CLOUDP-304797: Fix configuration to assess RH warnings (#2275)

* Fix configuration to assess RH warnings

* Rebased and patched

Signed-off-by: jose.vazquez <[email protected]>

---------

Signed-off-by: jose.vazquez <[email protected]>
Co-authored-by: jose.vazquez <[email protected]>

Author: helderjs

.github/actions/gen-install-scripts/Dockerfile

@@ -15,7 +15,7 @@ RUN cd /usr/local/bin &&\
 RUN CONTROLLER_GEN_TMP_DIR=$(mktemp -d) && \
     cd $CONTROLLER_GEN_TMP_DIR && \
     go mod init tmp && \
-    go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.16.1 && \
+    go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.17.2 && \
     rm -rf $CONTROLLER_GEN_TMP_DIR && \
     CONTROLLER_GEN=${GOBIN}/controller-gen
 

PROJECT

@@ -143,4 +143,12 @@ resources:
   kind: AtlasNetworkPeering
   path: github.com/mongodb/mongodb-atlas-kubernetes/v2/api/v1
   version: v1
+- api:
+    crdVersion: v1
+    namespaced: true
+  domain: mongodb.com
+  group: atlas
+  kind: AtlasBackupCompliancePolicy
+  path: github.com/mongodb/mongodb-atlas-kubernetes/v2/api/v1
+  version: v1
 version: "3"

api/v1/atlasbackupcompliancepolicy_types.go

@@ -36,6 +36,8 @@ func init() {
 // +kubebuilder:subresource:status
 // +kubebuilder:resource:categories=atlas,shortName=abcp
 // +kubebuilder:printcolumn:name="Ready",type=string,JSONPath=`.status.conditions[?(@.type=="Ready")].status`
+
+// The AtlasBackupCompliancePolicy is a configuration that enforces specific backup and retention requirements
 type AtlasBackupCompliancePolicy struct {
 	metav1.TypeMeta   `json:",inline"`
 	metav1.ObjectMeta `json:"metadata,omitempty"`
@@ -44,6 +46,7 @@ type AtlasBackupCompliancePolicy struct {
 	Status status.BackupCompliancePolicyStatus `json:"status,omitempty"`
 }
 
+// AtlasBackupCompliancePolicySpec is the specification of the desired configuration of backup compliance policy
 type AtlasBackupCompliancePolicySpec struct {
 	// Email address of the user who authorized to update the Backup Compliance Policy settings.
 	// +kubebuilder:validation:Required

config/crd/bases/atlas.mongodb.com_atlasbackupcompliancepolicies.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.1
+    controller-gen.kubebuilder.io/version: v0.17.2
   name: atlasbackupcompliancepolicies.atlas.mongodb.com
 spec:
   group: atlas.mongodb.com
@@ -25,8 +25,8 @@ spec:
     name: v1
     schema:
       openAPIV3Schema:
-        description: AtlasBackupCompliancePolicy defines the desired state of a compliance
-          policy in Atlas.
+        description: The AtlasBackupCompliancePolicy is a configuration that enforces
+          specific backup and retention requirements
         properties:
           apiVersion:
             description: |-
@@ -46,6 +46,8 @@ spec:
           metadata:
             type: object
           spec:
+            description: AtlasBackupCompliancePolicySpec is the specification of the
+              desired configuration of backup compliance policy
             properties:
               authorizedEmail:
                 description: Email address of the user who authorized to update the

config/crd/bases/atlas.mongodb.com_atlasbackuppolicies.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.1
+    controller-gen.kubebuilder.io/version: v0.17.2
   name: atlasbackuppolicies.atlas.mongodb.com
 spec:
   group: atlas.mongodb.com

config/crd/bases/atlas.mongodb.com_atlasbackupschedules.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.1
+    controller-gen.kubebuilder.io/version: v0.17.2
   name: atlasbackupschedules.atlas.mongodb.com
 spec:
   group: atlas.mongodb.com

config/crd/bases/atlas.mongodb.com_atlascustomroles.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.1
+    controller-gen.kubebuilder.io/version: v0.17.2
   name: atlascustomroles.atlas.mongodb.com
 spec:
   group: atlas.mongodb.com

config/crd/bases/atlas.mongodb.com_atlasdatabaseusers.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.1
+    controller-gen.kubebuilder.io/version: v0.17.2
   name: atlasdatabaseusers.atlas.mongodb.com
 spec:
   group: atlas.mongodb.com

