCbm4u8O3eQk5ODtLQ0pKelIyMjAxnp6SgtLZX5b6U/n9q1sT/64DMzzYuLi9E6MNBgy7A6ODggNj7umZPPJA+NI6BVERFY/eVXhspSKUqlEkqBa8Noq3adOmjfoT06dOiIgBbNUbNmTUm2a2dnhxoeHqjh4aHxfWq1GtnZ2UhPS0NGegYyMtIfFVR6+sM/K/O0m9skF3d3d2zcsrnCZS5Onjhh0DWgR44exfIxoOeOgPbuicLM6dMNncfkKRQKtGzVCkEhwejUuTO8vb1FR3qhwoJCpKamIjU1FWmpqUhLS31YUqlpSE9PR25urmwjYH9/f3z19Vr4+vpW+PrE8eNxOOaQLPt+mmdNTxyNj4ejk5NB9kcaRkAXzp+HtY01VGWcrqCN6tWrY3BYKN4dMMDkfoM6OTuh4SsNK7zqAzxcNSA3Nxe5ubnIun0buTm5yM7ORnZWFnJzc6FUKqFSlaGwsAilpaUoLi5+YuEwe3t7ODg4wM7ODm5V3eDm6oaq1aqibl1fBPcNgYODQ4X7zc3NRfzROFn+zhWZOXs2y8fANJ4DupFyA5/Om4uTJ04aMpNJqVevHsZNmIDeQX0s+gFzctjw7XosW7rUIPtq2aolduzcKfR+NUuk1WX4Q9ExmP/JJ8jNzTVEJpPg5eWF8RMnov+A/rz9XiY9unXHtatXZd+Po5MTDkRHo65vXdn3RU/S6k6qnr17ITY+7ok1USxVDQ8PLFi0EPHHfsGg0MEsH5mcO3vOIOUDAHPnzWP5CKL1rZyurq5Yv/E7jBj57G3ylsDRyQnTZ85AwrFfEDZkiN43SZJmP2zfbpD9dOna5ZmJr2Q4Oj2aefeuXfjk47mS3hFtzN7q1RMfz5sn2SV00uzmjRvo3rWr7BdAqlatipgjsahevbqs+6Hn02kyy7v9+2Pbju1wd3eXOo9R8fPzw5Zt27B67VqWjwF9vWatQa6+Lv5sKctHMJ1n07UIDMTe/fvRtJn5PWrE0dERsz78ENGxh9Gh47NTA0g+qamp2BsVJft+ho8YgTd79JB9P6SZXtN5PWt6YsfOnQgbMsRsZgZ3fL0jYmIPY/TYMU+syEeGsW7tWtmn0rRr3x4fzvlI1n2QdnQ6B1SR33/7DXPnfIz//PvfUmzO4NyqumHOx3Px9mPPoSLDSktLQ7d/vCHr3LU6detgd9ReuFV1k20fpD3Jhi2vBQRg3/6f8PG8uY+e420qQt7ui9i4OJaPYJ8v+6es5VO1alVs3LyF5WNEJBsBPS4/Px8fzZ6NQ9ExUm9aUrXr1MHCxYvQ8fXXRUexeEnnkjB4wADI8OMI4OFtFNu2f4/XAgJk2T7pRpaTHC4uLkY9CdPGxgZhQ97DjJkzOffHCJSXl2PJooWylY+DgwO+3bCe5WOEZCmgnxMSsOHb9XJsWm+BLVti0ZIlz514SYa3e+cuXPofeR4W4ODggG82bEC79u1l2T7pR/JDsMyMTAT17oU8LZ+fbShVqlTBzA9nY+CgQWZzxc4c3L17F2926SrLPEMXFxd8s2E92rRtK/m2SRqSjoBUZWWYMukDoyofhUKBPkFBmDNvrtnfOGmKli5aLEv5VKtWDd9t3oQmTc3vPjVzImkBRa6MQNK5JCk3qZemzZpizty5aNW6tegoVIFTiYmI2rNH8u36+vrim+82oF69epJvm6Ql2SHYiePHET5suFGsHe3l5YXps2YiOCSE67sYqYKCAvR6swfS0tIk3W6Xrl0Q8cUXcHlqUX8yTpKMgHJycjBr+gzh5VOrVi0MDw/H4LBQ2NvbC81Cmi3/bJmk5WNtY40JEydi4qRJPMdnQvQuIJVKhUkTJiI7O1uKPDqp36ABRo0ZjZC+fTl9wgScSkzEDgmX2/D29kbEF6vQIjBQsm2SYej9f+u369bhrIEfm/tfHTp2wIiRI9Gpc2ceapkIpVKJWTOkGS0rFAqEDRmCWbNnw8mZ93OZIr0KKDk52eCP7bG2tkafoCCMGjsG/v7+Bt036e+TuXORmZGp93Ze8X8F8xcu5AUGE6dzAanVasz9aM4TTz+Qk62tLfr264ex48ahTt06BtknSWtf1F7EHIzWaxuurq6YPHUqQsNCuRyuGdD5v+CuH3fi1zNnpMxSISdnJwwcNBgjRoZzUTATduXyZSz49FOdP+/i4oIRI8MxPDy8wgcYkmnS6TJ8UWEhOnXsKOsNh25V3TD0/WEY8v5QuLq6yrYfkl9KcgpCBw5EVlZWpT9bvXp1vDd0KN4bOoQ/B2ZIpxHQrp27ZCsfbx8fjAgPR/+BA+Do6CjLPshw0tPTMTQsrNLlE9C8OQaFDkZwSAift2bGdCqgw4ekfVSutbU1Or/xD4SGhaFT5868j8NMZGVlYWhoGNLT07V6f61atdCzdy+8278/6jdoIHM6MgY6FdDly5f13rFCocBrAQHoExSEXn16o0aNGnpvk4xH3p08vP/eEKSkpGh8n6+vL7r3eBM9evZEs2bNeDuFhdGpgNzd3aHMq/whmJeXF9q0a4sOHTqifccOLB0zdf/+fQwbOhRXHvtFVaVKFXj7+MDHxwfePj5o1KgRApo35xVNC6fTSegzp09j9Zdf4ffff0dRYSEAwNnZGTY2NnBxcYF7jRrw8PCAZ01PePv4wN/fH682asSTiBYiJycH2VlZcHFxgbOLCxwdHXk+jyoky5KsRETa4NleIhKGBUREwrCAiEgYFhARCcMCIiJhWEBEJAwLiIiEYQERkTAsICIShgVERMKwgIhIGBYQEQnDAiIiYVhARCQMC4iIhGEBEZEwLCAiEoYFRETCsICISBgWEBEJwwIiImFYQEQkDAuIiIRhARGRMCwgIhKGBUREwrCAiEgYFhARCcMCIiJhWEBEJAwLiIiEYQERkTAsICIShgVERMKwgIhIGBYQEQnDAiIiYVhARCQMC4iIhGEBEZEwLCAiEoYFRETCsICISBgWEBEJwwIiImFYQEQkDAuIiIRhARGRMCwgIhKGBUREwrCAiEgYFhARCcMCIiJhWEBEJMz/AbUnAlX5uNt8AAAAAElFTkSuQmCC 143 | mediatype: image/png 144 | install: 145 | spec: 146 | deployments: null 147 | strategy: "" 148 | installModes: 149 | - supported: true 150 | type: OwnNamespace 151 | - supported: true 152 | type: SingleNamespace 153 | - supported: true 154 | type: MultiNamespace 155 | - supported: true 156 | type: AllNamespaces 157 | keywords: 158 | - mariadb 159 | - mysql 160 | - operator 161 | - mariadb-operator 162 | - database 163 | - maxscale 164 | links: 165 | - name: GitHub 166 | url: https://github.com/mariadb-operator/mariadb-operator 167 | maintainers: 168 | - email: mariadb-operator@proton.me 169 | name: mmontes11 170 | maturity: alpha 171 | minKubeVersion: 1.16.0 172 | provider: 173 | name: mariadb-operator 174 | url: https://github.com/mariadb-operator/mariadb-operator 175 | version: 0.0.0 176 | -------------------------------------------------------------------------------- /config/manifests/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # These resources constitute the fully configured set of manifests 2 | # used to generate the 'manifests/' directory in a bundle. 