From 737cb46bbc62c2537254bc753687059f6db685a7 Mon Sep 17 00:00:00 2001 From: rriski Date: Tue, 16 Jul 2024 15:31:49 +0300 Subject: [PATCH] chore: synced file(s) with aiven/aiven-operator (#52) Co-authored-by: rriski --- charts/aiven-operator-crds/Chart.yaml | 4 +- .../templates/aiven.io_cassandras.yaml | 15 ++ .../templates/aiven.io_clickhousegrants.yaml | 144 ++++++++++++++++-- .../templates/aiven.io_opensearches.yaml | 12 ++ .../templates/aiven.io_postgresqls.yaml | 2 + charts/aiven-operator/Chart.yaml | 4 +- 6 files changed, 165 insertions(+), 16 deletions(-) diff --git a/charts/aiven-operator-crds/Chart.yaml b/charts/aiven-operator-crds/Chart.yaml index b5728cd..7dc1f31 100644 --- a/charts/aiven-operator-crds/Chart.yaml +++ b/charts/aiven-operator-crds/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: aiven-operator-crds description: A Helm chart to deploy the aiven operator custom resource definitions type: application -version: v0.23.0 -appVersion: v0.23.0 +version: v0.24.0 +appVersion: v0.24.0 maintainers: - name: byashimov url: https://www.aiven.io diff --git a/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml b/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml index 7ab25c7..156e2ac 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_cassandras.yaml @@ -271,6 +271,21 @@ spec: service belong. Can be set only when creating the service. maxLength: 128 type: string + read_request_timeout_in_ms: + description: + How long the coordinator waits for read operations + to complete before timing it out. 5 seconds by default. + maximum: 10000 + minimum: 1000 + type: integer + write_request_timeout_in_ms: + description: + How long the coordinator waits for write requests + to complete with at least one node in the local datacenter. + 2 seconds by default. + maximum: 10000 + minimum: 1000 + type: integer type: object cassandra_version: description: Cassandra version diff --git a/charts/aiven-operator-crds/templates/aiven.io_clickhousegrants.yaml b/charts/aiven-operator-crds/templates/aiven.io_clickhousegrants.yaml index d5218d6..55db958 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_clickhousegrants.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_clickhousegrants.yaml @@ -26,7 +26,7 @@ spec: openAPIV3Schema: description: |- ClickhouseGrant is the Schema for the ClickhouseGrants API - Warning "Ambiguity in the `GRANT` syntax": Due to [an ambiguity](https://github.com/aiven/ospo-tracker/issues/350) in the `GRANT` syntax in Clickhouse, you should not have users and roles with the same name. It is not clear if a grant refers to the user or the role. + Warning: Due to the way ClickHouse operates, updating this resource first revokes the existing privileges. properties: apiVersion: description: |- @@ -69,7 +69,7 @@ spec: items: description: |- PrivilegeGrant represents the privileges to be granted to users or roles. - See https://clickhouse.com/docs/en/sql-reference/statements/grant#granting-privilege-syntax. + [See](https://clickhouse.com/docs/en/sql-reference/statements/grant#granting-privilege-syntax). properties: columns: description: The column that the grant refers to. @@ -84,9 +84,12 @@ spec: List of grantees (users or roles) to grant the privilege to. items: - description: - Grantee represents a user or a role to which - privileges or roles are granted. + description: |- + Grantee represents a user or a role to which privileges or roles are granted. + Warning "Ambiguity in the `GRANT` syntax": + Due to [an ambiguity](https://github.com/aiven/ospo-tracker/issues/350) in the GRANT syntax in ClickHouse, + users and roles should not share the same name. + It is unclear whether a grant applies to the user or the role. properties: role: type: string @@ -98,7 +101,7 @@ spec: privileges: description: |- The privileges to grant, i.e. `INSERT`, `SELECT`. - See https://clickhouse.com/docs/en/sql-reference/statements/grant#assigning-role-syntax. + [See](https://clickhouse.com/docs/en/sql-reference/statements/grant#assigning-role-syntax). items: type: string type: array @@ -112,7 +115,7 @@ spec: description: |- If true, then the grantee (user or role) get the permission to execute the `GRANT` query. Users can grant privileges of the same scope they have and less. - See https://clickhouse.com/docs/en/sql-reference/statements/grant#granting-privilege-syntax + [See](https://clickhouse.com/docs/en/sql-reference/statements/grant#granting-privilege-syntax) type: boolean required: - database @@ -139,16 +142,19 @@ spec: items: description: |- RoleGrant represents the roles to be assigned to users or roles. - See https://clickhouse.com/docs/en/sql-reference/statements/grant#assigning-role-syntax. + [See](https://clickhouse.com/docs/en/sql-reference/statements/grant#assigning-role-syntax) properties: grantees: description: List of grantees (users or roles) to grant the privilege to. items: - description: - Grantee represents a user or a role to which - privileges or roles are granted. + description: |- + Grantee represents a user or a role to which privileges or roles are granted. + Warning "Ambiguity in the `GRANT` syntax": + Due to [an ambiguity](https://github.com/aiven/ospo-tracker/issues/350) in the GRANT syntax in ClickHouse, + users and roles should not share the same name. + It is unclear whether a grant applies to the user or the role. properties: role: type: string @@ -166,7 +172,7 @@ spec: withAdminOption: description: |- If true, the grant is executed with `ADMIN OPTION` privilege. - See