Skip to content

Commit

Permalink
32ede544215c4640f8ed52c9f27bfdd993f8c84b: update public repo contents
Browse files Browse the repository at this point in the history
  • Loading branch information
@LouisPlisso
LouisPlisso committed Aug 14, 2020
1 parent 7602f64 commit 5ed7b95
Show file tree
Hide file tree
Showing 18 changed files with 181 additions and 31 deletions.
81 changes: 77 additions & 4 deletions crds.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,6 @@ spec:

additionalMongodConfig:
type: object

exposedExternally:
type: boolean

Expand Down Expand Up @@ -174,7 +173,16 @@ spec:
properties:
mode:
type: string
enum: ["SCRAM", "X509"]
enum: ["SCRAM", "X509", "LDAP"]
automationUsername:
type: string
automationPasswordSecretRef:
type: object
properties:
name:
type: string
key:
type: string
required:
- mode
enabled:
Expand Down Expand Up @@ -209,7 +217,9 @@ spec:
bindQueryUser:
type: string
servers:
type: string
type: array
items:
type: string
transportSecurity:
type: string
enum: ["none", "tls"]
Expand All @@ -224,6 +234,70 @@ spec:
type: string
userToDNMapping:
type: string
roles:
type: array
description: "List of roles not bounded to specific users"
items:
type: object
properties:
role:
type: string
description: "The name of the role"
db:
type: string
description: "The db the role belongs to"
roles:
type: array
description: "List of roles this role inherits from"
items:
type: object
properties:
db:
type: string
description: "The db the role belongs to"
role:
type: string
description: "The name of the role"
authenticationRestrictions:
type: array
description: "List of restriction for users authenticating to this role"
items:
type: object
properties:
clientSource:
type: array
description: "List of IP addresses or CIDR ranges allowed the user can connect from"
items:
type: string
serverAddress:
type: array
description: "List of IP addresses or CIDR ranges allowed the user can connect to"
items:
type: string
privileges:
type: array
description: "List of privileges granted to this role"
items:
type: object
properties:
actions:
type: array
description: "List of actions allowed to this role"
items:
type: string
resource:
type: object
description: "Resource on which the privileges are granted"
properties:
db:
type: string
description: "Name of the database"
collection:
type: string
description: "Name of the collection"
cluster:
type: boolean
description: "True for cluster-wide privileges"

# Sharded Cluster properties
shardPodSpec:
Expand Down Expand Up @@ -451,7 +525,6 @@ spec:
properties:
additionalMongodConfig:
type: object

---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
Expand Down
2 changes: 1 addition & 1 deletion helm_chart/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
name: mongodb-enterprise-operator
description: MongoDB Kubernetes Enterprise Operator
version: 1.6.1
version: 1.7.0
kubeVersion: '>=1.13-0'
keywords:
- mongodb
Expand Down
81 changes: 77 additions & 4 deletions helm_chart/crds/mongodb.mongodb.com.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,6 @@ spec:

additionalMongodConfig:
type: object

exposedExternally:
type: boolean

Expand Down Expand Up @@ -174,7 +173,16 @@ spec:
properties:
mode:
type: string
enum: ["SCRAM", "X509"]
enum: ["SCRAM", "X509", "LDAP"]
automationUsername:
type: string
automationPasswordSecretRef:
type: object
properties:
name:
type: string
key:
type: string
required:
- mode
enabled:
Expand Down Expand Up @@ -209,7 +217,9 @@ spec:
bindQueryUser:
type: string
servers:
type: string
type: array
items:
type: string
transportSecurity:
type: string
enum: ["none", "tls"]
Expand All @@ -224,6 +234,70 @@ spec:
type: string
userToDNMapping:
type: string
roles:
type: array
description: "List of roles not bounded to specific users"
items:
type: object
properties:
role:
type: string
description: "The name of the role"
db:
type: string
description: "The db the role belongs to"
roles:
type: array
description: "List of roles this role inherits from"
items:
type: object
properties:
db:
type: string
description: "The db the role belongs to"
role:
type: string
description: "The name of the role"
authenticationRestrictions:
type: array
description: "List of restriction for users authenticating to this role"
items:
type: object
properties:
clientSource:
type: array
description: "List of IP addresses or CIDR ranges allowed the user can connect from"
items:
type: string
serverAddress:
type: array
description: "List of IP addresses or CIDR ranges allowed the user can connect to"
items:
type: string
privileges:
type: array
description: "List of privileges granted to this role"
items:
type: object
properties:
actions:
type: array
description: "List of actions allowed to this role"
items:
type: string
resource:
type: object
description: "Resource on which the privileges are granted"
properties:
db:
type: string
description: "Name of the database"
collection:
type: string
description: "Name of the collection"
cluster:
type: boolean
description: "True for cluster-wide privileges"

# Sharded Cluster properties
shardPodSpec:
Expand Down Expand Up @@ -451,4 +525,3 @@ spec:
properties:
additionalMongodConfig:
type: object

4 changes: 2 additions & 2 deletions helm_chart/templates/operator.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,11 @@ spec:
replicas: 1
selector:
matchLabels:
app: {{ .Values.operator.name }}
controller: {{ .Values.operator.name }}
template:
metadata:
labels:
app: {{ .Values.operator.name }}
controller: {{ .Values.operator.name }}
spec:
serviceAccountName: {{ .Values.operator.name }}
{{- if not .Values.managedSecurityContext }}
Expand Down
2 changes: 1 addition & 1 deletion helm_chart/values-openshift.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ operator:
deployment_name: mongodb-enterprise-operator