3 | resources: 4 | - bases/mariadb-operator.clusterserviceversion.yaml 5 | - crds/crds.yaml 6 | - ../default 7 | - ../samples 8 | - ../scorecard 9 | -------------------------------------------------------------------------------- /config/prometheus/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - monitor.yaml 3 | -------------------------------------------------------------------------------- /config/prometheus/monitor.yaml: -------------------------------------------------------------------------------- 1 | 2 | # Prometheus Monitor Service (Metrics) 3 | apiVersion: monitoring.coreos.com/v1 4 | kind: ServiceMonitor 5 | metadata: 6 | labels: 7 | control-plane: controller-manager 8 | app.kubernets.io/name: servicemonitor 9 | app.kubernetes.io/instance: controller-manager-metrics-monitor 10 | app.kubernetes.io/component: metrics 11 | app.kubernetes.io/created-by: helm-operator 12 | app.kubernetes.io/part-of: helm-operator 13 | app.kubernetes.io/managed-by: kustomize 14 | name: controller-manager-metrics-monitor 15 | namespace: system 16 | spec: 17 | endpoints: 18 | - path: /metrics 19 | port: https 20 | scheme: https 21 | bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token 22 | tlsConfig: 23 | insecureSkipVerify: true 24 | selector: 25 | matchLabels: 26 | control-plane: controller-manager 27 | -------------------------------------------------------------------------------- /config/rbac/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | # All RBAC will be applied under this service account in 3 | # the deployment namespace. You may comment out this resource 4 | # if your manager will use a service account that exists at 5 | # runtime. Be sure to update RoleBinding and ClusterRoleBinding 6 | # subjects if changing service account names. 7 | - service_account.yaml 8 | - role.yaml 9 | - role_binding.yaml 10 | - leader_election_role.yaml 11 | - leader_election_role_binding.yaml 12 | -------------------------------------------------------------------------------- /config/rbac/leader_election_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions to do leader election. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | labels: 6 | app.kubernetes.io/name: role 7 | app.kubernetes.io/instance: leader-election-role 8 | app.kubernetes.io/component: rbac 9 | app.kubernetes.io/created-by: helm-operator 10 | app.kubernetes.io/part-of: helm-operator 11 | app.kubernets.io/managed-by: kustomize 12 | name: leader-election-role 13 | rules: 14 | - apiGroups: 15 | - "" 16 | resources: 17 | - configmaps 18 | verbs: 19 | - get 20 | - list 21 | - watch 22 | - create 23 | - update 24 | - patch 25 | - delete 26 | - apiGroups: 27 | - coordination.k8s.io 28 | resources: 29 | - leases 30 | verbs: 31 | - get 32 | - list 33 | - watch 34 | - create 35 | - update 36 | - patch 37 | - delete 38 | - apiGroups: 39 | - "" 40 | resources: 41 | - events 42 | verbs: 43 | - create 44 | - patch 45 | -------------------------------------------------------------------------------- /config/rbac/leader_election_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | labels: 5 | app.kubernetes.io/name: rolebinding 6 | app.kubernetes.io/instance: leader-election-rolebinding 7 | app.kubernetes.io/component: rbac 8 | app.kubernetes.io/created-by: helm-operator 9 | app.kubernetes.io/part-of: helm-operator 10 | app.kubernetes.io/managed-by: kustomize 11 | name: leader-election-rolebinding 12 | roleRef: 13 | apiGroup: rbac.authorization.k8s.io 14 | kind: Role 15 | name: leader-election-role 16 | subjects: 17 | - kind: ServiceAccount 18 | name: controller-manager 19 | namespace: system 20 | -------------------------------------------------------------------------------- /config/rbac/mariadboperator_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit mariadboperators. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | labels: 6 | app.kubernetes.io/name: clusterrole 7 | app.kubernetes.io/instance: mariadboperator-editor-role 8 | app.kubernetes.io/component: rbac 9 | app.kubernetes.io/created-by: helm-operator 10 | app.kubernetes.io/part-of: helm-operator 11 | app.kubernetes.io/managed-by: kustomize 12 | name: mariadboperator-editor-role 13 | rules: 14 | - apiGroups: 15 | - helm.mariadb.mmontes.io 16 | resources: 17 | - mariadboperators 18 | verbs: 19 | - create 20 | - delete 21 | - get 22 | - list 23 | - patch 24 | - update 25 | - watch 26 | - apiGroups: 27 | - helm.mariadb.mmontes.io 28 | resources: 29 | - mariadboperators/status 30 | verbs: 31 | - get 32 | -------------------------------------------------------------------------------- /config/rbac/mariadboperator_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view mariadboperators. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | labels: 6 | app.kubernetes.io/name: clusterrole 7 | app.kubernetes.io/instance: mariadboperator-viewer-role 8 | app.kubernetes.io/component: rbac 9 | app.kubernetes.io/created-by: helm-operator 10 | app.kubernetes.io/part-of: helm-operator 11 | app.kubernetes.io/managed-by: kustomize 12 | name: mariadboperator-viewer-role 13 | rules: 14 | - apiGroups: 15 | - helm.mariadb.mmontes.io 16 | resources: 17 | - mariadboperators 18 | verbs: 19 | - get 20 | - list 21 | - watch 22 | - apiGroups: 23 | - helm.mariadb.mmontes.io 24 | resources: 25 | - mariadboperators/status 26 | verbs: 27 | - get 28 | -------------------------------------------------------------------------------- /config/rbac/role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: manager-role 5 | rules: 6 | ## 7 | ## Base operator rules 8 | ## 9 | # We need to get namespaces so the operator can read namespaces to ensure they exist 10 | - apiGroups: 11 | - "" 12 | resources: 13 | - namespaces 14 | verbs: 15 | - get 16 | # We need to manage Helm release secrets 17 | - apiGroups: 18 | - "" 19 | resources: 20 | - secrets 21 | verbs: 22 | - "*" 23 | # We need to create events on CRs about things happening during reconciliation 24 | - apiGroups: 25 | - "" 26 | resources: 27 | - events 28 | verbs: 29 | - create 30 | 31 | ## 32 | ## Rules for helm.mariadb.mmontes.io/v1alpha1, Kind: MariadbOperator 33 | ## 34 | - apiGroups: 35 | - helm.mariadb.mmontes.io 36 | resources: 37 | - mariadboperators 38 | - mariadboperators/status 39 | - mariadboperators/finalizers 40 | verbs: 41 | - create 42 | - delete 43 | - get 44 | - list 45 | - patch 46 | - update 47 | - watch 48 | - verbs: 49 | - "*" 50 | apiGroups: 51 | - "rbac.authorization.k8s.io" 52 | resources: 53 | - "clusterrolebindings" 54 | - "clusterroles" 55 | - verbs: 56 | - "*" 57 | apiGroups: 58 | - "admissionregistration.k8s.io" 59 | resources: 60 | - "validatingwebhookconfigurations" 61 | - "mutatingwebhookconfigurations" 62 | - verbs: 63 | - "*" 64 | apiGroups: 65 | - "rbac.authorization.k8s.io" 66 | resources: 67 | - "rolebindings" 68 | - "roles" 69 | - verbs: 70 | - "*" 71 | apiGroups: 72 | - "apps" 73 | resources: 74 | - "deployments" 75 | - verbs: 76 | - "*" 77 | apiGroups: 78 | - "" 79 | resources: 80 | - "serviceaccounts" 81 | - "services" 82 | 83 | ## 84 | ## Extra rules needed by the helm operator 85 | ## 86 | - verbs: 87 | - "*" 88 | apiGroups: 89 | - "apiextensions.k8s.io" 90 | resources: 91 | - "customresourcedefinitions" 92 | - verbs: 93 | - "*" 94 | apiGroups: 95 | - "cert-manager.io" 96 | resources: 97 | - "certificates" 98 | - "issuers" 99 | - verbs: 100 | - "*" 101 | apiGroups: 102 | - monitoring.coreos.com 103 | resources: 104 | - servicemonitors 105 | #+kubebuilder:scaffold:rules 106 | -------------------------------------------------------------------------------- /config/rbac/role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | labels: 5 | app.kubernetes.io/name: clusterrolebinding 6 | app.kubernetes.io/instance: manager-rolebinding 7 | app.kubernetes.io/component: rbac 8 | app.kubernetes.io/created-by: helm-operator 9 | app.kubernetes.io/part-of: helm-operator 10 | app.kubernetes.io/managed-by: kustomize 11 | name: manager-rolebinding 12 | roleRef: 13 | apiGroup: rbac.authorization.k8s.io 14 | kind: ClusterRole 15 | name: manager-role 16 | subjects: 17 | - kind: ServiceAccount 18 | name: controller-manager 19 | namespace: system 20 | -------------------------------------------------------------------------------- /config/rbac/service_account.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | labels: 5 | app.kubernetes.io/name: serviceaccount 6 | app.kubernetes.io/instance: controller-manager-sa 7 | app.kubernetes.io/component: rbac 8 | app.kubernetes.io/created-by: helm-operator 9 | app.kubernetes.io/part-of: helm-operator 10 | app.kubernetes.io/managed-by: kustomize 11 | name: controller-manager 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/samples/backup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: k8s.mariadb.com/v1alpha1 2 | kind: Backup 3 | metadata: 4 | name: backup 5 | spec: 6 | mariaDbRef: 7 | name: mariadb 8 | schedule: 9 | cron: "*/1 * * * *" 10 | suspend: false 11 | maxRetention: 720h # 30 days 12 | storage: 13 | s3: 14 | bucket: backups 15 | prefix: mariadb 16 | endpoint: minio.minio.svc.cluster.local:9000 17 | accessKeyIdSecretKeyRef: 18 | name: minio 19 | key: access-key-id 20 | secretAccessKeySecretKeyRef: 21 | name: minio 22 | key: secret-access-key 23 | tls: 24 | enabled: true 25 | caSecretKeyRef: 26 | name: minio-ca 27 | key: ca.crt 28 | args: 29 | - --single-transaction 30 | - --all-databases 31 | logLevel: info 32 | resources: 33 | requests: 34 | cpu: 100m 35 | memory: 128Mi 36 | limits: 37 | cpu: 300m 38 | memory: 512Mi -------------------------------------------------------------------------------- /config/samples/connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: k8s.mariadb.com/v1alpha1 2 | kind: Connection 3 | metadata: 4 | name: connection 5 | spec: 6 | mariaDbRef: 7 | name: mariadb 8 | username: mariadb 9 | passwordSecretKeyRef: 10 | name: mariadb 11 | key: password 12 | database: mariadb 13 | params: 14 | parseTime: "true" 15 | secretName: connection 16 | secretTemplate: 17 | labels: 18 | k8s.mariadb.com/connection: sample 19 | annotations: 20 | k8s.mariadb.com/connection: sample 21 | key: dsn 22 | usernameKey: username 23 | passwordKey: password 24 | hostKey: host 25 | portKey: port 26 | databaseKey: database 27 | healthCheck: 28 | interval: 10s 29 | retryInterval: 3s 30 | serviceName: mariadb 31 | -------------------------------------------------------------------------------- /config/samples/database.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: k8s.mariadb.com/v1alpha1 2 | kind: Database 3 | metadata: 4 | name: data-test 5 | spec: 6 | # If you want the database to be created with a different name than the resource name 7 | # name: data-custom 8 | mariaDbRef: 9 | name: mariadb 10 | characterSet: utf8 11 | collate: utf8_general_ci 12 | retryInterval: 5s -------------------------------------------------------------------------------- /config/samples/grant.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: k8s.mariadb.com/v1alpha1 2 | kind: Grant 3 | metadata: 4 | name: grant 5 | spec: 6 | mariaDbRef: 7 | name: mariadb 8 | privileges: 9 | - "SELECT" 10 | - "INSERT" 11 | - "UPDATE" 12 | # - "ALL PRIVILEGES" 13 | database: "*" 14 | table: "*" 15 | username: user 16 | grantOption: true 17 | host: "%" 18 | requeueInterval: 30s 19 | retryInterval: 5s -------------------------------------------------------------------------------- /config/samples/kustomization.yaml: -------------------------------------------------------------------------------- 1 | ## Append samples you want in your CSV to this file as resources ## 2 | resources: 3 | - mariadboperator.yaml 4 | - backup.yaml 5 | - connection.yaml 6 | - database.yaml 7 | - grant.yaml 8 | - mariadb.yaml 9 | - maxscale.yaml 10 | - restore.yaml 11 | - sqljob.yaml 12 | - user.yaml 13 | #+kubebuilder:scaffold:manifestskustomizesamples 14 | -------------------------------------------------------------------------------- /config/samples/mariadb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: k8s.mariadb.com/v1alpha1 2 | kind: MariaDB 3 | metadata: 4 | name: mariadb 5 | spec: 6 | rootPasswordSecretKeyRef: 7 | name: mariadb-root 8 | key: password 9 | generate: true 10 | 11 | username: mariadb 12 | passwordSecretKeyRef: 13 | name: mariadb-password 14 | key: password 15 | generate: true 16 | database: mariadb 17 | 18 | storage: 19 | size: 1Gi 20 | 21 | replicas: 3 22 | 23 | galera: 24 | enabled: true 25 | 26 | service: 27 | type: ClusterIP 28 | connection: 29 | secretName: mariadb-conn 30 | secretTemplate: 31 | key: dsn 32 | primaryService: 33 | type: ClusterIP 34 | primaryConnection: 35 | secretName: mariadb-conn-primary 36 | secretTemplate: 37 | key: dsn 38 | secondaryService: 39 | type: ClusterIP 40 | secondaryConnection: 41 | secretName: mariadb-conn-secondary 42 | secretTemplate: 43 | key: dsn 44 | 45 | updateStrategy: 46 | type: ReplicasFirstPrimaryLast 47 | 48 | myCnf: | 49 | [mariadb] 50 | bind-address=* 51 | default_storage_engine=InnoDB 52 | binlog_format=row 53 | innodb_autoinc_lock_mode=2 54 | innodb_buffer_pool_size=1024M 55 | max_allowed_packet=256M 56 | 57 | metrics: 58 | passwordSecretKeyRef: 59 | name: mariadb-metrics 60 | key: password 61 | generate: true 62 | enabled: true -------------------------------------------------------------------------------- /config/samples/mariadboperator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: helm.mariadb.mmontes.io/v1alpha1 2 | kind: MariadbOperator 3 | metadata: 4 | name: mariadb-operator 5 | spec: 6 | nameOverride: "" 7 | fullnameOverride: "" 8 | 9 | image: 10 | repository: ghcr.io/mariadb-operator/mariadb-operator 11 | pullPolicy: IfNotPresent 12 | # -- Image tag to use. By default the chart appVersion is used 13 | tag: "" 14 | imagePullSecrets: [] 15 | 16 | # -- Controller log level 17 | logLevel: INFO 18 | 19 | # -- Cluster DNS name 20 | clusterName: cluster.local 21 | 22 | ha: 23 | # -- Enable high availability 24 | enabled: false 25 | # -- Number of replicas 26 | replicas: 3 27 | 28 | metrics: 29 | # -- Enable prometheus metrics. Prometheus must be installed in the cluster 30 | enabled: false 31 | serviceMonitor: 32 | # -- Enable controller ServiceMonitor 33 | enabled: true 34 | # -- Labels to be added to the controller ServiceMonitor 35 | additionalLabels: {} 36 | # release: kube-prometheus-stack 37 | # -- Interval to scrape metrics 38 | interval: 30s 39 | # -- Timeout if metrics can't be retrieved in given time interval 40 | scrapeTimeout: 25s 41 | 42 | serviceAccount: 43 | # -- Specifies whether a service account should be created 44 | enabled: true 45 | # -- Automounts the service account token in all containers of the Pod 46 | automount: true 47 | # -- Annotations to add to the service account 48 | annotations: {} 49 | # -- Extra Labels to add to the service account 50 | extraLabels: {} 51 | # -- The name of the service account to use. 52 | # If not set and enabled is true, a name is generated using the fullname template 53 | name: "" 54 | 55 | rbac: 56 | # -- Specifies whether RBAC resources should be created 57 | enabled: true 58 | 59 | # -- Extra arguments to be passed to the controller entrypoint 60 | extrArgs: [] 61 | 62 | # -- Extra volumes to pass to pod. 63 | extraVolumes: [] 64 | 65 | # -- Extra volumes to mount to the container. 66 | extraVolumeMounts: [] 67 | 68 | # -- Annotations to add to controller Pod 69 | podAnnotations: {} 70 | 71 | # -- Security context to add to controller Pod 72 | podSecurityContext: {} 73 | 74 | # -- Security context to add to controller container 75 | securityContext: {} 76 | 77 | # -- Resources to add to controller container 78 | resources: {} 79 | # requests: 80 | # cpu: 10m 81 | # memory: 32Mi 82 | 83 | # -- Node selectors to add to controller Pod 84 | nodeSelector: {} 85 | 86 | # -- Tolerations to add to controller Pod 87 | tolerations: [] 88 | 89 | # -- Affinity to add to controller Pod 90 | affinity: {} 91 | 92 | webhook: 93 | image: 94 | repository: ghcr.io/mariadb-operator/mariadb-operator 95 | pullPolicy: IfNotPresent 96 | # -- Image tag to use. By default the chart appVersion is used 97 | tag: "" 98 | imagePullSecrets: [] 99 | ha: 100 | # -- Enable high availability 101 | enabled: false 102 | # -- Number of replicas 103 | replicas: 3 104 | cert: 105 | certManager: 106 | # -- Whether to use cert-manager to issue and rotate the certificate. If set to false, mariadb-operator's cert-controller will be used instead. 107 | enabled: false 108 | # -- Issuer reference to be used in the Certificate resource. If not provided, a self-signed issuer will be used. 109 | issuerRef: {} 110 | # -- Duration to be used in the Certificate resource, 111 | duration: "" 112 | # -- Renew before duration to be used in the Certificate resource. 113 | renewBefore: "" 114 | # -- Annotatioms to be added to webhook TLS secret. 115 | secretAnnotations: {} 116 | # -- Path where the CA certificate will be mounted. 117 | caPath: /tmp/k8s-webhook-server/certificate-authority 118 | # -- Path where the certificate will be mounted. 119 | path: /tmp/k8s-webhook-server/serving-certs 120 | # -- Port to be used by the webhook server 121 | port: 10250 122 | # -- Expose the webhook server in the host network 123 | hostNetwork: false 124 | serviceMonitor: 125 | # -- Enable webhook ServiceMonitor. Metrics must be enabled 126 | enabled: true 127 | # -- Labels to be added to the webhook ServiceMonitor 128 | additionalLabels: {} 129 | # release: kube-prometheus-stack 130 | # -- Interval to scrape metrics 131 | interval: 30s 132 | # -- Timeout if metrics can't be retrieved in given time interval 133 | scrapeTimeout: 25s 134 | serviceAccount: 135 | # -- Specifies whether a service account should be created 136 | enabled: true 137 | # -- Automounts the service account token in all containers of the Pod 138 | automount: true 139 | # -- Annotations to add to the service account 140 | annotations: {} 141 | # -- Extra Labels to add to the service account 142 | extraLabels: {} 143 | # -- The name of the service account to use. 144 | # If not set and enabled is true, a name is generated using the fullname template 145 | name: "" 146 | # -- Annotations for webhook configurations. 