https://clickhouse.com/docs/en/sql-reference/statements/grant#admin-option. + [See](https://clickhouse.com/docs/en/sql-reference/statements/grant#admin-option) type: boolean required: - grantees @@ -260,6 +266,120 @@ spec: - type type: object type: array + state: + description: The previous applied grants to revoke. Do not edit + properties: + privilegeGrants: + description: + Configuration to grant a privilege. Privileges not + in the manifest are revoked. Existing privileges are retained; + new ones are granted. + items: + description: |- + PrivilegeGrant represents the privileges to be granted to users or roles. + [See](https://clickhouse.com/docs/en/sql-reference/statements/grant#granting-privilege-syntax). + properties: + columns: + description: The column that the grant refers to. + items: + type: string + type: array + database: + description: The database that the grant refers to. + type: string + grantees: + description: + List of grantees (users or roles) to grant + the privilege to. + items: + description: |- + Grantee represents a user or a role to which privileges or roles are granted. + Warning "Ambiguity in the `GRANT` syntax": + Due to [an ambiguity](https://github.com/aiven/ospo-tracker/issues/350) in the GRANT syntax in ClickHouse, + users and roles should not share the same name. + It is unclear whether a grant applies to the user or the role. + properties: + role: + type: string + user: + type: string + type: object + minItems: 1 + type: array + privileges: + description: |- + The privileges to grant, i.e. `INSERT`, `SELECT`. + [See](https://clickhouse.com/docs/en/sql-reference/statements/grant#assigning-role-syntax). + items: + type: string + type: array + table: + description: + 'The tables that the grant refers to. To grant + a privilege on all tables in a database, omit this field + instead of writing `table: "*"`.' + type: string + withGrantOption: + description: |- + If true, then the grantee (user or role) get the permission to execute the `GRANT` query. + Users can grant privileges of the same scope they have and less. + [See](https://clickhouse.com/docs/en/sql-reference/statements/grant#granting-privilege-syntax) + type: boolean + required: + - database + - grantees + - privileges + type: object + x-kubernetes-validations: + - message: "`table` must be set if `columns` are set" + rule: "!has(self.columns) || (has(self.columns) && has(self.table))" + type: array + roleGrants: + description: + Configuration to grant a role. Role grants not in + the manifest are revoked. Existing role grants are retained; + new ones are granted. + items: + description: |- + RoleGrant represents the roles to be assigned to users or roles. + [See](https://clickhouse.com/docs/en/sql-reference/statements/grant#assigning-role-syntax) + properties: + grantees: + description: + List of grantees (users or roles) to grant + the privilege to. + items: + description: |- + Grantee represents a user or a role to which privileges or roles are granted. + Warning "Ambiguity in the `GRANT` syntax": + Due to [an ambiguity](https://github.com/aiven/ospo-tracker/issues/350) in the GRANT syntax in ClickHouse, + users and roles should not share the same name. + It is unclear whether a grant applies to the user or the role. + properties: + role: + type: string + user: + type: string + type: object + minItems: 1 + type: array + roles: + description: List of roles to grant to the grantees. + items: + type: string + minItems: 1 + type: array + withAdminOption: + description: |- + If true, the grant is executed with `ADMIN OPTION` privilege. + [See](https://clickhouse.com/docs/en/sql-reference/statements/grant#admin-option) + type: boolean + required: + - grantees + - roles + type: object + type: array + type: object required: - conditions type: object diff --git a/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml index ed89601..6be0fa4 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_opensearches.yaml @@ -707,6 +707,18 @@ spec: maximum: 2147483647 minimum: 1 type: integer + knn_memory_circuit_breaker_enabled: + description: + Enable or disable KNN memory circuit breaker. + Defaults to true. + type: boolean + knn_memory_circuit_breaker_limit: + description: + Maximum amount of memory that can be used for + KNN index. Defaults to 50% of the JVM heap size. + maximum: 100 + minimum: 3 + type: integer override_main_response_version: description: Compatibility mode sets OpenSearch to report diff --git a/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml b/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml index 2c57a5f..3310fd8 100644 --- a/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml +++ b/charts/aiven-operator-crds/templates/aiven.io_postgresqls.yaml @@ -522,6 +522,8 @@ spec: - "'pid=%p,user=%u,db=%d,app=%a,client=%h '" - "'%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h '" - "'%m [%p] %q[user=%u,db=%d,app=%a] '" + - "'pid=%p,user=%u,db=%d,app=%a,client=%h,txid=%x,qid=%Q + '" type: string log_min_duration_statement: description: diff --git a/charts/aiven-operator/Chart.yaml b/charts/aiven-operator/Chart.yaml index 4ec6b34..148d565 100644 --- a/charts/aiven-operator/Chart.yaml +++ b/charts/aiven-operator/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: aiven-operator description: A Helm chart to deploy the aiven operator type: application -version: v0.23.0 -appVersion: v0.23.0 +version: v0.24.0 +appVersion: v0.24.0 maintainers: - name: byashimov url: https://www.aiven.io