config/crd/bases/atlas.mongodb.com_atlasdatafederations.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.1
+    controller-gen.kubebuilder.io/version: v0.17.2
   name: atlasdatafederations.atlas.mongodb.com
 spec:
   group: atlas.mongodb.com

config/crd/bases/atlas.mongodb.com_atlasdeployments.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.1
+    controller-gen.kubebuilder.io/version: v0.17.2
   name: atlasdeployments.atlas.mongodb.com
 spec:
   group: atlas.mongodb.com

config/crd/bases/atlas.mongodb.com_atlasfederatedauths.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.1
+    controller-gen.kubebuilder.io/version: v0.17.2
   name: atlasfederatedauths.atlas.mongodb.com
 spec:
   group: atlas.mongodb.com

config/crd/bases/atlas.mongodb.com_atlasipaccesslists.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.1
+    controller-gen.kubebuilder.io/version: v0.17.2
   name: atlasipaccesslists.atlas.mongodb.com
 spec:
   group: atlas.mongodb.com

config/crd/bases/atlas.mongodb.com_atlasnetworkcontainers.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.1
+    controller-gen.kubebuilder.io/version: v0.17.2
   name: atlasnetworkcontainers.atlas.mongodb.com
 spec:
   group: atlas.mongodb.com

config/crd/bases/atlas.mongodb.com_atlasnetworkpeerings.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.1
+    controller-gen.kubebuilder.io/version: v0.17.2
   name: atlasnetworkpeerings.atlas.mongodb.com
 spec:
   group: atlas.mongodb.com

config/crd/bases/atlas.mongodb.com_atlasprivateendpoints.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.1
+    controller-gen.kubebuilder.io/version: v0.17.2
   name: atlasprivateendpoints.atlas.mongodb.com
 spec:
   group: atlas.mongodb.com

config/crd/bases/atlas.mongodb.com_atlasprojects.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.1
+    controller-gen.kubebuilder.io/version: v0.17.2
   name: atlasprojects.atlas.mongodb.com
 spec:
   group: atlas.mongodb.com

config/crd/bases/atlas.mongodb.com_atlassearchindexconfigs.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.1
+    controller-gen.kubebuilder.io/version: v0.17.2
   name: atlassearchindexconfigs.atlas.mongodb.com
 spec:
   group: atlas.mongodb.com

config/crd/bases/atlas.mongodb.com_atlasstreamconnections.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.1
+    controller-gen.kubebuilder.io/version: v0.17.2
   name: atlasstreamconnections.atlas.mongodb.com
 spec:
   group: atlas.mongodb.com

config/crd/bases/atlas.mongodb.com_atlasstreaminstances.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.1
+    controller-gen.kubebuilder.io/version: v0.17.2
   name: atlasstreaminstances.atlas.mongodb.com
 spec:
   group: atlas.mongodb.com

config/crd/bases/atlas.mongodb.com_atlasteams.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.1
+    controller-gen.kubebuilder.io/version: v0.17.2
   name: atlasteams.atlas.mongodb.com
 spec:
   group: atlas.mongodb.com