147 | annotations: {} 148 | # -- Extra arguments to be passed to the webhook entrypoint 149 | extrArgs: [] 150 | # -- Extra volumes to pass to webhook Pod 151 | extraVolumes: [] 152 | # -- Extra volumes to mount to webhook container 153 | extraVolumeMounts: [] 154 | # -- Annotations to add to webhook Pod 155 | podAnnotations: {} 156 | # -- Security context to add to webhook Pod 157 | podSecurityContext: {} 158 | # -- Security context to add to webhook container 159 | securityContext: {} 160 | # -- Resources to add to webhook container 161 | resources: {} 162 | # requests: 163 | # cpu: 10m 164 | # memory: 32Mi 165 | # -- Node selectors to add to controller Pod 166 | nodeSelector: {} 167 | # -- Tolerations to add to controller Pod 168 | tolerations: [] 169 | # -- Affinity to add to controller Pod 170 | affinity: {} 171 | 172 | certController: 173 | # -- Specifies whether the cert-controller should be created. 174 | enabled: true 175 | image: 176 | repository: ghcr.io/mariadb-operator/mariadb-operator 177 | pullPolicy: IfNotPresent 178 | # -- Image tag to use. By default the chart appVersion is used 179 | tag: "" 180 | imagePullSecrets: [] 181 | ha: 182 | # -- Enable high availability 183 | enabled: false 184 | # -- Number of replicas 185 | replicas: 3 186 | # -- CA certificate validity. It must be greater than certValidity. 187 | caValidity: 35064h 188 | # -- Certificate validity. 189 | certValidity: 8766h 190 | # -- Duration used to verify whether a certificate is valid or not. 191 | lookaheadValidity: 2160h 192 | # -- Requeue duration to ensure that certificate gets renewed. 193 | requeueDuration: 5m 194 | serviceMonitor: 195 | # -- Enable cert-controller ServiceMonitor. Metrics must be enabled 196 | enabled: true 197 | # -- Labels to be added to the cert-controller ServiceMonitor 198 | additionalLabels: {} 199 | # release: kube-prometheus-stack 200 | # -- Interval to scrape metrics 201 | interval: 30s 202 | # -- Timeout if metrics can't be retrieved in given time interval 203 | scrapeTimeout: 25s 204 | serviceAccount: 205 | # -- Specifies whether a service account should be created 206 | enabled: true 207 | # -- Automounts the service account token in all containers of the Pod 208 | automount: true 209 | # -- Annotations to add to the service account 210 | annotations: {} 211 | # -- Extra Labels to add to the service account 212 | extraLabels: {} 213 | # -- The name of the service account to use. 214 | # If not set and enabled is true, a name is generated using the fullname template 215 | name: "" 216 | # -- Extra arguments to be passed to the cert-controller entrypoint 217 | extrArgs: [] 218 | # -- Extra volumes to pass to cert-controller Pod 219 | extraVolumes: [] 220 | # -- Extra volumes to mount to cert-controller container 221 | extraVolumeMounts: [] 222 | # -- Annotations to add to cert-controller Pod 223 | podAnnotations: {} 224 | # -- Security context to add to cert-controller Pod 225 | podSecurityContext: {} 226 | # -- Security context to add to cert-controller container 227 | securityContext: {} 228 | # -- Resources to add to cert-controller container 229 | resources: {} 230 | # requests: 231 | # cpu: 10m 232 | # memory: 32Mi 233 | # -- Node selectors to add to controller Pod 234 | nodeSelector: {} 235 | # -- Tolerations to add to controller Pod 236 | tolerations: [] 237 | # -- Affinity to add to controller Pod 238 | affinity: {} 239 | -------------------------------------------------------------------------------- /config/samples/maxscale.