diff --git a/go.mod b/go.mod index 004c25a6..92805105 100644 --- a/go.mod +++ b/go.mod @@ -32,7 +32,7 @@ require ( k8s.io/klog/v2 v2.130.1 kmodules.xyz/client-go v0.30.13 kmodules.xyz/custom-resources v0.30.0 - kubedb.dev/apimachinery v0.47.0 + kubedb.dev/apimachinery v0.47.1-0.20240916092623-3d0074037714 sigs.k8s.io/controller-runtime v0.18.4 xorm.io/xorm v1.3.6 ) diff --git a/go.sum b/go.sum index b8edbea0..60f9e791 100644 --- a/go.sum +++ b/go.sum @@ -793,8 +793,8 @@ kmodules.xyz/monitoring-agent-api v0.29.0 h1:gpFl6OZrlMLb/ySMHdREI9EwGtnJ91oZBn9 kmodules.xyz/monitoring-agent-api v0.29.0/go.mod h1:iNbvaMTgVFOI5q2LJtGK91j4Dmjv4ZRiRdasGmWLKQI= kmodules.xyz/offshoot-api v0.30.0 h1:dq9F93pu4Q8rL9oTcCk+vGGy8vpS7RNt0GSwx7Bvhec= kmodules.xyz/offshoot-api v0.30.0/go.mod h1:o9VoA3ImZMDBp3lpLb8+kc2d/KBxioRwCpaKDfLIyDw= -kubedb.dev/apimachinery v0.47.0 h1:QhcjY2wJb/5L0YmfJAUiPw0VU1mMJqvILL2t8znniJo= -kubedb.dev/apimachinery v0.47.0/go.mod h1:W/uKm13rLuaz+uqZUt6piU/qA0EdLKHuN53V2DYheJI= +kubedb.dev/apimachinery v0.47.1-0.20240916092623-3d0074037714 h1:/c3fln5L2ZekYz7Go8tG5616jg6yVzGy3Y328E1G4xo= +kubedb.dev/apimachinery v0.47.1-0.20240916092623-3d0074037714/go.mod h1:dsSAmHt0j14fmKhtFZC4RlX4Aiytz/RVq3S0b30Mkug= kubeops.dev/petset v0.0.6 h1:0IbvxD9fadZfH+3iMZWzN6ZHsO0vX458JlioamwyPKQ= kubeops.dev/petset v0.0.6/go.mod h1:A15vh0r979NsvL65DTIZKWsa/NoX9VapHBAEw1ZsdYI= lukechampine.com/uint128 v1.1.1/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= diff --git a/vendor/kubedb.dev/apimachinery/apis/catalog/v1alpha1/memcached_version_types.go b/vendor/kubedb.dev/apimachinery/apis/catalog/v1alpha1/memcached_version_types.go index 1ab939be..d3b602dc 100644 --- a/vendor/kubedb.dev/apimachinery/apis/catalog/v1alpha1/memcached_version_types.go +++ b/vendor/kubedb.dev/apimachinery/apis/catalog/v1alpha1/memcached_version_types.go @@ -58,6 +58,8 @@ type MemcachedVersionSpec struct { Deprecated bool `json:"deprecated,omitempty"` // PSP names PodSecurityPolicies MemcachedVersionPodSecurityPolicy `json:"podSecurityPolicies"` + // update constraints + UpdateConstraints UpdateConstraints `json:"updateConstraints,omitempty"` // SecurityContext is for the additional config for the DB container // +optional SecurityContext SecurityContext `json:"securityContext"` diff --git a/vendor/kubedb.dev/apimachinery/apis/catalog/v1alpha1/openapi_generated.go b/vendor/kubedb.dev/apimachinery/apis/catalog/v1alpha1/openapi_generated.go index 32f78c10..7cd7c9c7 100644 --- a/vendor/kubedb.dev/apimachinery/apis/catalog/v1alpha1/openapi_generated.go +++ b/vendor/kubedb.dev/apimachinery/apis/catalog/v1alpha1/openapi_generated.go @@ -27871,6 +27871,13 @@ func schema_apimachinery_apis_catalog_v1alpha1_MemcachedVersionSpec(ref common.R Ref: ref("kubedb.dev/apimachinery/apis/catalog/v1alpha1.MemcachedVersionPodSecurityPolicy"), }, }, + "updateConstraints": { + SchemaProps: spec.SchemaProps{ + Description: "update constraints", + Default: map[string]interface{}{}, + Ref: ref("kubedb.dev/apimachinery/apis/catalog/v1alpha1.UpdateConstraints"), + }, + }, "securityContext": { SchemaProps: spec.SchemaProps{ Description: "SecurityContext is for the additional config for the DB container", @@ -27896,7 +27903,7 @@ func schema_apimachinery_apis_catalog_v1alpha1_MemcachedVersionSpec(ref common.R }, }, Dependencies: []string{ - "kubedb.dev/apimachinery/apis/catalog/v1alpha1.ChartInfo", "kubedb.dev/apimachinery/apis/catalog/v1alpha1.MemcachedVersionDatabase", "kubedb.dev/apimachinery/apis/catalog/v1alpha1.MemcachedVersionExporter", "kubedb.dev/apimachinery/apis/catalog/v1alpha1.MemcachedVersionPodSecurityPolicy", "kubedb.dev/apimachinery/apis/catalog/v1alpha1.SecurityContext"}, + "kubedb.dev/apimachinery/apis/catalog/v1alpha1.ChartInfo", "kubedb.dev/apimachinery/apis/catalog/v1alpha1.MemcachedVersionDatabase", "kubedb.dev/apimachinery/apis/catalog/v1alpha1.MemcachedVersionExporter", "kubedb.dev/apimachinery/apis/catalog/v1alpha1.MemcachedVersionPodSecurityPolicy", "kubedb.dev/apimachinery/apis/catalog/v1alpha1.SecurityContext", "kubedb.dev/apimachinery/apis/catalog/v1alpha1.UpdateConstraints"}, } } diff --git a/vendor/kubedb.dev/apimachinery/apis/catalog/v1alpha1/pgbouncer_version_helpers.go b/vendor/kubedb.dev/apimachinery/apis/catalog/v1alpha1/pgbouncer_version_helpers.go index 945e3765..9fe9fb1c 100644 --- a/vendor/kubedb.dev/apimachinery/apis/catalog/v1alpha1/pgbouncer_version_helpers.go +++ b/vendor/kubedb.dev/apimachinery/apis/catalog/v1alpha1/pgbouncer_version_helpers.go @@ -63,3 +63,7 @@ spec.exporter.image.`, p.Name) } return nil } + +func (p PgBouncerVersion) IsDeprecated() bool { + return p.Spec.Deprecated +} diff --git a/vendor/kubedb.dev/apimachinery/apis/catalog/v1alpha1/zz_generated.deepcopy.go b/vendor/kubedb.dev/apimachinery/apis/catalog/v1alpha1/zz_generated.deepcopy.go index 29238264..ff4f421a 100644 --- a/vendor/kubedb.dev/apimachinery/apis/catalog/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/kubedb.dev/apimachinery/apis/catalog/v1alpha1/zz_generated.deepcopy.go @@ -1567,6 +1567,7 @@ func (in *MemcachedVersionSpec) DeepCopyInto(out *MemcachedVersionSpec) { out.DB = in.DB out.Exporter = in.Exporter out.PodSecurityPolicies = in.PodSecurityPolicies + in.UpdateConstraints.DeepCopyInto(&out.UpdateConstraints) in.SecurityContext.DeepCopyInto(&out.SecurityContext) if in.UI != nil { in, out := &in.UI, &out.UI diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/mssqlserver_helpers.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/mssqlserver_helpers.go index 6f0a31d4..482185db 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/mssqlserver_helpers.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/mssqlserver_helpers.go @@ -377,6 +377,16 @@ func (m *MSSQLServer) SetDefaults() { m.SetHealthCheckerDefaults() m.setDefaultContainerResourceLimits(m.Spec.PodTemplate) + + m.Spec.Monitor.SetDefaults() + if m.Spec.Monitor != nil && m.Spec.Monitor.Prometheus != nil { + if m.Spec.Monitor.Prometheus.Exporter.SecurityContext.RunAsUser == nil { + m.Spec.Monitor.Prometheus.Exporter.SecurityContext.RunAsUser = mssqlVersion.Spec.SecurityContext.RunAsUser + } + if m.Spec.Monitor.Prometheus.Exporter.SecurityContext.RunAsGroup == nil { + m.Spec.Monitor.Prometheus.Exporter.SecurityContext.RunAsGroup = mssqlVersion.Spec.SecurityContext.RunAsUser + } + } } func (m *MSSQLServer) setDefaultContainerSecurityContext(mssqlVersion *catalog.MSSQLServerVersion, podTemplate *ofst.PodTemplateSpec) { diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/pgpool_webhook.