diff --git a/docs/api/ArangoDeployment.V1.md b/docs/api/ArangoDeployment.V1.md index 046dbba1d..2e63316dd 100644 --- a/docs/api/ArangoDeployment.V1.md +++ b/docs/api/ArangoDeployment.V1.md @@ -3045,7 +3045,7 @@ Type: `boolean` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1. ### .spec.gateway.dynamic -Type: `boolean` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/deployment_spec_gateway.go#L38) +Type: `boolean` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/deployment_spec_gateway.go#L36) Dynamic setting enables/disables support dynamic configuration of the gateway in the cluster. When enabled, gateway config will be reloaded by ConfigMap live updates. @@ -3056,7 +3056,7 @@ Default Value: `false` ### .spec.gateway.enabled -Type: `boolean` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/deployment_spec_gateway.go#L33) +Type: `boolean` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/deployment_spec_gateway.go#L31) Enabled setting enables/disables support for gateway in the cluster. When enabled, the cluster will contain a number of `gateway` servers. @@ -3067,217 +3067,13 @@ Default Value: `false` ### .spec.gateway.image -Type: `string` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/deployment_spec_gateway.go#L42) +Type: `string` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/deployment_spec_gateway.go#L40) Image is the image to use for the gateway. By default, the image is determined by the operator. *** -### .spec.gateway.sidecar.args - -Type: `array` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/core.go#L54) - -Arguments to the entrypoint. -The container image's CMD is used if this is not provided. -Variable references $(VAR_NAME) are expanded using the container's environment. If a variable -cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced -to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will -produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless -of whether the variable exists or not. Cannot be updated. - -Links: -* [Kubernetes Docs](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell) - -*** - -### .spec.gateway.sidecar.command - -Type: `array` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/core.go#L44) - -Entrypoint array. Not executed within a shell. -The container image's ENTRYPOINT is used if this is not provided. -Variable references $(VAR_NAME) are expanded using the container's environment. If a variable -cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced -to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will -produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless -of whether the variable exists or not. Cannot be updated. - -Links: -* [Kubernetes Docs](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell) - -*** - -### .spec.gateway.sidecar.controllerListenPort - -Type: `integer` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/integration/integration.go#L36) - -ControllerListenPort defines on which port the sidecar container will be listening for controller requests - -Default Value: `9202` - -*** - -### .spec.gateway.sidecar.env - -Type: `core.EnvVar` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/environments.go#L36) - -Env keeps the information about environment variables provided to the container - -Links: -* [Kubernetes Docs](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#envvar-v1-core) - -*** - -### .spec.gateway.sidecar.envFrom - -Type: `core.EnvFromSource` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/environments.go#L41) - -EnvFrom keeps the information about environment variable sources provided to the container - -Links: -* [Kubernetes Docs](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#envfromsource-v1-core) - -*** - -### .spec.gateway.sidecar.image - -Type: `string` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/image.go#L35) - -Image define image details - -*** - -### .spec.gateway.sidecar.imagePullPolicy - -Type: `string` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/image.go#L39) - -ImagePullPolicy define Image pull policy - -Default Value: `IfNotPresent` - -*** - -### .spec.gateway.sidecar.lifecycle - -Type: `core.Lifecycle` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/lifecycle.go#L35) - -Lifecycle keeps actions that the management system should take in response to container lifecycle events. - -*** - -### .spec.gateway.sidecar.listenPort - -Type: `integer` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/integration/integration.go#L32) - -ListenPort defines on which port the sidecar container will be listening for connections - -Default Value: `9201` - -*** - -### .spec.gateway.sidecar.livenessProbe - -Type: `core.Probe` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/probes.go#L37) - -LivenessProbe keeps configuration of periodic probe of container liveness. -Container will be restarted if the probe fails. - -Links: -* [Kubernetes docs](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes) - -*** - -### .spec.gateway.sidecar.method - -Type: `string` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/policy/merge.go#L32) - -Method defines the merge method - -Possible Values: -* `"override"` (default) - Overrides values during configuration merge -* `"append"` - Appends, if possible, values during configuration merge - -*** - -### .spec.gateway.sidecar.ports - -Type: `[]core.ContainerPort` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/networking.go#L39) - -Ports contains list of ports to expose from the container. Not specifying a port here -DOES NOT prevent that port from being exposed. Any port which is -listening on the default "0.0.0.0" address inside a container will be -accessible from the network. - -*** - -### .spec.gateway.sidecar.readinessProbe - -Type: `core.Probe` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/probes.go#L42) - -ReadinessProbe keeps configuration of periodic probe of container service readiness. -Container will be removed from service endpoints if the probe fails. - -Links: -* [Kubernetes docs](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes) - -*** - -### .spec.gateway.sidecar.resources - -Type: `core.ResourceRequirements` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/resources.go#L37) - -Resources holds resource requests & limits for container - -Links: -* [Documentation of core.ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#resourcerequirements-v1-core) - -*** - -### .spec.gateway.sidecar.securityContext - -Type: `core.SecurityContext` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/security.go#L35) - -SecurityContext holds container-level security attributes and common container settings. - -Links: -* [Kubernetes docs](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) - -*** - -### .spec.gateway.sidecar.startupProbe - -Type: `core.Probe` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/probes.go#L50) - -StartupProbe indicates that the Pod has successfully initialized. -If specified, no other probes are executed until this completes successfully. -If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. -This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, -when it might take a long time to load data or warm a cache, than during steady-state operation. - -Links: -* [Kubernetes docs](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes) - -*** - -### .spec.gateway.sidecar.volumeMounts - -Type: `[]core.VolumeMount` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/volume_mounts.go#L35) - -VolumeMounts keeps list of pod volumes to mount into the container's filesystem. - -*** - -### .spec.gateway.sidecar.workingDir - -Type: `string` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/core.go#L59) - -Container's working directory. -If not specified, the container runtime's default will be used, which -might be configured in the container image. - -*** - ### .spec.gateways.affinity Type: `core.PodAffinity` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/server_group_spec.go#L156) @@ -4478,6 +4274,210 @@ ImagePullSecrets specifies the list of image pull secrets for the docker image t *** +### .spec.integration.sidecar.args + +Type: `array` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/core.go#L54) + +Arguments to the entrypoint. +The container image's CMD is used if this is not provided. +Variable references $(VAR_NAME) are expanded using the container's environment. If a variable +cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced +to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will +produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless +of whether the variable exists or not. Cannot be updated. + +Links: +* [Kubernetes Docs](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell) + +*** + +### .spec.integration.sidecar.command + +Type: `array` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/core.go#L44) + +Entrypoint array. Not executed within a shell. +The container image's ENTRYPOINT is used if this is not provided. +Variable references $(VAR_NAME) are expanded using the container's environment. If a variable +cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced +to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will +produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless +of whether the variable exists or not. Cannot be updated. + +Links: +* [Kubernetes Docs](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell) + +*** + +### .spec.integration.sidecar.controllerListenPort + +Type: `integer` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/integration/integration.go#L36) + +ControllerListenPort defines on which port the sidecar container will be listening for controller requests + +Default Value: `9202` + +*** + +### .spec.integration.sidecar.env + +Type: `core.EnvVar` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/environments.go#L36) + +Env keeps the information about environment variables provided to the container + +Links: +* [Kubernetes Docs](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#envvar-v1-core) + +*** + +### .spec.integration.sidecar.envFrom + +Type: `core.EnvFromSource` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/environments.go#L41) + +EnvFrom keeps the information about environment variable sources provided to the container + +Links: +* [Kubernetes Docs](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#envfromsource-v1-core) + +*** + +### .spec.integration.sidecar.image + +Type: `string` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/image.go#L35) + +Image define image details + +*** + +### .spec.integration.sidecar.imagePullPolicy + +Type: `string` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/image.go#L39) + +ImagePullPolicy define Image pull policy + +Default Value: `IfNotPresent` + +*** + +### .spec.integration.sidecar.lifecycle + +Type: `core.Lifecycle` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/lifecycle.go#L35) + +Lifecycle keeps actions that the management system should take in response to container lifecycle events. + +*** + +### .spec.integration.sidecar.listenPort + +Type: `integer` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/integration/integration.go#L32) + +ListenPort defines on which port the sidecar container will be listening for connections + +Default Value: `9201` + +*** + +### .spec.integration.sidecar.livenessProbe + +Type: `core.Probe` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/probes.go#L37) + +LivenessProbe keeps configuration of periodic probe of container liveness. +Container will be restarted if the probe fails. + +Links: +* [Kubernetes docs](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes) + +*** + +### .spec.integration.sidecar.method + +Type: `string` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/policy/merge.go#L32) + +Method defines the merge method + +Possible Values: +* `"override"` (default) - Overrides values during configuration merge +* `"append"` - Appends, if possible, values during configuration merge + +*** + +### .spec.integration.sidecar.ports + +Type: `[]core.ContainerPort` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/networking.go#L39) + +Ports contains list of ports to expose from the container. Not specifying a port here +DOES NOT prevent that port from being exposed. Any port which is +listening on the default "0.0.0.0" address inside a container will be +accessible from the network. + +*** + +### .spec.integration.sidecar.readinessProbe + +Type: `core.Probe` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/probes.go#L42) + +ReadinessProbe keeps configuration of periodic probe of container service readiness. +Container will be removed from service endpoints if the probe fails. + +Links: +* [Kubernetes docs](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes) + +*** + +### .spec.integration.sidecar.resources + +Type: `core.ResourceRequirements` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/resources.go#L37) + +Resources holds resource requests & limits for container + +Links: +* [Documentation of core.ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#resourcerequirements-v1-core) + +*** + +### .spec.integration.sidecar.securityContext + +Type: `core.SecurityContext` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/security.go#L35) + +SecurityContext holds container-level security attributes and common container settings. + +Links: +* [Kubernetes docs](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) + +*** + +### .spec.integration.sidecar.startupProbe + +Type: `core.Probe` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/probes.go#L50) + +StartupProbe indicates that the Pod has successfully initialized. +If specified, no other probes are executed until this completes successfully. +If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. +This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, +when it might take a long time to load data or warm a cache, than during steady-state operation. + +Links: +* [Kubernetes docs](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes) + +*** + +### .spec.integration.sidecar.volumeMounts + +Type: `[]core.VolumeMount` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/volume_mounts.go#L35) + +VolumeMounts keeps list of pod volumes to mount into the container's filesystem. + +*** + +### .spec.integration.sidecar.workingDir + +Type: `string` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/core.go#L59) + +Container's working directory. +If not specified, the container runtime's default will be used, which +might be configured in the container image. + +*** + ### .spec.labels Type: `object` [\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/deployment_spec.go#L127) diff --git a/docs/cli/arangodb_operator_integration.md b/docs/cli/arangodb_operator_integration.md index 3ed59a24b..f0bbe9a5c 100644 --- a/docs/cli/arangodb_operator_integration.md +++ b/docs/cli/arangodb_operator_integration.md @@ -18,65 +18,65 @@ Available Commands: help Help about any command Flags: - --health.address string Address to expose health service (default "0.0.0.0:9091") - --health.auth.token string Token for health service (when auth service is token) - --health.auth.type string Auth type for health service (default "None") - --health.shutdown.enabled Determines if shutdown service should be enabled and exposed (default true) - --health.tls.keyfile string Path to the keyfile + --health.address string Address to expose health service (Env: HEALTH_ADDRESS) (default "0.0.0.0:9091") + --health.auth.token string Token for health service (when auth service is token) (Env: HEALTH_AUTH_TOKEN) + --health.auth.type string Auth type for health service (Env: HEALTH_AUTH_TYPE) (default "None") + --health.shutdown.enabled Determines if shutdown service should be enabled and exposed (Env: HEALTH_SHUTDOWN_ENABLED) (default true) + --health.tls.keyfile string Path to the keyfile (Env: HEALTH_TLS_KEYFILE) -h, --help help for arangodb_operator_integration - --integration.authentication.v1 Enable AuthenticationV1 Integration Service - --integration.authentication.v1.enabled Defines if Authentication is enabled (default true) - --integration.authentication.v1.external Defones if External access to service authentication.v1 is enabled - --integration.authentication.v1.internal Defones if Internal access to service authentication.v1 is enabled (default true) - --integration.authentication.v1.path string Path to the JWT Folder - --integration.authentication.v1.token.allowed strings Allowed users for the Token - --integration.authentication.v1.token.max-size uint16 Max Token max size in bytes (default 64) - --integration.authentication.v1.token.ttl.default duration Default Token TTL (default 1h0m0s) - --integration.authentication.v1.token.ttl.max duration Max Token TTL (default 1h0m0s) - --integration.authentication.v1.token.ttl.min duration Min Token TTL (default 1m0s) - --integration.authentication.v1.token.user string Default user of the Token (default "root") - --integration.authentication.v1.ttl duration TTL of the JWT cache (default 15s) - --integration.authorization.v0 Enable AuthorizationV0 Integration Service - --integration.authorization.v0.external Defones if External access to service authorization.v0 is enabled - --integration.authorization.v0.internal Defones if Internal access to service authorization.v0 is enabled (default true) - --integration.config.v1 Enable ConfigV1 Integration Service - --integration.config.v1.external Defones if External access to service config.v1 is enabled - --integration.config.v1.internal Defones if Internal access to service config.v1 is enabled (default true) - --integration.config.v1.module strings Module in the reference = - --integration.envoy.auth.v3 Enable EnvoyAuthV3 Integration Service - --integration.envoy.auth.v3.external Defones if External access to service envoy.auth.v3 is enabled - --integration.envoy.auth.v3.internal Defones if Internal access to service envoy.auth.v3 is enabled (default true) - --integration.scheduler.v1 SchedulerV1 Integration - --integration.scheduler.v1.external Defones if External access to service scheduler.v1 is enabled - --integration.scheduler.v1.internal Defones if Internal access to service scheduler.v1 is enabled (default true) - --integration.scheduler.v1.namespace string Kubernetes Namespace (default "default") - --integration.scheduler.v1.verify-access Verify the CRD Access (default true) - --integration.shutdown.v1 ShutdownV1 Handler - --integration.shutdown.v1.external Defones if External access to service shutdown.v1 is enabled - --integration.shutdown.v1.internal Defones if Internal access to service shutdown.v1 is enabled (default true) - --integration.storage.v1 StorageBucket Integration - --integration.storage.v1.external Defones if External access to service storage.v1 is enabled - --integration.storage.v1.internal Defones if Internal access to service storage.v1 is enabled (default true) - --integration.storage.v1.s3.access-key string Path to file containing S3 AccessKey - --integration.storage.v1.s3.allow-insecure If set to true, the Endpoint certificates won't be checked - --integration.storage.v1.s3.bucket string Bucket name - --integration.storage.v1.s3.ca-crt string Path to file containing CA certificate to validate endpoint connection - --integration.storage.v1.s3.ca-key string Path to file containing keyfile to validate endpoint connection - --integration.storage.v1.s3.disable-ssl If set to true, the SSL won't be used when connecting to Endpoint - --integration.storage.v1.s3.endpoint string Endpoint of S3 API implementation - --integration.storage.v1.s3.region string Region - --integration.storage.v1.s3.secret-key string Path to file containing S3 SecretKey - --integration.storage.v1.type string Type of the Storage Integration (default "s3") - --services.address string Address to expose internal services (default "127.0.0.1:9092") - --services.auth.token string Token for internal service (when auth service is token) - --services.auth.type string Auth type for internal service (default "None") - --services.enabled Defines if internal access is enabled (default true) - --services.external.address string Address to expose external services (default "0.0.0.0:9093") - --services.external.auth.token string Token for external service (when auth service is token) - --services.external.auth.type string Auth type for external service (default "None") - --services.external.enabled Defines if external access is enabled - --services.external.tls.keyfile string Path to the keyfile - --services.tls.keyfile string Path to the keyfile + --integration.authentication.v1 Enable AuthenticationV1 Integration Service (Env: INTEGRATION_AUTHENTICATION_V1) + --integration.authentication.v1.enabled Defines if Authentication is enabled (Env: INTEGRATION_AUTHENTICATION_V1_ENABLED) (default true) + --integration.authentication.v1.external Defones if External access to service authentication.v1 is enabled (Env: INTEGRATION_AUTHENTICATION_V1_EXTERNAL) + --integration.authentication.v1.internal Defones if Internal access to service authentication.v1 is enabled (Env: INTEGRATION_AUTHENTICATION_V1_INTERNAL) (default true) + --integration.authentication.v1.path string Path to the JWT Folder (Env: INTEGRATION_AUTHENTICATION_V1_PATH) + --integration.authentication.v1.token.allowed strings Allowed users for the Token (Env: INTEGRATION_AUTHENTICATION_V1_TOKEN_ALLOWED) + --integration.authentication.v1.token.max-size uint16 Max Token max size in bytes (Env: INTEGRATION_AUTHENTICATION_V1_TOKEN_MAX_SIZE) (default 64) + --integration.authentication.v1.token.ttl.default duration Default Token TTL (Env: INTEGRATION_AUTHENTICATION_V1_TOKEN_TTL_DEFAULT) (default 1h0m0s) + --integration.authentication.v1.token.ttl.max duration Max Token TTL (Env: INTEGRATION_AUTHENTICATION_V1_TOKEN_TTL_MAX) (default 1h0m0s) + --integration.authentication.v1.token.ttl.min duration Min Token TTL (Env: INTEGRATION_AUTHENTICATION_V1_TOKEN_TTL_MIN) (default 1m0s) + --integration.authentication.v1.token.user string Default user of the Token (Env: INTEGRATION_AUTHENTICATION_V1_TOKEN_USER) (default "root") + --integration.authentication.v1.ttl duration TTL of the JWT cache (Env: INTEGRATION_AUTHENTICATION_V1_TTL) (default 15s) + --integration.authorization.v0 Enable AuthorizationV0 Integration Service (Env: INTEGRATION_AUTHORIZATION_V0) + --integration.authorization.v0.external Defones if External access to service authorization.v0 is enabled (Env: INTEGRATION_AUTHORIZATION_V0_EXTERNAL) + --integration.authorization.v0.internal Defones if Internal access to service authorization.v0 is enabled (Env: INTEGRATION_AUTHORIZATION_V0_INTERNAL) (default true) + --integration.config.v1 Enable ConfigV1 Integration Service (Env: INTEGRATION_CONFIG_V1) + --integration.config.v1.external Defones if External access to service config.v1 is enabled (Env: INTEGRATION_CONFIG_V1_EXTERNAL) + --integration.config.v1.internal Defones if Internal access to service config.v1 is enabled (Env: INTEGRATION_CONFIG_V1_INTERNAL) (default true) + --integration.config.v1.module strings Module in the reference = (Env: INTEGRATION_CONFIG_V1_MODULE) + --integration.envoy.auth.v3 Enable EnvoyAuthV3 Integration Service (Env: INTEGRATION_ENVOY_AUTH_V3) + --integration.envoy.auth.v3.external Defones if External access to service envoy.auth.v3 is enabled (Env: INTEGRATION_ENVOY_AUTH_V3_EXTERNAL) + --integration.envoy.auth.v3.internal Defones if Internal access to service envoy.auth.v3 is enabled (Env: INTEGRATION_ENVOY_AUTH_V3_INTERNAL) (default true) + --integration.scheduler.v1 SchedulerV1 Integration (Env: INTEGRATION_SCHEDULER_V1) + --integration.scheduler.v1.external Defones if External access to service scheduler.v1 is enabled (Env: INTEGRATION_SCHEDULER_V1_EXTERNAL) + --integration.scheduler.v1.internal Defones if Internal access to service scheduler.v1 is enabled (Env: INTEGRATION_SCHEDULER_V1_INTERNAL) (default true) + --integration.scheduler.v1.namespace string Kubernetes Namespace (Env: INTEGRATION_SCHEDULER_V1_NAMESPACE) (default "default") + --integration.scheduler.v1.verify-access Verify the CRD Access (Env: INTEGRATION_SCHEDULER_V1_VERIFY_ACCESS) (default true) + --integration.shutdown.v1 ShutdownV1 Handler (Env: INTEGRATION_SHUTDOWN_V1) + --integration.shutdown.v1.external Defones if External access to service shutdown.v1 is enabled (Env: INTEGRATION_SHUTDOWN_V1_EXTERNAL) + --integration.shutdown.v1.internal Defones if Internal access to service shutdown.v1 is enabled (Env: INTEGRATION_SHUTDOWN_V1_INTERNAL) (default true) + --integration.storage.v1 StorageBucket Integration (Env: INTEGRATION_STORAGE_V1) + --integration.storage.v1.external Defones if External access to service storage.v1 is enabled (Env: INTEGRATION_STORAGE_V1_EXTERNAL) + --integration.storage.v1.internal Defones if Internal access to service storage.v1 is enabled (Env: INTEGRATION_STORAGE_V1_INTERNAL) (default true) + --integration.storage.v1.s3.access-key string Path to file containing S3 AccessKey (Env: INTEGRATION_STORAGE_V1_S3_ACCESS_KEY) + --integration.storage.v1.s3.allow-insecure If set to true, the Endpoint certificates won't be checked (Env: INTEGRATION_STORAGE_V1_S3_ALLOW_INSECURE) + --integration.storage.v1.s3.bucket string Bucket name (Env: INTEGRATION_STORAGE_V1_S3_BUCKET) + --integration.storage.v1.s3.ca-crt string Path to file containing CA certificate to validate endpoint connection (Env: INTEGRATION_STORAGE_V1_S3_CA_CRT) + --integration.storage.v1.s3.ca-key string Path to file containing keyfile to validate endpoint connection (Env: INTEGRATION_STORAGE_V1_S3_CA_KEY) + --integration.storage.v1.s3.disable-ssl If set to true, the SSL won't be used when connecting to Endpoint (Env: INTEGRATION_STORAGE_V1_S3_DISABLE_SSL) + --integration.storage.v1.s3.endpoint string Endpoint of S3 API implementation (Env: INTEGRATION_STORAGE_V1_S3_ENDPOINT) + --integration.storage.v1.s3.region string Region (Env: INTEGRATION_STORAGE_V1_S3_REGION) + --integration.storage.v1.s3.secret-key string Path to file containing S3 SecretKey (Env: INTEGRATION_STORAGE_V1_S3_SECRET_KEY) + --integration.storage.v1.type string Type of the Storage Integration (Env: INTEGRATION_STORAGE_V1_TYPE) (default "s3") + --services.address string Address to expose internal services (Env: SERVICES_ADDRESS) (default "127.0.0.1:9092") + --services.auth.token string Token for internal service (when auth service is token) (Env: SERVICES_AUTH_TOKEN) + --services.auth.type string Auth type for internal service (Env: SERVICES_AUTH_TYPE) (default "None") + --services.enabled Defines if internal access is enabled (Env: SERVICES_ENABLED) (default true) + --services.external.address string Address to expose external services (Env: SERVICES_EXTERNAL_ADDRESS) (default "0.0.0.0:9093") + --services.external.auth.token string Token for external service (when auth service is token) (Env: SERVICES_EXTERNAL_AUTH_TOKEN) + --services.external.auth.type string Auth type for external service (Env: SERVICES_EXTERNAL_AUTH_TYPE) (default "None") + --services.external.enabled Defines if external access is enabled (Env: SERVICES_EXTERNAL_ENABLED) + --services.external.tls.keyfile string Path to the keyfile (Env: SERVICES_EXTERNAL_TLS_KEYFILE) + --services.tls.keyfile string Path to the keyfile (Env: SERVICES_TLS_KEYFILE) Use "arangodb_operator_integration [command] --help" for more information about a command. ``` diff --git a/pkg/apis/deployment/v1/deployment_spec.go b/pkg/apis/deployment/v1/deployment_spec.go index d25070f04..004583df5 100644 --- a/pkg/apis/deployment/v1/deployment_spec.go +++ b/pkg/apis/deployment/v1/deployment_spec.go @@ -262,6 +262,9 @@ type DeploymentSpec struct { // Gateway defined main Gateway configuration. Gateway *DeploymentSpecGateway `json:"gateway,omitempty"` + + // Integration defined main Integration configuration. + Integration *DeploymentSpecIntegration `json:"integration,omitempty"` } // GetAllowMemberRecreation returns member recreation policy based on group and settings @@ -582,7 +585,10 @@ func (s *DeploymentSpec) Validate() error { return errors.WithStack(errors.Wrap(err, "spec.architecture")) } if err := s.Gateway.Validate(); err != nil { - return errors.WithStack(errors.Wrap(err, "spec.architecture")) + return errors.WithStack(errors.Wrap(err, "spec.gateway")) + } + if err := s.Integration.Validate(); err != nil { + return errors.WithStack(errors.Wrap(err, "spec.integration")) } return nil } diff --git a/pkg/apis/deployment/v1/deployment_spec_gateway.go b/pkg/apis/deployment/v1/deployment_spec_gateway.go index b362c517b..8449e0e04 100644 --- a/pkg/apis/deployment/v1/deployment_spec_gateway.go +++ b/pkg/apis/deployment/v1/deployment_spec_gateway.go @@ -21,8 +21,6 @@ package v1 import ( - schedulerIntegrationApi "github.com/arangodb/kube-arangodb/pkg/apis/scheduler/v1beta1/integration" - shared "github.com/arangodb/kube-arangodb/pkg/apis/shared" "github.com/arangodb/kube-arangodb/pkg/util" ) @@ -40,9 +38,6 @@ type DeploymentSpecGateway struct { // Image is the image to use for the gateway. // By default, the image is determined by the operator. Image *string `json:"image"` - - // Sidecar define the integration sidecar spec - Sidecar *schedulerIntegrationApi.Sidecar `json:"sidecar,omitempty"` } // IsEnabled returns whether the gateway is enabled. @@ -63,22 +58,9 @@ func (d *DeploymentSpecGateway) IsDynamic() bool { return *d.Dynamic } -func (d *DeploymentSpecGateway) GetSidecar() *schedulerIntegrationApi.Sidecar { - if d == nil || d.Sidecar == nil { - return nil - } - return d.Sidecar -} - // Validate the given spec func (d *DeploymentSpecGateway) Validate() error { - if d == nil { - d = &DeploymentSpecGateway{} - } - - return shared.WithErrors( - shared.PrefixResourceErrors("integrationSidecar", d.GetSidecar().Validate()), - ) + return nil } // GetImage returns the image to use for the gateway. diff --git a/pkg/apis/deployment/v1/deployment_spec_integration.go b/pkg/apis/deployment/v1/deployment_spec_integration.go new file mode 100644 index 000000000..32ee69612 --- /dev/null +++ b/pkg/apis/deployment/v1/deployment_spec_integration.go @@ -0,0 +1,49 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package v1 + +import ( + schedulerIntegrationApi "github.com/arangodb/kube-arangodb/pkg/apis/scheduler/v1beta1/integration" + shared "github.com/arangodb/kube-arangodb/pkg/apis/shared" +) + +type DeploymentSpecIntegration struct { + // Sidecar define the integration sidecar spec + Sidecar *schedulerIntegrationApi.Sidecar `json:"sidecar,omitempty"` +} + +func (d *DeploymentSpecIntegration) GetSidecar() *schedulerIntegrationApi.Sidecar { + if d == nil || d.Sidecar == nil { + return nil + } + return d.Sidecar +} + +// Validate the given spec +func (d *DeploymentSpecIntegration) Validate() error { + if d == nil { + d = &DeploymentSpecIntegration{} + } + + return shared.WithErrors( + shared.PrefixResourceErrors("sidecar", d.GetSidecar().Validate()), + ) +} diff --git a/pkg/apis/deployment/v1/zz_generated.deepcopy.go b/pkg/apis/deployment/v1/zz_generated.deepcopy.go index 066b99d80..86f9e84bf 100644 --- a/pkg/apis/deployment/v1/zz_generated.deepcopy.go +++ b/pkg/apis/deployment/v1/zz_generated.deepcopy.go @@ -1159,6 +1159,11 @@ func (in *DeploymentSpec) DeepCopyInto(out *DeploymentSpec) { *out = new(DeploymentSpecGateway) (*in).DeepCopyInto(*out) } + if in.Integration != nil { + in, out := &in.Integration, &out.Integration + *out = new(DeploymentSpecIntegration) + (*in).DeepCopyInto(*out) + } return } @@ -1190,6 +1195,22 @@ func (in *DeploymentSpecGateway) DeepCopyInto(out *DeploymentSpecGateway) { *out = new(string) **out = **in } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentSpecGateway. +func (in *DeploymentSpecGateway) DeepCopy() *DeploymentSpecGateway { + if in == nil { + return nil + } + out := new(DeploymentSpecGateway) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DeploymentSpecIntegration) DeepCopyInto(out *DeploymentSpecIntegration) { + *out = *in if in.Sidecar != nil { in, out := &in.Sidecar, &out.Sidecar *out = new(integration.Sidecar) @@ -1198,12 +1219,12 @@ func (in *DeploymentSpecGateway) DeepCopyInto(out *DeploymentSpecGateway) { return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentSpecGateway. -func (in *DeploymentSpecGateway) DeepCopy() *DeploymentSpecGateway { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentSpecIntegration. +func (in *DeploymentSpecIntegration) DeepCopy() *DeploymentSpecIntegration { if in == nil { return nil } - out := new(DeploymentSpecGateway) + out := new(DeploymentSpecIntegration) in.DeepCopyInto(out) return out } diff --git a/pkg/apis/deployment/v2alpha1/deployment_spec.go b/pkg/apis/deployment/v2alpha1/deployment_spec.go index 4e979fa22..56b28b9bd 100644 --- a/pkg/apis/deployment/v2alpha1/deployment_spec.go +++ b/pkg/apis/deployment/v2alpha1/deployment_spec.go @@ -262,6 +262,9 @@ type DeploymentSpec struct { // Gateway defined main Gateway configuration. Gateway *DeploymentSpecGateway `json:"gateway,omitempty"` + + // Integration defined main Integration configuration. + Integration *DeploymentSpecIntegration `json:"integration,omitempty"` } // GetAllowMemberRecreation returns member recreation policy based on group and settings @@ -582,7 +585,10 @@ func (s *DeploymentSpec) Validate() error { return errors.WithStack(errors.Wrap(err, "spec.architecture")) } if err := s.Gateway.Validate(); err != nil { - return errors.WithStack(errors.Wrap(err, "spec.architecture")) + return errors.WithStack(errors.Wrap(err, "spec.gateway")) + } + if err := s.Integration.Validate(); err != nil { + return errors.WithStack(errors.Wrap(err, "spec.integration")) } return nil } diff --git a/pkg/apis/deployment/v2alpha1/deployment_spec_gateway.go b/pkg/apis/deployment/v2alpha1/deployment_spec_gateway.go index 41ecb45ce..a31d78150 100644 --- a/pkg/apis/deployment/v2alpha1/deployment_spec_gateway.go +++ b/pkg/apis/deployment/v2alpha1/deployment_spec_gateway.go @@ -21,8 +21,6 @@ package v2alpha1 import ( - schedulerIntegrationApi "github.com/arangodb/kube-arangodb/pkg/apis/scheduler/v1beta1/integration" - shared "github.com/arangodb/kube-arangodb/pkg/apis/shared" "github.com/arangodb/kube-arangodb/pkg/util" ) @@ -40,9 +38,6 @@ type DeploymentSpecGateway struct { // Image is the image to use for the gateway. // By default, the image is determined by the operator. Image *string `json:"image"` - - // Sidecar define the integration sidecar spec - Sidecar *schedulerIntegrationApi.Sidecar `json:"sidecar,omitempty"` } // IsEnabled returns whether the gateway is enabled. @@ -63,22 +58,9 @@ func (d *DeploymentSpecGateway) IsDynamic() bool { return *d.Dynamic } -func (d *DeploymentSpecGateway) GetSidecar() *schedulerIntegrationApi.Sidecar { - if d == nil || d.Sidecar == nil { - return nil - } - return d.Sidecar -} - // Validate the given spec func (d *DeploymentSpecGateway) Validate() error { - if d == nil { - d = &DeploymentSpecGateway{} - } - - return shared.WithErrors( - shared.PrefixResourceErrors("integrationSidecar", d.GetSidecar().Validate()), - ) + return nil } // GetImage returns the image to use for the gateway. diff --git a/pkg/apis/deployment/v2alpha1/deployment_spec_integration.go b/pkg/apis/deployment/v2alpha1/deployment_spec_integration.go new file mode 100644 index 000000000..c5670a2e0 --- /dev/null +++ b/pkg/apis/deployment/v2alpha1/deployment_spec_integration.go @@ -0,0 +1,49 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package v2alpha1 + +import ( + schedulerIntegrationApi "github.com/arangodb/kube-arangodb/pkg/apis/scheduler/v1beta1/integration" + shared "github.com/arangodb/kube-arangodb/pkg/apis/shared" +) + +type DeploymentSpecIntegration struct { + // Sidecar define the integration sidecar spec + Sidecar *schedulerIntegrationApi.Sidecar `json:"sidecar,omitempty"` +} + +func (d *DeploymentSpecIntegration) GetSidecar() *schedulerIntegrationApi.Sidecar { + if d == nil || d.Sidecar == nil { + return nil + } + return d.Sidecar +} + +// Validate the given spec +func (d *DeploymentSpecIntegration) Validate() error { + if d == nil { + d = &DeploymentSpecIntegration{} + } + + return shared.WithErrors( + shared.PrefixResourceErrors("sidecar", d.GetSidecar().Validate()), + ) +} diff --git a/pkg/apis/deployment/v2alpha1/zz_generated.deepcopy.go b/pkg/apis/deployment/v2alpha1/zz_generated.deepcopy.go index 7a13882bf..c57528ba7 100644 --- a/pkg/apis/deployment/v2alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/deployment/v2alpha1/zz_generated.deepcopy.go @@ -1159,6 +1159,11 @@ func (in *DeploymentSpec) DeepCopyInto(out *DeploymentSpec) { *out = new(DeploymentSpecGateway) (*in).DeepCopyInto(*out) } + if in.Integration != nil { + in, out := &in.Integration, &out.Integration + *out = new(DeploymentSpecIntegration) + (*in).DeepCopyInto(*out) + } return } @@ -1190,6 +1195,22 @@ func (in *DeploymentSpecGateway) DeepCopyInto(out *DeploymentSpecGateway) { *out = new(string) **out = **in } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentSpecGateway. +func (in *DeploymentSpecGateway) DeepCopy() *DeploymentSpecGateway { + if in == nil { + return nil + } + out := new(DeploymentSpecGateway) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DeploymentSpecIntegration) DeepCopyInto(out *DeploymentSpecIntegration) { + *out = *in if in.Sidecar != nil { in, out := &in.Sidecar, &out.Sidecar *out = new(integration.Sidecar) @@ -1198,12 +1219,12 @@ func (in *DeploymentSpecGateway) DeepCopyInto(out *DeploymentSpecGateway) { return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentSpecGateway. -func (in *DeploymentSpecGateway) DeepCopy() *DeploymentSpecGateway { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentSpecIntegration. +func (in *DeploymentSpecIntegration) DeepCopy() *DeploymentSpecIntegration { if in == nil { return nil } - out := new(DeploymentSpecGateway) + out := new(DeploymentSpecIntegration) in.DeepCopyInto(out) return out } diff --git a/pkg/crd/crds/database-deployment.schema.generated.yaml b/pkg/crd/crds/database-deployment.schema.generated.yaml index 3d73b0b64..76649f8de 100644 --- a/pkg/crd/crds/database-deployment.schema.generated.yaml +++ b/pkg/crd/crds/database-deployment.schema.generated.yaml @@ -6582,498 +6582,6 @@ v1: Image is the image to use for the gateway. By default, the image is determined by the operator. type: string - sidecar: - description: Sidecar define the integration sidecar spec - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - controllerListenPort: - format: int32 - type: integer - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - type: object - sleep: - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - properties: - host: - type: string - port: - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - type: object - sleep: - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - properties: - host: - type: string - port: - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - listenPort: - format: int32 - type: integer - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - method: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - type: object - type: array - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - claims: - items: - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - type: object - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object type: object gateways: description: Gateways contain specification for Gateway pods running in deployment mode `Single` or `Cluster`. @@ -9695,6 +9203,502 @@ v1: items: type: string type: array + integration: + description: Integration defined main Integration configuration. + properties: + sidecar: + description: Sidecar define the integration sidecar spec + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + controllerListenPort: + format: int32 + type: integer + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + type: object + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + type: string + x-kubernetes-int-or-string: true + scheme: + type: string + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + type: object + tcpSocket: + properties: + host: + type: string + port: + type: string + x-kubernetes-int-or-string: true + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + type: string + x-kubernetes-int-or-string: true + scheme: + type: string + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + type: object + tcpSocket: + properties: + host: + type: string + port: + type: string + x-kubernetes-int-or-string: true + type: object + type: object + type: object + listenPort: + format: int32 + type: integer + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + type: string + x-kubernetes-int-or-string: true + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + type: string + x-kubernetes-int-or-string: true + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + method: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + type: string + x-kubernetes-int-or-string: true + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + type: string + x-kubernetes-int-or-string: true + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + type: object + type: array + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + type: string + x-kubernetes-int-or-string: true + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + type: string + x-kubernetes-int-or-string: true + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + type: object + type: array + workingDir: + type: string + type: object + type: object labels: additionalProperties: type: string @@ -23106,498 +23110,6 @@ v1alpha: Image is the image to use for the gateway. By default, the image is determined by the operator. type: string - sidecar: - description: Sidecar define the integration sidecar spec - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - controllerListenPort: - format: int32 - type: integer - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - type: object - sleep: - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - properties: - host: - type: string - port: - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - type: object - sleep: - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - properties: - host: - type: string - port: - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - listenPort: - format: int32 - type: integer - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - method: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - type: object - type: array - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - claims: - items: - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - type: object - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object type: object gateways: description: Gateways contain specification for Gateway pods running in deployment mode `Single` or `Cluster`. @@ -26219,6 +25731,502 @@ v1alpha: items: type: string type: array + integration: + description: Integration defined main Integration configuration. + properties: + sidecar: + description: Sidecar define the integration sidecar spec + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + controllerListenPort: + format: int32 + type: integer + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + type: object + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + type: string + x-kubernetes-int-or-string: true + scheme: + type: string + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + type: object + tcpSocket: + properties: + host: + type: string + port: + type: string + x-kubernetes-int-or-string: true + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + type: string + x-kubernetes-int-or-string: true + scheme: + type: string + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + type: object + tcpSocket: + properties: + host: + type: string + port: + type: string + x-kubernetes-int-or-string: true + type: object + type: object + type: object + listenPort: + format: int32 + type: integer + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + type: string + x-kubernetes-int-or-string: true + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + type: string + x-kubernetes-int-or-string: true + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + method: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + type: string + x-kubernetes-int-or-string: true + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + type: string + x-kubernetes-int-or-string: true + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + type: object + type: array + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + type: string + x-kubernetes-int-or-string: true + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + type: string + x-kubernetes-int-or-string: true + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + type: object + type: array + workingDir: + type: string + type: object + type: object labels: additionalProperties: type: string @@ -39630,498 +39638,6 @@ v2alpha1: Image is the image to use for the gateway. By default, the image is determined by the operator. type: string - sidecar: - description: Sidecar define the integration sidecar spec - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - controllerListenPort: - format: int32 - type: integer - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - type: object - sleep: - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - properties: - host: - type: string - port: - type: string - x-kubernetes-int-or-string: true - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - type: object - sleep: - properties: - seconds: - format: int64 - type: integer - type: object - tcpSocket: - properties: - host: - type: string - port: - type: string - x-kubernetes-int-or-string: true - type: object - type: object - type: object - listenPort: - format: int32 - type: integer - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - method: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - type: object - type: array - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - claims: - items: - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - type: object - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - type: string - x-kubernetes-int-or-string: true - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object type: object gateways: description: Gateways contain specification for Gateway pods running in deployment mode `Single` or `Cluster`. @@ -42743,6 +42259,502 @@ v2alpha1: items: type: string type: array + integration: + description: Integration defined main Integration configuration. + properties: + sidecar: + description: Sidecar define the integration sidecar spec + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + controllerListenPort: + format: int32 + type: integer + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + type: object + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + type: string + x-kubernetes-int-or-string: true + scheme: + type: string + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + type: object + tcpSocket: + properties: + host: + type: string + port: + type: string + x-kubernetes-int-or-string: true + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + type: string + x-kubernetes-int-or-string: true + scheme: + type: string + type: object + sleep: + properties: + seconds: + format: int64 + type: integer + type: object + tcpSocket: + properties: + host: + type: string + port: + type: string + x-kubernetes-int-or-string: true + type: object + type: object + type: object + listenPort: + format: int32 + type: integer + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + type: string + x-kubernetes-int-or-string: true + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + type: string + x-kubernetes-int-or-string: true + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + method: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + type: string + x-kubernetes-int-or-string: true + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + type: string + x-kubernetes-int-or-string: true + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + type: object + type: array + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + type: string + x-kubernetes-int-or-string: true + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + type: string + x-kubernetes-int-or-string: true + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + type: object + type: array + workingDir: + type: string + type: object + type: object labels: additionalProperties: type: string diff --git a/pkg/deployment/resources/config_map_gateway.go b/pkg/deployment/resources/config_map_gateway.go index f539e40a4..420f5f117 100644 --- a/pkg/deployment/resources/config_map_gateway.go +++ b/pkg/deployment/resources/config_map_gateway.go @@ -135,7 +135,7 @@ func (r *Resources) renderGatewayConfig(cachedStatus inspectorInterface.Inspecto cfg.IntegrationSidecar = &gateway.ConfigDestinationTarget{ Host: "127.0.0.1", - Port: int32(r.context.GetSpec().Gateway.GetSidecar().GetListenPort()), + Port: int32(r.context.GetSpec().Integration.GetSidecar().GetListenPort()), } cfg.DefaultDestination = gateway.ConfigDestination{ diff --git a/pkg/deployment/resources/pod_creator_gateway_pod.go b/pkg/deployment/resources/pod_creator_gateway_pod.go index 16d14c89d..620d3d2c8 100644 --- a/pkg/deployment/resources/pod_creator_gateway_pod.go +++ b/pkg/deployment/resources/pod_creator_gateway_pod.go @@ -238,7 +238,13 @@ func (m *MemberGatewayPod) Labels() map[string]string { func (m *MemberGatewayPod) Profiles() (schedulerApi.ProfileTemplates, error) { integration, err := sidecar.NewIntegration(&schedulerContainerResourcesApi.Image{ Image: util.NewType(m.resources.context.GetOperatorImage()), - }, m.spec.Gateway.GetSidecar(), []string{shared.ServerContainerName}, + }, m.spec.Integration.GetSidecar()) + + if err != nil { + return nil, err + } + + integrations, err := sidecar.NewIntegrationEnablement( sidecar.IntegrationEnvoyV3{ Spec: m.spec, }, sidecar.IntegrationAuthenticationV1{ @@ -250,5 +256,7 @@ func (m *MemberGatewayPod) Profiles() (schedulerApi.ProfileTemplates, error) { return nil, err } - return []*schedulerApi.ProfileTemplate{integration}, nil + shutdownAnnotation := sidecar.NewShutdownAnnotations([]string{shared.ServerContainerName}) + + return []*schedulerApi.ProfileTemplate{integration, integrations, shutdownAnnotation}, nil } diff --git a/pkg/integrations/authentication_v1.go b/pkg/integrations/authentication_v1.go index 60bc77afa..0c50e7cc3 100644 --- a/pkg/integrations/authentication_v1.go +++ b/pkg/integrations/authentication_v1.go @@ -27,6 +27,7 @@ import ( pbImplAuthenticationV1 "github.com/arangodb/kube-arangodb/integrations/authentication/v1" pbAuthenticationV1 "github.com/arangodb/kube-arangodb/integrations/authentication/v1/definition" + "github.com/arangodb/kube-arangodb/pkg/util/errors" "github.com/arangodb/kube-arangodb/pkg/util/svc" ) @@ -40,20 +41,18 @@ type authenticationV1 struct { config pbImplAuthenticationV1.Configuration } -func (a *authenticationV1) Register(cmd *cobra.Command, arg ArgGen) error { - f := cmd.Flags() - - f.StringVar(&a.config.Path, arg("path"), "", "Path to the JWT Folder") - f.BoolVar(&a.config.Enabled, arg("enabled"), true, "Defines if Authentication is enabled") - f.DurationVar(&a.config.TTL, arg("ttl"), pbImplAuthenticationV1.DefaultTTL, "TTL of the JWT cache") - f.StringVar(&a.config.Create.DefaultUser, arg("token.user"), pbImplAuthenticationV1.DefaultUser, "Default user of the Token") - f.DurationVar(&a.config.Create.DefaultTTL, arg("token.ttl.default"), pbImplAuthenticationV1.DefaultTokenDefaultTTL, "Default Token TTL") - f.DurationVar(&a.config.Create.MinTTL, arg("token.ttl.min"), pbImplAuthenticationV1.DefaultTokenMinTTL, "Min Token TTL") - f.DurationVar(&a.config.Create.MaxTTL, arg("token.ttl.max"), pbImplAuthenticationV1.DefaultTokenMaxTTL, "Max Token TTL") - f.Uint16Var(&a.config.Create.MaxSize, arg("token.max-size"), pbImplAuthenticationV1.DefaultMaxTokenSize, "Max Token max size in bytes") - f.StringSliceVar(&a.config.Create.AllowedUsers, arg("token.allowed"), []string{}, "Allowed users for the Token") - - return nil +func (a *authenticationV1) Register(cmd *cobra.Command, fs FlagEnvHandler) error { + return errors.Errors( + fs.StringVar(&a.config.Path, "path", "", "Path to the JWT Folder"), + fs.BoolVar(&a.config.Enabled, "enabled", true, "Defines if Authentication is enabled"), + fs.DurationVar(&a.config.TTL, "ttl", pbImplAuthenticationV1.DefaultTTL, "TTL of the JWT cache"), + fs.StringVar(&a.config.Create.DefaultUser, "token.user", pbImplAuthenticationV1.DefaultUser, "Default user of the Token"), + fs.DurationVar(&a.config.Create.DefaultTTL, "token.ttl.default", pbImplAuthenticationV1.DefaultTokenDefaultTTL, "Default Token TTL"), + fs.DurationVar(&a.config.Create.MinTTL, "token.ttl.min", pbImplAuthenticationV1.DefaultTokenMinTTL, "Min Token TTL"), + fs.DurationVar(&a.config.Create.MaxTTL, "token.ttl.max", pbImplAuthenticationV1.DefaultTokenMaxTTL, "Max Token