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: k8s.mariadb.com/v1alpha1 2 | kind: MaxScale 3 | metadata: 4 | name: maxscale-galera 5 | spec: 6 | replicas: 3 7 | 8 | mariaDbRef: 9 | name: mariadb-galera 10 | 11 | services: 12 | - name: rw-router 13 | router: readwritesplit 14 | params: 15 | transaction_replay: "true" 16 | transaction_replay_attempts: "10" 17 | transaction_replay_timeout: "5s" 18 | max_slave_connections: "255" 19 | max_replication_lag: "3s" 20 | master_accept_reads: "true" 21 | listener: 22 | port: 3306 23 | protocol: MariaDBProtocol 24 | params: 25 | connection_metadata: "tx_isolation=auto" 26 | - name: rconn-master-router 27 | router: readconnroute 28 | params: 29 | router_options: "master" 30 | max_replication_lag: "3s" 31 | master_accept_reads: "true" 32 | listener: 33 | port: 3307 34 | - name: rconn-slave-router 35 | router: readconnroute 36 | params: 37 | router_options: "slave" 38 | max_replication_lag: "3s" 39 | listener: 40 | port: 3308 41 | 42 | monitor: 43 | interval: 2s 44 | cooperativeMonitoring: majority_of_all 45 | params: 46 | disable_master_failback: "false" 47 | available_when_donor: "false" 48 | disable_master_role_setting: "false" 49 | 50 | admin: 51 | port: 8989 52 | guiEnabled: true 53 | 54 | config: 55 | sync: 56 | database: mysql 57 | interval: 5s 58 | timeout: 10s 59 | 60 | auth: 61 | generate: true 62 | 63 | kubernetesService: 64 | type: LoadBalancer 65 | annotations: 66 | metallb.universe.tf/loadBalancerIPs: 172.18.0.224 67 | 68 | guiKubernetesService: 69 | type: LoadBalancer 70 | metadata: 71 | annotations: 72 | metallb.universe.tf/loadBalancerIPs: 172.18.0.231 73 | 74 | connection: 75 | secretName: mxs-galera-conn 76 | port: 3306 77 | 78 | requeueInterval: 10s -------------------------------------------------------------------------------- /config/samples/restore.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: k8s.mariadb.com/v1alpha1 2 | kind: Restore 3 | metadata: 4 | name: restore 5 | spec: 6 | mariaDbRef: 7 | name: mariadb 8 | backupRef: 9 | name: backup 10 | targetRecoveryTime: 2023-12-19T09:00:00Z 11 | resources: 12 | requests: 13 | cpu: 100m 14 | memory: 128Mi 15 | limits: 16 | cpu: 300m 17 | memory: 512Mi -------------------------------------------------------------------------------- /config/samples/sqljob.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: k8s.mariadb.com/v1alpha1 2 | kind: SqlJob 3 | metadata: 4 | name: 03-stars 5 | spec: 6 | dependsOn: 7 | - name: 01-users 8 | - name: 02-repos 9 | mariaDbRef: 10 | name: mariadb 11 | schedule: 12 | cron: "*/1 * * * *" 13 | suspend: false 14 | username: mariadb 15 | passwordSecretKeyRef: 16 | name: mariadb 17 | key: password 18 | database: mariadb 19 | sql: | 20 | CREATE TABLE IF NOT EXISTS stars ( 21 | id bigint PRIMARY KEY AUTO_INCREMENT, 22 | user_id bigint NOT NULL, 23 | repo_id bigint NOT NULL, 24 | FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE, 25 | FOREIGN KEY (repo_id) REFERENCES repos(id) ON DELETE CASCADE, 26 | UNIQUE KEY (user_id, repo_id) 27 | ); 28 | INSERT INTO stars(user_id, repo_id) 29 | VALUES((SELECT id FROM users ORDER BY RAND() LIMIT 1), (SELECT id FROM repos ORDER BY RAND() LIMIT 1)) 30 | ON DUPLICATE KEY UPDATE id=id; 31 | DELETE FROM stars WHERE id = (SELECT id FROM stars ORDER BY RAND() LIMIT 1); 32 | SELECT r.name AS repo, COUNT(*) AS stars 33 | FROM stars s 34 | JOIN repos r 35 | ON s.repo_id = r.id 36 | GROUP BY r.id 37 | ORDER BY stars DESC; -------------------------------------------------------------------------------- /config/samples/user.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: k8s.mariadb.com/v1alpha1 2 | kind: User 3 | metadata: 4 | name: user 5 | spec: 6 | # If you want the user to be created with a different name than the resource name 7 | # name: user-custom 8 | mariaDbRef: 9 | name: mariadb 10 | passwordSecretKeyRef: 11 | name: mariadb 12 | key: password 13 | # This field is immutable and defaults to 10 14 | maxUserConnections: 20 15 | host: "%" 16 | retryInterval: 5s -------------------------------------------------------------------------------- /config/scorecard/bases/config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: scorecard.operatorframework.io/v1alpha3 2 | kind: Configuration 3 | metadata: 4 | name: config 5 | stages: 6 | - parallel: true 7 | tests: [] 8 | -------------------------------------------------------------------------------- /config/scorecard/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - bases/config.yaml 3 | patchesJson6902: 4 | - path: patches/basic.config.yaml 5 | target: 6 | group: scorecard.operatorframework.io 7 | version: v1alpha3 8 | kind: Configuration 9 | name: config 10 | - path: patches/olm.config.yaml 11 | target: 12 | group: scorecard.operatorframework.io 13 | version: v1alpha3 14 | kind: Configuration 15 | name: config 16 | #+kubebuilder:scaffold:patchesJson6902 17 | -------------------------------------------------------------------------------- /config/scorecard/patches/basic.config.