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/pgpool_webhook.go index 5e5498da..7476ca18 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/pgpool_webhook.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1alpha2/pgpool_webhook.go @@ -129,51 +129,32 @@ func (p *Pgpool) ValidateCreateOrUpdate() field.ErrorList { "use either `spec.configSecret` or `spec.initConfig`")) } - if p.Spec.ConfigSecret != nil { - secret := core.Secret{} + if p.ObjectMeta.DeletionTimestamp == nil { + apb := appcat.AppBinding{} err := DefaultClient.Get(context.TODO(), types.NamespacedName{ - Name: p.Spec.ConfigSecret.Name, - Namespace: p.Namespace, - }, &secret) + Name: p.Spec.PostgresRef.Name, + Namespace: p.Spec.PostgresRef.Namespace, + }, &apb) if err != nil { - errorList = append(errorList, field.Invalid(field.NewPath("spec").Child("configSecret"), + errorList = append(errorList, field.Invalid(field.NewPath("spec").Child("postgresRef"), p.Name, err.Error(), )) } - _, ok := secret.Data[kubedb.PgpoolCustomConfigFile] - if !ok { - errorList = append(errorList, field.Invalid(field.NewPath("spec").Child("configSecret"), + + backendSSL, err := p.IsBackendTLSEnabled() + if err != nil { + errorList = append(errorList, field.Invalid(field.NewPath("spec").Child("postgresRef"), p.Name, - fmt.Sprintf("`%v` is missing", kubedb.PgpoolCustomConfigFile), + err.Error(), )) } - } - - apb := appcat.AppBinding{} - err := DefaultClient.Get(context.TODO(), types.NamespacedName{ - Name: p.Spec.PostgresRef.Name, - Namespace: p.Spec.PostgresRef.Namespace, - }, &apb) - if err != nil { - errorList = append(errorList, field.Invalid(field.NewPath("spec").Child("postgresRef"), - p.Name, - err.Error(), - )) - } - - backendSSL, err := p.IsBackendTLSEnabled() - if err != nil { - errorList = append(errorList, field.Invalid(field.NewPath("spec").Child("postgresRef"), - p.Name, - err.Error(), - )) - } - if p.Spec.TLS == nil && backendSSL { - errorList = append(errorList, field.Required(field.NewPath("spec").Child("tls"), - "`spec.tls` must be set because backend postgres is tls enabled", - )) + if p.Spec.TLS == nil && backendSSL { + errorList = append(errorList, field.Required(field.NewPath("spec").Child("tls"), + "`spec.tls` must be set because backend postgres is tls enabled", + )) + } } if p.Spec.TLS == nil { diff --git a/vendor/kubedb.dev/apimachinery/crds/catalog.kubedb.com_memcachedversions.yaml b/vendor/kubedb.dev/apimachinery/crds/catalog.kubedb.com_memcachedversions.yaml index ad7910b7..4ccf401f 100644 --- a/vendor/kubedb.dev/apimachinery/crds/catalog.kubedb.com_memcachedversions.yaml +++ b/vendor/kubedb.dev/apimachinery/crds/catalog.kubedb.com_memcachedversions.yaml @@ -89,6 +89,17 @@ spec: - name type: object type: array + updateConstraints: + properties: + allowlist: + items: + type: string + type: array + denylist: + items: + type: string + type: array + type: object version: type: string required: diff --git a/vendor/kubedb.dev/apimachinery/crds/ops.kubedb.com_pgbounceropsrequests.yaml b/vendor/kubedb.dev/apimachinery/crds/ops.kubedb.com_pgbounceropsrequests.yaml index 818e86fb..ff8aff8c 100644 --- a/vendor/kubedb.dev/apimachinery/crds/ops.kubedb.com_pgbounceropsrequests.yaml +++ b/vendor/kubedb.dev/apimachinery/crds/ops.kubedb.com_pgbounceropsrequests.yaml @@ -42,13 +42,6 @@ spec: type: object spec: properties: - UpdateVersion: - properties: - readinessCriteria: - type: object - targetVersion: - type: string - type: object apply: default: IfReady enum: @@ -183,7 +176,13 @@ spec: enum: - HorizontalScaling - VerticalScaling + - UpdateVersion type: string + updateVersion: + properties: + targetVersion: + type: string + type: object verticalScaling: properties: exporter: diff --git a/vendor/kubedb.dev/apimachinery/crds/ops.kubedb.com_zookeeperopsrequests.yaml b/vendor/kubedb.dev/apimachinery/crds/ops.kubedb.com_zookeeperopsrequests.yaml index 2bfe9e6b..c433492c 100644 --- a/vendor/kubedb.dev/apimachinery/crds/ops.kubedb.com_zookeeperopsrequests.yaml +++ b/vendor/kubedb.dev/apimachinery/crds/ops.kubedb.com_zookeeperopsrequests.yaml @@ -48,6 +48,22 @@ spec: - IfReady - Always type: string + configuration: + properties: + applyConfig: + additionalProperties: + type: string + type: object + configSecret: + properties: + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic + removeCustomConfig: + type: boolean + type: object databaseRef: properties: name: @@ -55,14 +71,95 @@ spec: type: string type: object x-kubernetes-map-type: atomic + horizontalScaling: + properties: + replicas: + format: int32 + type: integer + type: object restart: type: object timeout: type: string type: enum: + - UpdateVersion + - HorizontalScaling + - VerticalScaling + - VolumeExpansion - Restart + - Reconfigure type: string + updateVersion: + properties: + targetVersion: + type: string + type: object + verticalScaling: + properties: + node: + properties: + nodeSelectionPolicy: + type: string + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + topology: + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: object + type: object + type: object + volumeExpansion: + properties: + mode: + enum: + - Offline + - Online + type: string + node: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + required: + - mode + type: object required: - databaseRef - type diff --git a/vendor/modules.txt b/vendor/modules.txt index 0de11016..8cff2b6a 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1552,7 +1552,7 @@ kmodules.xyz/offshoot-api/api/v1 kmodules.xyz/offshoot-api/api/v1/conversion kmodules.xyz/offshoot-api/api/v2 kmodules.xyz/offshoot-api/util -# kubedb.dev/apimachinery v0.47.0 +# kubedb.dev/apimachinery v0.47.1-0.20240916092623-3d0074037714 ## explicit; go 1.22.1 kubedb.dev/apimachinery/apis kubedb.dev/apimachinery/apis/catalog diff --git a/zookeeper/kubedb_client_builder.go b/zookeeper/kubedb_client_builder.go index 1b529aae..b84be770 100644 --- a/zookeeper/kubedb_client_builder.go +++ b/zookeeper/kubedb_client_builder.go @@ -18,9 +18,18 @@ package zookeeper import ( "context" + "errors" "fmt" + "log" + "strconv" + "strings" "time" + core "k8s.io/api/core/v1" + kerr "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/types" + "k8s.io/klog/v2" + "github.com/Shopify/zk" "kubedb.dev/apimachinery/apis/kubedb" dbapi "kubedb.dev/apimachinery/apis/kubedb/v1alpha2" @@ -33,10 +42,13 @@ const ( ) type KubeDBClientBuilder struct { - kc client.Client - db *dbapi.ZooKeeper - podName string - url string + kc client.Client + db *dbapi.ZooKeeper + ctx context.Context + podName string + url string + enableHTTPClient bool + disableAMQPClient bool } func NewKubeDBClientBuilder(kc client.Client, db *dbapi.ZooKeeper) *KubeDBClientBuilder { @@ -46,6 +58,14 @@ func NewKubeDBClientBuilder(kc client.Client, db *dbapi.ZooKeeper) *KubeDBClient } } +// NewKubeDBClientBuilderForHTTP returns a KubeDB client builder only for http client +func NewKubeDBClientBuilderForHTTP(kc client.Client, db *dbapi.ZooKeeper) *KubeDBClientBuilder { + return NewKubeDBClientBuilder(kc, db). + WithContext(context.TODO()). + WithAMQPClientDisabled(). + WithHTTPClientEnabled() +} + func (o *KubeDBClientBuilder) WithPod(podName string) *KubeDBClientBuilder { o.podName = podName return o @@ -56,7 +76,22 @@ func (o *KubeDBClientBuilder) WithURL(url string) *KubeDBClientBuilder { return o } -func (o *KubeDBClientBuilder) GetZooKeeperClient(ctx context.Context) (*Client, error) { +func (o *KubeDBClientBuilder) WithContext(ctx context.Context) *KubeDBClientBuilder { + o.ctx = ctx + return o +} + +func (o *KubeDBClientBuilder) WithHTTPClientEnabled() *KubeDBClientBuilder { + o.enableHTTPClient = true + return o +} + +func (o *KubeDBClientBuilder) WithAMQPClientDisabled() *KubeDBClientBuilder { + o.disableAMQPClient = true + return o +} + +func (o *KubeDBClientBuilder) GetZooKeeperClient() (*Client, error) { var err error if o.podName != "" { o.url = o.getPodURL() @@ -73,6 +108,41 @@ func (o *KubeDBClientBuilder) GetZooKeeperClient(ctx context.Context) (*Client, break } } + + if !o.db.Spec.DisableAuth { + if o.db.Spec.AuthSecret == nil { + klog.Info("Auth-secret not set") + return nil, errors.New("auth-secret is not set") + } + + authSecret := core.Secret{} + err := o.kc.Get(o.ctx, types.NamespacedName{ + Namespace: o.db.Namespace, + Name: o.db.Spec.AuthSecret.Name, + }, &authSecret) + if err != nil { + if kerr.IsNotFound(err) { + klog.Error(err, "Auth-secret not found") + return nil, errors.New("auth-secret is not found") + } + klog.Error(err, "Failed to get auth-secret") + return nil, err + } + + //clientConfig.Net.SASL.Enable = true + username := string(authSecret.Data[core.BasicAuthUsernameKey]) + password := string(authSecret.Data[core.BasicAuthPasswordKey]) + + // Correct the format for the username:password string + authString := fmt.Sprintf("%s:%s", username, password) + + // Add authentication using the properly formatted authString + err = zkConn.AddAuth("digest", []byte(authString)) + if err != nil { + log.Fatalf("Failed to add authentication: %v", err) + } + } + return &Client{ zkConn, }, nil @@ -81,3 +151,22 @@ func (o *KubeDBClientBuilder) GetZooKeeperClient(ctx context.Context) (*Client, func (o *KubeDBClientBuilder) getPodURL() string { return fmt.Sprintf("%v.%v.%v.svc:%d", o.podName, o.db.GoverningServiceName(), o.db.Namespace, kubedb.ZooKeeperClientPort) } + +func (c *Client) RemoveMember(podName string) error { + parts := strings.Split(podName, "-") + nodeID := parts[len(parts)-1] + nodeIDInt, err := strconv.Atoi(nodeID) + if err != nil { + return err + } + nodeID = strconv.Itoa(nodeIDInt + 1) + + // Use the IncrementalReconfig API to remove the specific node from the Zookeeper cluster + _, err = c.Conn.IncrementalReconfig(nil, []string{nodeID}, -1) + if err != nil { + return fmt.Errorf("failed to reconfigure Zookeeper and remove node %s: %w", nodeID, err) + } + + fmt.Printf("Node %s successfully removed from Zookeeper cluster.\n", nodeID) + return nil +}