TTL"), + fs.Uint16Var(&a.config.Create.MaxSize, "token.max-size", pbImplAuthenticationV1.DefaultMaxTokenSize, "Max Token max size in bytes"), + fs.StringSliceVar(&a.config.Create.AllowedUsers, "token.allowed", []string{}, "Allowed users for the Token"), + ) } func (a *authenticationV1) Handler(ctx context.Context, cmd *cobra.Command) (svc.Handler, error) { diff --git a/pkg/integrations/authorization_v0.go b/pkg/integrations/authorization_v0.go index fd001d687..61cabd25d 100644 --- a/pkg/integrations/authorization_v0.go +++ b/pkg/integrations/authorization_v0.go @@ -47,7 +47,7 @@ func (a authorizationV0) Description() string { return "Enable AuthorizationV0 Integration Service" } -func (a authorizationV0) Register(cmd *cobra.Command, arg ArgGen) error { +func (a authorizationV0) Register(cmd *cobra.Command, fs FlagEnvHandler) error { return nil } diff --git a/pkg/integrations/config_v1.go b/pkg/integrations/config_v1.go index d0ff5faeb..3f2e7af07 100644 --- a/pkg/integrations/config_v1.go +++ b/pkg/integrations/config_v1.go @@ -41,12 +41,10 @@ type configV1 struct { modules []string } -func (a *configV1) Register(cmd *cobra.Command, arg ArgGen) error { - f := cmd.Flags() - - f.StringSliceVar(&a.modules, arg("module"), nil, "Module in the reference =") - - return nil +func (a *configV1) Register(cmd *cobra.Command, fs FlagEnvHandler) error { + return errors.Errors( + fs.StringSliceVar(&a.modules, "module", nil, "Module in the reference ="), + ) } func (a *configV1) Handler(ctx context.Context, cmd *cobra.Command) (svc.Handler, error) { diff --git a/pkg/integrations/envoy_auth_v3.go b/pkg/integrations/envoy_auth_v3.go index c8cb55808..4fbdcfff6 100644 --- a/pkg/integrations/envoy_auth_v3.go +++ b/pkg/integrations/envoy_auth_v3.go @@ -48,7 +48,7 @@ func (a *envoyAuthV3) Description() string { return "Enable EnvoyAuthV3 Integration Service" } -func (a *envoyAuthV3) Register(cmd *cobra.Command, arg ArgGen) error { +func (a *envoyAuthV3) Register(cmd *cobra.Command, fs FlagEnvHandler) error { return nil } diff --git a/pkg/integrations/flags.go b/pkg/integrations/flags.go new file mode 100644 index 000000000..1c4599c72 --- /dev/null +++ b/pkg/integrations/flags.go @@ -0,0 +1,243 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package integrations + +import ( + "fmt" + "os" + "reflect" + "strconv" + "strings" + "time" + + flag "github.com/spf13/pflag" + + "github.com/arangodb/kube-arangodb/pkg/util" + "github.com/arangodb/kube-arangodb/pkg/util/errors" +) + +func NewFlagEnvHandler(fs *flag.FlagSet) FlagEnvHandler { + return flagEnvHandler{ + fs: fs, + } +} + +type FlagEnvHandler interface { + WithPrefix(prefix string) FlagEnvHandler + + StringVar(p *string, name string, value string, usage string) error + String(name string, value string, usage string) error + + StringSliceVar(p *[]string, name string, value []string, usage string) error + StringSlice(name string, value []string, usage string) error + + BoolVar(p *bool, name string, value bool, usage string) error + Bool(name string, value bool, usage string) error + + Uint16Var(p *uint16, name string, value uint16, usage string) error + Uint16(name string, value uint16, usage string) error + + DurationVar(p *time.Duration, name string, value time.Duration, usage string) error + Duration(name string, value time.Duration, usage string) error +} + +type flagEnvHandler struct { + prefix string + fs *flag.FlagSet +} + +func (f flagEnvHandler) StringVar(p *string, name string, value string, usage string) error { + v, err := parseEnvToString(f.getEnv(name), value) + if err != nil { + return err + } + + f.fs.StringVar(p, f.name(name), v, f.varDesc(name, usage)) + + return nil +} + +func (f flagEnvHandler) String(name string, value string, usage string) error { + v, err := parseEnvToString(f.getEnv(name), value) + if err != nil { + return err + } + + f.fs.String(f.name(name), v, f.varDesc(name, usage)) + + return nil +} + +func (f flagEnvHandler) StringSliceVar(p *[]string, name string, value []string, usage string) error { + v, err := parseEnvToStringArray(f.getEnv(name), value) + if err != nil { + return err + } + + f.fs.StringSliceVar(p, f.name(name), v, f.varDesc(name, usage)) + + return nil +} + +func (f flagEnvHandler) StringSlice(name string, value []string, usage string) error { + v, err := parseEnvToStringArray(f.getEnv(name), value) + if err != nil { + return err + } + + f.fs.StringSlice(f.name(name), v, f.varDesc(name, usage)) + + return nil +} + +func (f flagEnvHandler) BoolVar(p *bool, name string, value bool, usage string) error { + v, err := parseEnvToBool(f.getEnv(name), value) + if err != nil { + return err + } + + f.fs.BoolVar(p, f.name(name), v, f.varDesc(name, usage)) + + return nil +} + +func (f flagEnvHandler) Bool(name string, value bool, usage string) error { + v, err := parseEnvToBool(f.getEnv(name), value) + if err != nil { + return err + } + + f.fs.Bool(f.name(name), v, f.varDesc(name, usage)) + + return nil +} + +func (f flagEnvHandler) DurationVar(p *time.Duration, name string, value time.Duration, usage string) error { + v, err := parseEnvToDuration(f.getEnv(name), value) + if err != nil { + return err + } + + f.fs.DurationVar(p, f.name(name), v, f.varDesc(name, usage)) + + return nil +} + +func (f flagEnvHandler) Duration(name string, value time.Duration, usage string) error { + v, err := parseEnvToDuration(f.getEnv(name), value) + if err != nil { + return err + } + + f.fs.Duration(f.name(name), v, f.varDesc(name, usage)) + + return nil +} + +func (f flagEnvHandler) Uint16Var(p *uint16, name string, value uint16, usage string) error { + v, err := parseEnvToUint16(f.getEnv(name), value) + if err != nil { + return err + } + + f.fs.Uint16Var(p, f.name(name), v, f.varDesc(name, usage)) + + return nil +} + +func (f flagEnvHandler) Uint16(name string, value uint16, usage string) error { + v, err := parseEnvToUint16(f.getEnv(name), value) + if err != nil { + return err + } + + f.fs.Uint16(f.name(name), v, f.varDesc(name, usage)) + + return nil +} + +func (f flagEnvHandler) varDesc(name string, dest string) string { + return fmt.Sprintf("%s (Env: %s)", dest, f.getEnv(name)) +} + +func (f flagEnvHandler) getEnv(n string) string { + z := f.name(n) + + z = strings.ReplaceAll(z, ".", "_") + z = strings.ReplaceAll(z, "-", "_") + + return strings.ToUpper(z) +} +func (f flagEnvHandler) name(n string) string { + if f.prefix == "" { + return n + } + if n == "" { + return f.prefix + } + return fmt.Sprintf("%s.%s", f.prefix, n) +} + +func (f flagEnvHandler) WithPrefix(prefix string) FlagEnvHandler { + return flagEnvHandler{ + prefix: f.name(prefix), + fs: f.fs, + } +} + +func parseEnvToDuration(env string, def time.Duration) (time.Duration, error) { + return parseEnvToType(env, def, time.ParseDuration) +} + +func parseEnvToUint16(env string, def uint16) (uint16, error) { + return parseEnvToType(env, def, func(in string) (uint16, error) { + v, err := strconv.ParseUint(in, 10, 16) + return uint16(v), err + }) +} + +func parseEnvToBool(env string, def bool) (bool, error) { + return parseEnvToType(env, def, strconv.ParseBool) +} + +func parseEnvToStringArray(env string, def []string) ([]string, error) { + return parseEnvToType(env, def, func(in string) ([]string, error) { + return strings.Split(in, ","), nil + }) +} + +func parseEnvToString(env string, def string) (string, error) { + return parseEnvToType(env, def, func(in string) (string, error) { + return in, nil + }) +} + +func parseEnvToType[T any](env string, def T, parser func(in string) (T, error)) (T, error) { + if v, ok := os.LookupEnv(env); ok { + if q, err := parser(v); err != nil { + return util.Default[T](), errors.Wrapf(err, "Unable to parse env `%s` as %s", env, reflect.TypeOf(def).String()) + } else { + return q, nil + } + } + + return def, nil +} diff --git a/pkg/integrations/integration.go b/pkg/integrations/integration.go index d896c7f00..9e756c22c 100644 --- a/pkg/integrations/integration.go +++ b/pkg/integrations/integration.go @@ -30,13 +30,11 @@ import ( type Factory func() Integration -type ArgGen func(name string) string - type Integration interface { Name() string Description() string - Register(cmd *cobra.Command, arg ArgGen) error + Register(cmd *cobra.Command, fs FlagEnvHandler) error Handler(ctx context.Context, cmd *cobra.Command) (svc.Handler, error) } diff --git a/pkg/integrations/register.go b/pkg/integrations/register.go index d20a8b0d8..c5d0ae7ec 100644 --- a/pkg/integrations/register.go +++ b/pkg/integrations/register.go @@ -125,37 +125,44 @@ func (c *configuration) Register(cmd *cobra.Command) error { cmd.RunE = c.run - f := cmd.Flags() - - f.StringVar(&c.health.address, "health.address", "0.0.0.0:9091", "Address to expose health service") - f.BoolVar(&c.health.shutdownEnabled, "health.shutdown.enabled", true, "Determines if shutdown service should be enabled and exposed") - f.StringVar(&c.health.auth.t, "health.auth.type", "None", "Auth type for health service") - f.StringVar(&c.health.auth.token, "health.auth.token", "", "Token for health service (when auth service is token)") - f.StringVar(&c.health.tls.keyfile, "health.tls.keyfile", "", "Path to the keyfile") - - f.BoolVar(&c.services.internal.enabled, "services.enabled", true, "Defines if internal access is enabled") - f.StringVar(&c.services.internal.address, "services.address", "127.0.0.1:9092", "Address to expose internal services") - f.StringVar(&c.services.internal.auth.t, "services.auth.type", "None", "Auth type for internal service") - f.StringVar(&c.services.internal.auth.token, "services.auth.token", "", "Token for internal service (when auth service is token)") - f.StringVar(&c.services.internal.tls.keyfile, "services.tls.keyfile", "", "Path to the keyfile") - - f.BoolVar(&c.services.external.enabled, "services.external.enabled", false, "Defines if external access is enabled") - f.StringVar(&c.services.external.address, "services.external.address", "0.0.0.0:9093", "Address to expose external services") - f.StringVar(&c.services.external.auth.t, "services.external.auth.type", "None", "Auth type for external service") - f.StringVar(&c.services.external.auth.token, "services.external.auth.token", "", "Token for external service (when auth service is token)") - f.StringVar(&c.services.external.tls.keyfile, "services.external.tls.keyfile", "", "Path to the keyfile") - + f := NewFlagEnvHandler(cmd.Flags()) + + if err := errors.Errors( + f.StringVar(&c.health.address, "health.address", "0.0.0.0:9091", "Address to expose health service"), + f.BoolVar(&c.health.shutdownEnabled, "health.shutdown.enabled", true, "Determines