config/manifests/bases/mongodb-atlas-kubernetes.clusterserviceversion.yaml

@@ -14,6 +14,8 @@ metadata:
     features.operators.openshift.io/token-auth-aws: "false"
     features.operators.openshift.io/token-auth-azure: "false"
     features.operators.openshift.io/token-auth-gcp: "false"
+    repository: https://github.com/mongodb/mongodb-atlas-kubernetes
+    support: [email protected]
   labels:
     operatorframework.io/arch.amd64: supported
     operatorframework.io/arch.arm64: supported
@@ -34,6 +36,12 @@ spec:
       kind: AtlasSearchIndexConfig
       name: atlassearchindexconfigs.atlas.mongodb.com
       version: v1
+    - description: The AtlasBackupCompliancePolicy is a configuration that enforces
+        specific backup and retention requirements
+      displayName: Atlas Backup Compliance Policy
+      kind: AtlasBackupCompliancePolicy
+      name: atlasbackupcompliancepolicies.atlas.mongodb.com
+      version: v1
     - description: AtlasBackupPolicy is the Schema for the atlasbackuppolicies API
       displayName: Atlas Backup Policy
       kind: AtlasBackupPolicy
@@ -45,6 +53,11 @@ spec:
       kind: AtlasBackupSchedule
       name: atlasbackupschedules.atlas.mongodb.com
       version: v1
+    - description: AtlasCustomRole is the Schema for the AtlasCustomRole API
+      displayName: Atlas Custom Role
+      kind: AtlasCustomRole
+      name: atlascustomroles.atlas.mongodb.com
+      version: v1
     - description: AtlasDatabaseUser is the Schema for the Atlas Database User API
       displayName: Atlas Database User
       kind: AtlasDatabaseUser
@@ -61,6 +74,31 @@ spec:
       kind: AtlasDeployment
       name: atlasdeployments.atlas.mongodb.com
       version: v1
+    - description: AtlasIPAccessList is the Schema for the atlasipaccesslists API.
+      displayName: Atlas IPAccess List
+      kind: AtlasIPAccessList
+      name: atlasipaccesslists.atlas.mongodb.com
+      version: v1
+    - description: AtlasNetworkContainer is the Schema for the AtlasNetworkContainer
+        API
+      displayName: Atlas Network Container
+      kind: AtlasNetworkContainer
+      name: atlasnetworkcontainers.atlas.mongodb.com
+      version: v1
+    - description: AtlasNetworkPeering is the Schema for the AtlasNetworkPeering API
+      displayName: Atlas Network Peering
+      kind: AtlasNetworkPeering
+      name: atlasnetworkpeerings.atlas.mongodb.com
+      version: v1
+    - description: |-
+        The AtlasPrivateEndpoint custom resource definition (CRD) defines a desired [Private Endpoint](https://www.mongodb.com/docs/atlas/security-private-endpoint/#std-label-private-endpoint-overview) configuration for an Atlas project.
+        It allows a private connection between your cloud provider and Atlas that doesn't send information through a public network.
+
+        You can use private endpoints to create a unidirectional connection to Atlas clusters from your virtual network.
+      displayName: Atlas Private Endpoint
+      kind: AtlasPrivateEndpoint
+      name: atlasprivateendpoints.atlas.mongodb.com
+      version: v1
     - description: AtlasProject is the Schema for the atlasprojects API
       displayName: Atlas Project
       kind: AtlasProject

config/samples/atlas_v1_atlasbackupcompliancepolicy.yaml

@@ -0,0 +1,21 @@
+apiVersion: atlas.mongodb.com/v1
+kind: AtlasBackupCompliancePolicy
+metadata:
+  name: my-backup-compliance-policy
+spec:
+  authorizedEmail: [email protected]
+  authorizedUserFirstName: John
+  authorizedUserLastName: Doe
+  copyProtectionEnabled: false
+  encryptionAtRestEnabled: false
+  onDemandPolicy:
+    retentionUnit: weeks
+    retentionValue: 3
+  overwriteBackupPolicies: false
+  pointInTimeEnabled: true
+  restoreWindowDays: 42
+  scheduledPolicyItems:
+    - frequencyInterval: 2
+      frequencyType: daily
+      retentionUnit: days
+      retentionValue: 7

config/samples/atlas_v1_atlascustomrole.yaml

@@ -0,0 +1,25 @@
+apiVersion: atlas.mongodb.com/v1
+kind: AtlasCustomRole
+metadata:
+  name: shard-operator-role
+spec:
+  projectRef:
+    name: my-project
+  role:
+    name: my-role
+    actions:
+      - name: getShardMap
+        resources:
+          - cluster: true
+      - name: shardingState
+        resources:
+           - cluster: true
+      - name: connPoolStats
+        resources:
+           - cluster: true
+      - name: getLog
+        resources:
+           - cluster: true
+    inheritedRoles:
+      - name: operator-role-1
+        database: admin

config/samples/kustomization.yaml

@@ -11,4 +11,12 @@ resources:
   - atlas_v1_atlasipaccesslist.yaml
   - atlas_v1_atlasnetworkcontainer.yaml
   - atlas_v1_atlasnetworkpeering.yaml
+  - atlas_v1_atlasstreaminstance.yaml
+  - atlas_v1_atlasstreamconnection.yaml
+  - atlas_v1_atlasdatafederation.yaml
+  - atlas_v1_atlasfederatedauth.yaml
+  - atlas_v1_atlasprivateendpoint.yaml
+  - atlas_v1_atlassearchindexconfigs.yaml
+  - atlas_v1_atlasbackupcompliancepolicy.yaml
+  - atlas_v1_atlascustomrole.yaml
 # +kubebuilder:scaffold:manifestskustomizesamples

devbox.json

@@ -20,7 +20,7 @@
     "[email protected]",
     "shellcheck@latest",
     "[email protected]",
-    "kubernetes-controller-tools@0.16.1",
+    "kubernetes-controller-tools@0.17.2",
     "[email protected]",
     "awscli2@latest",
     "go-mockery@latest",