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /stages/0/tests/- 3 | value: 4 | entrypoint: 5 | - scorecard-test 6 | - basic-check-spec 7 | image: quay.io/operator-framework/scorecard-test:v1.26.0 8 | labels: 9 | suite: basic 10 | test: basic-check-spec-test 11 | -------------------------------------------------------------------------------- /config/scorecard/patches/olm.config.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /stages/0/tests/- 3 | value: 4 | entrypoint: 5 | - scorecard-test 6 | - olm-bundle-validation 7 | image: quay.io/operator-framework/scorecard-test:v1.26.0 8 | labels: 9 | suite: olm 10 | test: olm-bundle-validation-test 11 | - op: add 12 | path: /stages/0/tests/- 13 | value: 14 | entrypoint: 15 | - scorecard-test 16 | - olm-crds-have-validation 17 | image: quay.io/operator-framework/scorecard-test:v1.26.0 18 | labels: 19 | suite: olm 20 | test: olm-crds-have-validation-test 21 | - op: add 22 | path: /stages/0/tests/- 23 | value: 24 | entrypoint: 25 | - scorecard-test 26 | - olm-crds-have-resources 27 | image: quay.io/operator-framework/scorecard-test:v1.26.0 28 | labels: 29 | suite: olm 30 | test: olm-crds-have-resources-test 31 | - op: add 32 | path: /stages/0/tests/- 33 | value: 34 | entrypoint: 35 | - scorecard-test 36 | - olm-spec-descriptors 37 | image: quay.io/operator-framework/scorecard-test:v1.26.0 38 | labels: 39 | suite: olm 40 | test: olm-spec-descriptors-test 41 | - op: add 42 | path: /stages/0/tests/- 43 | value: 44 | entrypoint: 45 | - scorecard-test 46 | - olm-status-descriptors 47 | image: quay.io/operator-framework/scorecard-test:v1.26.0 48 | labels: 49 | suite: olm 50 | test: olm-status-descriptors-test 51 | -------------------------------------------------------------------------------- /hack/bump-bundle.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -euo pipefail 4 | 5 | VERSION=$1 6 | 7 | echo "📦 Bumping bundle to version '$VERSION'" 8 | 9 | echo "📦 Updating Makefile" 10 | sed -i "s/VERSION ?= .*/VERSION ?= $VERSION/g" Makefile 11 | 12 | echo "📦 Generating bundle" 13 | make bundle 14 | 15 | echo "📦 Pushing changes" 16 | git config user.email "martin11lrx@gmail.com" 17 | git config user.name "Martin Montes" 18 | git add . 19 | git commit -m "Bump bundle to version '$VERSION'" 20 | git push 21 | 22 | echo "📦 Creating tag" 23 | git tag $VERSION 24 | git push --tags -------------------------------------------------------------------------------- /hack/sync-chart.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -euo pipefail 4 | 5 | install_yq() { 6 | if ! command -v yq &> /dev/null; then 7 | echo "yq command not found, installing yq..." 8 | sudo curl -sSLo /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/v4.43.1/yq_linux_amd64 9 | sudo chmod +x /usr/local/bin/yq 10 | fi 11 | } 12 | install_yq 13 | 14 | HELM_CHART_VERSION=$1 15 | HELM_CHART_DIR="helm-charts/mariadb-operator" 16 | HELM_CHART_FILE="$HELM_CHART_DIR/Chart.yaml" 17 | RELEASE_URL="https://github.com/mariadb-operator/mariadb-operator/releases/download/mariadb-operator-$HELM_CHART_VERSION/mariadb-operator-$HELM_CHART_VERSION.tgz" 18 | 19 | echo "☸️ Syncing helm chart version $HELM_CHART_VERSION"; 20 | if [ -d "$HELM_CHART_DIR" ]; then 21 | rm -rf $HELM_CHART_DIR 22 | fi 23 | curl -sL $RELEASE_URL | tar xz -C helm-charts/ 24 | 25 | echo "☸️ Syncing CRDs"; 26 | cp helm-charts/mariadb-operator/charts/mariadb-operator-crds/templates/crds.yaml config/manifests/crds/crds.yaml -------------------------------------------------------------------------------- /helm-charts/README.md: -------------------------------------------------------------------------------- 1 | # Charts source directory 2 | 3 | This directory contains the helm charts reconciled by the helm operator. They are dynamically synced from the `mariadb-operator`'s the [releases](https://github.com/mariadb-operator/mariadb-operator/releases). -------------------------------------------------------------------------------- /watches.yaml: -------------------------------------------------------------------------------- 1 | # Use the 'create api' subcommand to add watches to this file. 2 | - group: helm.mariadb.mmontes.io 3 | version: v1alpha1 4 | kind: MariadbOperator 5 | chart: helm-charts/mariadb-operator 6 | #+kubebuilder:scaffold:watch 7 | --------------------------------------------------------------------------------