if shutdown service should be enabled and exposed"), + f.StringVar(&c.health.auth.t, "health.auth.type", "None", "Auth type for health service"), + f.StringVar(&c.health.auth.token, "health.auth.token", "", "Token for health service (when auth service is token)"), + f.StringVar(&c.health.tls.keyfile, "health.tls.keyfile", "", "Path to the keyfile"), + + f.BoolVar(&c.services.internal.enabled, "services.enabled", true, "Defines if internal access is enabled"), + f.StringVar(&c.services.internal.address, "services.address", "127.0.0.1:9092", "Address to expose internal services"), + f.StringVar(&c.services.internal.auth.t, "services.auth.type", "None", "Auth type for internal service"), + f.StringVar(&c.services.internal.auth.token, "services.auth.token", "", "Token for internal service (when auth service is token)"), + f.StringVar(&c.services.internal.tls.keyfile, "services.tls.keyfile", "", "Path to the keyfile"), + + f.BoolVar(&c.services.external.enabled, "services.external.enabled", false, "Defines if external access is enabled"), + f.StringVar(&c.services.external.address, "services.external.address", "0.0.0.0:9093", "Address to expose external services"), + f.StringVar(&c.services.external.auth.t, "services.external.auth.type", "None", "Auth type for external service"), + f.StringVar(&c.services.external.auth.token, "services.external.auth.token", "", "Token for external service (when auth service is token)"), + f.StringVar(&c.services.external.tls.keyfile, "services.external.tls.keyfile", "", "Path to the keyfile"), + ); err != nil { + return err + } for _, service := range c.registered { prefix := fmt.Sprintf("integration.%s", service.Name()) - f.Bool(prefix, false, service.Description()) + fs := f.WithPrefix(prefix) internal, external := GetIntegrationEnablement(service) - f.Bool(fmt.Sprintf("%s.internal", prefix), internal, fmt.Sprintf("Defones if Internal access to service %s is enabled", service.Name())) - f.Bool(fmt.Sprintf("%s.external", prefix), external, fmt.Sprintf("Defones if External access to service %s is enabled", service.Name())) - if err := service.Register(cmd, func(name string) string { - return fmt.Sprintf("%s.%s", prefix, name) - }); err != nil { + if err := errors.Errors( + fs.Bool("", false, service.Description()), + fs.Bool("internal", internal, fmt.Sprintf("Defones if Internal access to service %s is enabled", service.Name())), + fs.Bool("external", external, fmt.Sprintf("Defones if External access to service %s is enabled", service.Name())), + ); err != nil { + return err + } + + if err := service.Register(cmd, fs); err != nil { return errors.Wrapf(err, "Unable to register service %s", service.Name()) } } diff --git a/pkg/integrations/scheduler_v1.go b/pkg/integrations/scheduler_v1.go index ad84aec7f..c7f53ebe2 100644 --- a/pkg/integrations/scheduler_v1.go +++ b/pkg/integrations/scheduler_v1.go @@ -50,13 +50,11 @@ func (b *schedulerV1) Description() string { return "SchedulerV1 Integration" } -func (b *schedulerV1) Register(cmd *cobra.Command, arg ArgGen) error { - f := cmd.Flags() - - f.StringVar(&b.Configuration.Namespace, arg("namespace"), constants.NamespaceWithDefault("default"), "Kubernetes Namespace") - f.BoolVar(&b.Configuration.VerifyAccess, arg("verify-access"), true, "Verify the CRD Access") - - return nil +func (b *schedulerV1) Register(cmd *cobra.Command, fs FlagEnvHandler) error { + return errors.Errors( + fs.StringVar(&b.Configuration.Namespace, "namespace", constants.NamespaceWithDefault("default"), "Kubernetes Namespace"), + fs.BoolVar(&b.Configuration.VerifyAccess, "verify-access", true, "Verify the CRD Access"), + ) } func (b *schedulerV1) Handler(ctx context.Context, cmd *cobra.Command) (svc.Handler, error) { diff --git a/pkg/integrations/shutdown_v1.go b/pkg/integrations/shutdown_v1.go index 93c4c4a9c..e93366950 100644 --- a/pkg/integrations/shutdown_v1.go +++ b/pkg/integrations/shutdown_v1.go @@ -52,7 +52,7 @@ func (s *shutdownV1) Description() string { return "ShutdownV1 Handler" } -func (s *shutdownV1) Register(cmd *cobra.Command, arg ArgGen) error { +func (s *shutdownV1) Register(cmd *cobra.Command, fs FlagEnvHandler) error { return nil } diff --git a/pkg/integrations/sidecar/core.go b/pkg/integrations/sidecar/core.go index a79132cf2..93602b548 100644 --- a/pkg/integrations/sidecar/core.go +++ b/pkg/integrations/sidecar/core.go @@ -24,8 +24,9 @@ import ( "fmt" "strings" + core "k8s.io/api/core/v1" + "github.com/arangodb/kube-arangodb/pkg/util" - "github.com/arangodb/kube-arangodb/pkg/util/k8sutil" ) type Core struct { @@ -49,14 +50,22 @@ func (c *Core) GetExternal() bool { return *c.External } -func (c *Core) Args(int Integration) k8sutil.OptionPairs { - var options k8sutil.OptionPairs +func (c *Core) Envs(int Integration, envs ...core.EnvVar) []core.EnvVar { cmd := strings.Join(util.FormatList(int.Name(), func(a string) string { - return strings.ToLower(a) - }), ".") + return strings.ToUpper(a) + }), "_") + var r = []core.EnvVar{ + { + Name: fmt.Sprintf("INTEGRATION_%s_INTERNAL", cmd), + Value: util.BoolSwitch(c.GetInternal(), "true", "false"), + }, + { + Name: fmt.Sprintf("INTEGRATION_%s_EXTERNAL", cmd), + Value: util.BoolSwitch(c.GetExternal(), "true", "false"), + }, + } - options.Add(fmt.Sprintf("--integration.%s.internal", cmd), c.GetInternal()) - options.Add(fmt.Sprintf("--integration.%s.external", cmd), c.GetExternal()) + r = append(r, envs...) - return options + return r } diff --git a/pkg/integrations/sidecar/integration.authentication.v1.go b/pkg/integrations/sidecar/integration.authentication.v1.go index 9504877df..8273424db 100644 --- a/pkg/integrations/sidecar/integration.authentication.v1.go +++ b/pkg/integrations/sidecar/integration.authentication.v1.go @@ -26,11 +26,9 @@ import ( api "github.com/arangodb/kube-arangodb/pkg/apis/deployment/v1" shared "github.com/arangodb/kube-arangodb/pkg/apis/shared" "github.com/arangodb/kube-arangodb/pkg/deployment/pod" - "github.com/arangodb/kube-arangodb/pkg/util/k8sutil" + "github.com/arangodb/kube-arangodb/pkg/util" ) -var _ IntegrationVolumes = IntegrationAuthenticationV1{} - type IntegrationAuthenticationV1 struct { Core *Core @@ -46,16 +44,27 @@ func (i IntegrationAuthenticationV1) Validate() error { return nil } -func (i IntegrationAuthenticationV1) Args() (k8sutil.OptionPairs, error) { - options := k8sutil.CreateOptionPairs() - - options.Add("--integration.authentication.v1", true) - options.Add("--integration.authentication.v1.enabled", i.Spec.IsAuthenticated()) - options.Add("--integration.authentication.v1.path", shared.ClusterJWTSecretVolumeMountDir) +func (i IntegrationAuthenticationV1) Envs() ([]core.EnvVar, error) { + var envs = []core.EnvVar{ + { + Name: "INTEGRATION_AUTHENTICATION_V1", + Value: "true", + }, + { + Name: "INTEGRATION_AUTHENTICATION_V1_ENABLED", + Value: util.BoolSwitch(i.Spec.IsAuthenticated(), "true", "false"), + }, + { + Name: "INTEGRATION_AUTHENTICATION_V1_PATH", + Value: shared.ClusterJWTSecretVolumeMountDir, + }, + } - options.Merge(i.Core.Args(i)) + return i.Core.Envs(i, envs...), nil +} - return options, nil +func (i IntegrationAuthenticationV1) GlobalEnvs() ([]core.EnvVar, error) { + return nil, nil } func (i IntegrationAuthenticationV1) Volumes() ([]core.Volume, []core.VolumeMount, error) { diff --git a/pkg/integrations/sidecar/integration.authorization.v1.go b/pkg/integrations/sidecar/integration.authorization.v0.go similarity index 68% rename from pkg/integrations/sidecar/integration.authorization.v1.go rename to pkg/integrations/sidecar/integration.authorization.v0.go index a94653e7f..6a4781e7d 100644 --- a/pkg/integrations/sidecar/integration.authorization.v1.go +++ b/pkg/integrations/sidecar/integration.authorization.v0.go @@ -21,7 +21,7 @@ package sidecar import ( - "github.com/arangodb/kube-arangodb/pkg/util/k8sutil" + core "k8s.io/api/core/v1" ) type IntegrationAuthorizationV0 struct { @@ -36,12 +36,21 @@ func (i IntegrationAuthorizationV0) Validate() error { return nil } -func (i IntegrationAuthorizationV0) Args() (k8sutil.OptionPairs, error) { - options := k8sutil.CreateOptionPairs() +func (i IntegrationAuthorizationV0) Envs() ([]core.EnvVar, error) { + var envs = []core.EnvVar{ + { + Name: "INTEGRATION_AUTHENTICATION_V0", + Value: "true", + }, + } - options.Add("--integration.authorization.v0", true) + return i.Core.Envs(i, envs...), nil +} - options.Merge(i.Core.Args(i)) +func (i IntegrationAuthorizationV0) GlobalEnvs() ([]core.EnvVar, error) { + return nil, nil +} - return options, nil +func (i IntegrationAuthorizationV0) Volumes() ([]core.Volume, []core.VolumeMount, error) { + return nil, nil, nil } diff --git a/pkg/integrations/sidecar/integration.envoy.v3.go b/pkg/integrations/sidecar/integration.envoy.v3.go index e8509eeb7..b53c54db6 100644 --- a/pkg/integrations/sidecar/integration.envoy.v3.go +++ b/pkg/integrations/sidecar/integration.envoy.v3.go @@ -21,8 +21,9 @@ package sidecar import ( + core "k8s.io/api/core/v1" + api "github.com/arangodb/kube-arangodb/pkg/apis/deployment/v1" - "github.com/arangodb/kube-arangodb/pkg/util/k8sutil" ) type IntegrationEnvoyV3 struct { @@ -38,12 +39,21 @@ func (i IntegrationEnvoyV3) Validate() error { return nil } -func (i IntegrationEnvoyV3) Args() (k8sutil.OptionPairs, error) { - options := k8sutil.CreateOptionPairs() +func (i IntegrationEnvoyV3) Envs() ([]core.EnvVar, error) { + var envs = []core.EnvVar{ + { + Name: "INTEGRATION_ENVOY_AUTH_V3", + Value: "true", + }, + } - options.Add("--integration.envoy.auth.v3", true) + return i.Core.Envs(i, envs...), nil +} - options.Merge(i.Core.Args(i)) +func (i IntegrationEnvoyV3) GlobalEnvs() ([]core.EnvVar, error) { + return nil, nil +} - return options, nil +func (i IntegrationEnvoyV3) Volumes() ([]core.Volume, []core.VolumeMount, error) { + return nil, nil, nil } diff --git a/pkg/integrations/sidecar/integration.go b/pkg/integrations/sidecar/integration.go index 87fab7558..28a040cea 100644 --- a/pkg/integrations/sidecar/integration.go +++ b/pkg/integrations/sidecar/integration.go @@ -29,47 +29,93 @@ const ( ListenPortHealthName = "health" ) -func WithIntegrationEnvs(in Integration) ([]core.EnvVar, error) { - if v, ok := in.(IntegrationEnvs); ok { - return v.Envs() - } - - return nil, nil -} - -type IntegrationEnvs interface { - Integration +type Integration interface { + Name() []string Envs() ([]core.EnvVar, error) + GlobalEnvs() ([]core.EnvVar, error) + Volumes() ([]core.Volume, []core.VolumeMount, error) + Validate() error } -func WithIntegrationVolumes(in Integration) ([]core.Volume, []core.VolumeMount, error) { - if v, ok := in.