# Version of mongodb-enterprise-operator and mongodb-enterprise-database images
version: 1.6.1
version: 1.7.0

# The Custom Resources that will be watched by the Operator. Needs to be changed if only some of the CRDs are installed
watchedResources:
Expand Down
2 changes: 1 addition & 1 deletion helm_chart/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ operator:
deployment_name: mongodb-enterprise-operator

# Version of mongodb-enterprise-operator and mongodb-enterprise-database images
version: 1.6.1
version: 1.7.0

# The Custom Resources that will be watched by the Operator. Needs to be changed if only some of the CRDs are installed
watchedResources:
Expand Down
8 changes: 4 additions & 4 deletions mongodb-enterprise-openshift.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -179,16 +179,16 @@ spec:
replicas: 1
selector:
matchLabels:
app: enterprise-operator
controller: enterprise-operator
template:
metadata:
labels:
app: enterprise-operator
controller: enterprise-operator
spec:
serviceAccountName: enterprise-operator
containers:
- name: mongodb-enterprise-operator
image: registry.connect.redhat.com/mongodb/enterprise-operator:1.6.1
image: registry.connect.redhat.com/mongodb/enterprise-operator:1.7.0
imagePullPolicy: Always
args:
- "-watch-resource=mongodb"
Expand All @@ -210,7 +210,7 @@ spec:
- name: MANAGED_SECURITY_CONTEXT
value: 'true'
- name: MONGODB_ENTERPRISE_DATABASE_IMAGE
value: registry.connect.redhat.com/mongodb/enterprise-database:1.6.1
value: registry.connect.redhat.com/mongodb/enterprise-database:1.7.0
- name: IMAGE_PULL_POLICY
value: Always
- name: OPS_MANAGER_IMAGE_REPOSITORY
Expand Down
8 changes: 4 additions & 4 deletions mongodb-enterprise.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -179,19 +179,19 @@ spec:
replicas: 1
selector:
matchLabels:
app: mongodb-enterprise-operator
controller: mongodb-enterprise-operator
template:
metadata:
labels:
app: mongodb-enterprise-operator
controller: mongodb-enterprise-operator
spec:
serviceAccountName: mongodb-enterprise-operator
securityContext:
runAsNonRoot: true
runAsUser: 2000
containers:
- name: mongodb-enterprise-operator
image: quay.io/mongodb/mongodb-enterprise-operator:1.6.1
image: quay.io/mongodb/mongodb-enterprise-operator:1.7.0
imagePullPolicy: Always
args:
- "-watch-resource=mongodb"
Expand All @@ -211,7 +211,7 @@ spec:
fieldRef:
fieldPath: metadata.namespace
- name: MONGODB_ENTERPRISE_DATABASE_IMAGE
value: quay.io/mongodb/mongodb-enterprise-database:1.6.1
value: quay.io/mongodb/mongodb-enterprise-database:1.7.0
- name: IMAGE_PULL_POLICY
value: Always
- name: OPS_MANAGER_IMAGE_REPOSITORY
Expand Down
4 changes: 3 additions & 1 deletion samples/mongodb/authentication/ldap/replica-set/replica-set-ldap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,9 @@ spec:
ldap:
# Specify the hostname:port combination of one or
# more LDAP servers
servers: "<ldap-servers>"
servers:
- "<ldap-server0>"
- "<ldap-server1>"

# Set to "tls" to use LDAP over TLS. Leave blank if
# LDAP server does not accept TLS.
Expand Down
4 changes: 3 additions & 1 deletion samples/mongodb/authentication/ldap/sharded-cluster/sharded-cluster-ldap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,9 @@ spec:
ldap:
# Specify the hostname:port combination of one or
# more LDAP servers
servers: "<ldap-servers>"
servers:
- "<ldap-server0>"
- "<ldap-server1>"

# Set to "tls" to use LDAP over TLS. Leave blank if
# LDAP server does not accept TLS.
Expand Down
2 changes: 1 addition & 1 deletion samples/ops-manager/ops-manager-backup.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
name: ops-manager-backup
spec:
replicas: 1
version: 4.4.0
version: 4.4.1
adminCredentials: ops-manager-admin-secret

# optional. Enabled by default
Expand Down
2 changes: 1 addition & 1 deletion samples/ops-manager/ops-manager-external.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
name: ops-manager-external
spec:
replicas: 1
version: 4.4.0
version: 4.4.1
adminCredentials: ops-manager-admin-secret

configuration:
Expand Down
2 changes: 1 addition & 1 deletion samples/ops-manager/ops-manager-ignore-ui-setup.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ metadata:
name: ops-manager-ignore-ui
spec:
replicas: 1
version: 4.4.0
version: 4.4.1
adminCredentials: ops-manager-admin-secret

configuration:
Expand Down
2 changes: 1 addition & 1 deletion samples/ops-manager/ops-manager-local-mode.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ metadata:
name: ops-manager-localmode
spec:
replicas: 2
version: 4.4.0
version: 4.4.1
adminCredentials: ops-manager-admin-secret
configuration:
# this enables local mode in Ops Manager
Expand Down
2 changes: 1 addition & 1 deletion samples/ops-manager/ops-manager-pod-spec.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ metadata:
name: ops-manager-pod-spec
spec:
replicas: 1
version: 4.4.0
version: 4.4.1
adminCredentials: ops-manager-admin-secret
configuration:
mms.testUtil.enabled: "true"
Expand Down
Loading

0 comments on commit 5ed7b95

Please sign in to comment.