(IntegrationVolumes); ok { - return v.Volumes() +func NewShutdownAnnotations(coreContainers []string) *schedulerApi.ProfileTemplate { + pt := schedulerApi.ProfileTemplate{ + Pod: &schedulerPodApi.Pod{ + Metadata: &schedulerPodResourcesApi.Metadata{ + Annotations: map[string]string{}, + }, + }, } - return nil, nil, nil -} + for _, container := range coreContainers { + pt.Pod.Metadata.Annotations[fmt.Sprintf("%s/%s", constants.AnnotationShutdownCoreContainer, container)] = constants.AnnotationShutdownCoreContainerModeWait + } -type IntegrationVolumes interface { - Integration - Volumes() ([]core.Volume, []core.VolumeMount, error) + return &pt } -type Integration interface { - Name() []string - Args() (k8sutil.OptionPairs, error) - Validate() error -} +func NewIntegrationEnablement(integrations ...Integration) (*schedulerApi.ProfileTemplate, error) { + var envs, gEnvs []core.EnvVar + var volumes []core.Volume + var volumeMounts []core.VolumeMount -func NewIntegration(image *schedulerContainerResourcesApi.Image, integration *schedulerIntegrationApi.Sidecar, coreContainers []string, integrations ...Integration) (*schedulerApi.ProfileTemplate, error) { for _, integration := range integrations { - if err := integration.Validate(); err != nil { - name := strings.Join(integration.Name(), "/") + name := strings.Join(integration.Name(), "/") + if err := integration.Validate(); err != nil { return nil, errors.Wrapf(err, "Failure in %s", name) } + + if lvolumes, lvolumeMounts, err := integration.Volumes(); err != nil { + return nil, errors.Wrapf(err, "Failure in volumes %s", name) + } else if len(lvolumes) > 0 || len(lvolumeMounts) > 0 { + volumes = append(volumes, lvolumes...) + volumeMounts = append(volumeMounts, lvolumeMounts...) + } + + if lenvs, err := integration.Envs(); err != nil { + return nil, errors.Wrapf(err, "Failure in envs %s", name) + } else if len(lenvs) > 0 { + envs = append(envs, lenvs...) + } + + if lgenvs, err := integration.GlobalEnvs(); err != nil { + return nil, errors.Wrapf(err, "Failure in global envs %s", name) + } else if len(lgenvs) > 0 { + gEnvs = append(gEnvs, lgenvs...) + } + } + + if len(envs) == 0 && len(gEnvs) == 0 { + return nil, nil } + return &schedulerApi.ProfileTemplate{ + Pod: &schedulerPodApi.Pod{ + Volumes: &schedulerPodResourcesApi.Volumes{ + Volumes: volumes, + }, + }, + Container: &schedulerApi.ProfileContainerTemplate{ + Containers: map[string]schedulerContainerApi.Container{ + ContainerName: { + Environments: &schedulerContainerResourcesApi.Environments{ + Env: envs, + }, + VolumeMounts: &schedulerContainerResourcesApi.VolumeMounts{ + VolumeMounts: volumeMounts, + }, + }, + }, + All: &schedulerContainerApi.Generic{ + Environments: &schedulerContainerResourcesApi.Environments{ + Env: gEnvs, + }, + }, + }, + }, nil +} + +func NewIntegration(image *schedulerContainerResourcesApi.Image, integration *schedulerIntegrationApi.Sidecar) (*schedulerApi.ProfileTemplate, error) { // Arguments exePath := k8sutil.BinaryPath() @@ -83,10 +129,6 @@ func NewIntegration(image *schedulerContainerResourcesApi.Image, integration *sc options.Addf("--services.address", "127.0.0.1:%d", integration.GetListenPort()) options.Addf("--health.address", "0.0.0.0:%d", integration.GetControllerListenPort()) - // Volumes - var volumes []core.Volume - var volumeMounts []core.VolumeMount - // Envs var envs = []core.EnvVar{ @@ -100,40 +142,6 @@ func NewIntegration(image *schedulerContainerResourcesApi.Image, integration *sc }, } - for _, i := range integrations { - name := strings.Join(i.Name(), "/") - - if err := i.Validate(); err != nil { - return nil, errors.Wrapf(err, "Failure in %s", name) - } - - if args, err := i.Args(); err != nil { - return nil, errors.Wrapf(err, "Failure in arguments %s", name) - } else if len(args) > 0 { - options.Merge(args) - } - - if lvolumes, lvolumeMounts, err := WithIntegrationVolumes(i); err != nil { - return nil, errors.Wrapf(err, "Failure in volumes %s", name) - } else if len(lvolumes) > 0 || len(lvolumeMounts) > 0 { - volumes = append(volumes, lvolumes...) - volumeMounts = append(volumeMounts, lvolumeMounts...) - } - - if lenvs, err := WithIntegrationEnvs(i); err != nil { - return nil, errors.Wrapf(err, "Failure in envs %s", name) - } else if len(lenvs) > 0 { - envs = append(envs, lenvs...) - } - - envs = append(envs, core.EnvVar{ - Name: fmt.Sprintf("INTEGRATION_SERVICE_%s", strings.Join(util.FormatList(i.Name(), func(a string) string { - return strings.ToUpper(a) - }), "_")), - Value: fmt.Sprintf("127.0.0.1:%d", integration.GetListenPort()), - }) - } - c := schedulerContainerApi.Container{ Core: &schedulerContainerResourcesApi.Core{ Command: append([]string{exePath, "integration"}, options.Sort().AsArgs()...), @@ -175,14 +183,15 @@ func NewIntegration(image *schedulerContainerResourcesApi.Image, integration *sc FailureThreshold: 2, // Need 2 failed probes to consider a failed state }, }, - - VolumeMounts: &schedulerContainerResourcesApi.VolumeMounts{ - VolumeMounts: volumeMounts, - }, } pt := schedulerApi.ProfileTemplate{ Container: &schedulerApi.ProfileContainerTemplate{ + All: &schedulerContainerApi.Generic{ + Environments: &schedulerContainerResourcesApi.Environments{ + Env: envs, + }, + }, Containers: map[string]schedulerContainerApi.Container{ ContainerName: util.TypeOrDefault(k8sutil.CreateDefaultContainerTemplate(image).With(&c).With(integration.GetContainer())), }, @@ -191,24 +200,15 @@ func NewIntegration(image *schedulerContainerResourcesApi.Image, integration *sc Metadata: &schedulerPodResourcesApi.Metadata{ Annotations: map[string]string{}, }, - Volumes: &schedulerPodResourcesApi.Volumes{ - Volumes: volumes, - }, }, } - for _, container := range coreContainers { - pt.Pod.Metadata.Annotations[fmt.Sprintf("%s/%s", constants.AnnotationShutdownCoreContainer, container)] = constants.AnnotationShutdownCoreContainerModeWait - } - pt.Pod.Metadata.Annotations[fmt.Sprintf("%s/%s", constants.AnnotationShutdownContainer, ContainerName)] = ListenPortHealthName pt.Pod.Metadata.Annotations[constants.AnnotationShutdownManagedContainer] = "true" - pt.Container.Containers.ExtendContainers(&schedulerContainerApi.Container{ - Environments: &schedulerContainerResourcesApi.Environments{ - Env: envs, - }, - }, coreContainers...) + pt.Container.All.Environments = &schedulerContainerResourcesApi.Environments{ + Env: envs, + } return &pt, nil } diff --git a/pkg/integrations/sidecar/integration.shutdown.v1.go b/pkg/integrations/sidecar/integration.shutdown.v1.go index c990cf7a7..824579a55 100644 --- a/pkg/integrations/sidecar/integration.shutdown.v1.go +++ b/pkg/integrations/sidecar/integration.shutdown.v1.go @@ -21,7 +21,7 @@ package sidecar import ( - "github.com/arangodb/kube-arangodb/pkg/util/k8sutil" + core "k8s.io/api/core/v1" ) type IntegrationShutdownV1 struct { @@ -36,12 +36,21 @@ func (i IntegrationShutdownV1) Validate() error { return nil } -func (i IntegrationShutdownV1) Args() (k8sutil.OptionPairs, error) { - options := k8sutil.CreateOptionPairs() +func (i IntegrationShutdownV1) Envs() ([]core.EnvVar, error) { + var envs = []core.EnvVar{ + { + Name: "INTEGRATION_SHUTDOWN_V1", + Value: "true", + }, + } - options.Add("--integration.shutdown.v1", true) + return i.Core.Envs(i, envs...), nil +} - options.Merge(i.Core.Args(i)) +func (i IntegrationShutdownV1) GlobalEnvs() ([]core.EnvVar, error) { + return nil, nil +} - return options, nil +func (i IntegrationShutdownV1) Volumes() ([]core.Volume, []core.VolumeMount, error) { + return nil, nil, nil } diff --git a/pkg/integrations/storage_v1.go b/pkg/integrations/storage_v1.go index 9ca2a1f00..5e78cc66c 100644 --- a/pkg/integrations/storage_v1.go +++ b/pkg/integrations/storage_v1.go @@ -26,6 +26,7 @@ import ( "github.com/spf13/cobra" "github.com/arangodb/kube-arangodb/pkg/ml/storage" + "github.com/arangodb/kube-arangodb/pkg/util/errors" "github.com/arangodb/kube-arangodb/pkg/util/svc" ) @@ -47,21 +48,19 @@ func (b *storageV1) Description() string { return "StorageBucket Integration" } -func (b *storageV1) Register(cmd *cobra.Command, arg ArgGen) error { - f := cmd.Flags() - - f.StringVar((*string)(&b.Configuration.Type), arg("type"), string(storage.S3), "Type of the Storage Integration") - f.StringVar(&b.Configuration.S3.Endpoint, arg("s3.endpoint"), "", "Endpoint of S3 API implementation") - f.StringVar(&b.Configuration.S3.CACrtFile, arg("s3.ca-crt"), "", "Path to file containing CA certificate to validate endpoint connection") - f.StringVar(&b.Configuration.S3.CAKeyFile, arg("s3.ca-key"), "", "Path to file containing keyfile to validate endpoint connection") - f.BoolVar(&b.Configuration.S3.AllowInsecure, arg("s3.allow-insecure"), false, "If set to true, the Endpoint certificates won't be checked") - f.BoolVar(&b.Configuration.S3.DisableSSL, arg("s3.disable-ssl"), false, "If set to true, the SSL won't be used when connecting to Endpoint") - f.StringVar(&b.Configuration.S3.Region, arg("s3.region"), "", "Region") - f.StringVar(&b.Configuration.S3.BucketName, arg("s3.bucket"), "", "Bucket name") - f.StringVar(&b.Configuration.S3.AccessKeyFile, arg("s3.access-key"), "", "Path to file containing S3 AccessKey") - f.StringVar(&b.Configuration.S3.SecretKeyFile, arg("s3.secret-key"), "", "Path to file containing S3 SecretKey") - - return nil +func (b *storageV1) Register(cmd *cobra.Command, fs FlagEnvHandler) error { + return errors.Errors( + fs.StringVar((*string)(&b.Configuration.Type), "type", string(storage.S3), "Type of the Storage Integration"), + fs.StringVar(&b.Configuration.S3.Endpoint, "s3.endpoint", "", "Endpoint of S3 API implementation"), + fs.StringVar(&b.Configuration.S3.CACrtFile, "s3.ca-crt", "", "Path to file containing CA certificate to validate endpoint connection"), + fs.StringVar(&b.Configuration.S3.CAKeyFile, "s3.ca-key", "", "Path to file containing keyfile to validate endpoint connection"), + fs.BoolVar(&b.Configuration.S3.AllowInsecure, "s3.allow-insecure", false, "If set to true, the Endpoint certificates won't be checked"), + fs.BoolVar(&b.Configuration.S3.DisableSSL, "s3.disable-ssl", false, "If set to true, the SSL won't be used when connecting to Endpoint"), + fs.StringVar(&b.Configuration.S3.Region, "s3.region", "", "Region"), + fs.StringVar(&b.Configuration.S3.BucketName, "s3.bucket", "", "Bucket name"), + fs.StringVar(&b.Configuration.S3.AccessKeyFile, "s3.access-key", "", "Path to file containing S3 AccessKey"), + fs.StringVar(&b.Configuration.S3.SecretKeyFile, "s3.secret-key", "", "Path to file containing S3 SecretKey"), + ) } func (b *storageV1) Handler(ctx context.Context, cmd *cobra.Command) (svc.Handler, error) {