Skip to content

removed internal OperandRequest from edb-keycloak #1958

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ibm-ci-bot merged 1 commit into from
May 1, 2024
Merged

removed internal OperandRequest from edb-keycloak #1958

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
148 changes: 139 additions & 9 deletions controllers/constant/odlm.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -796,17 +796,147 @@ spec:
supportedLocales: [ "en", "de" , "es", "fr", "it", "ja", "ko", "pt_BR", "zh_CN", "zh_TW"]
- name: edb-keycloak
resources:
- apiVersion: operator.ibm.com/v1alpha1
- apiVersion: batch/v1
kind: Job
force: true
name: create-postgres-license-config
namespace: "{{ .OperatorNs }}"
data:
spec:
requests:
- operands:
- name: cloud-native-postgresql
registry: common-service
registryNamespace: {{ .ServicesNs }}
force: true
kind: OperandRequest
name: postgresql-operator-request
activeDeadlineSeconds: 600
backoffLimit: 5
template:
metadata:
annotations:
productID: 068a62892a1e4db39641342e592daa25
productMetric: FREE
productName: IBM Cloud Platform Common Services
spec:
imagePullSecrets:
- name: ibm-entitlement-key
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/arch
operator: In
values:
- amd64
- ppc64le
- s390x
initContainers:
- command:
- bash
- -c
- |
cat << EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: postgresql-operator-controller-manager-config
data:
EDB_LICENSE_KEY: $(base64 /license_keys/edb/EDB_LICENSE_KEY | tr -d '\n')
EOF
image:
templatingValueFrom:
default:
required: true
defaultValue: cp.icr.io/cp/cpd/edb-postgres-license-provider@sha256:05f30f2117ff6e0e853487f17785024f6bb226f3631425eaf1498b9d3b753345
configMapKeyRef:
name: cloud-native-postgresql-image-list
key: edb-postgres-license-provider-image
namespace: {{ .OperatorNs }}
name: edb-license
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 50Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: false
containers:
- command:
- bash
- '-c'
args:
- |
kubectl delete pods -l app.kubernetes.io/name=cloud-native-postgresql
kubectl annotate secret postgresql-operator-controller-manager-config ibm-license-key-applied="EDB Database with IBM License Key"
image:
templatingValueFrom:
default:
required: true
defaultValue: cp.icr.io/cp/cpd/edb-postgres-license-provider@sha256:05f30f2117ff6e0e853487f17785024f6bb226f3631425eaf1498b9d3b753345
configMapKeyRef:
name: cloud-native-postgresql-image-list
key: edb-postgres-license-provider-image
namespace: {{ .OperatorNs }}
name: restart-edb-pod
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 50Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: false
hostIPC: false
hostNetwork: false
hostPID: false
restartPolicy: OnFailure
securityContext:
runAsNonRoot: true
serviceAccountName: edb-license-sa
- apiVersion: v1
kind: ServiceAccount
name: edb-license-sa
namespace: "{{ .OperatorNs }}"
- apiVersion: rbac.authorization.k8s.io/v1
kind: Role
name: edb-license-role
namespace: "{{ .OperatorNs }}"
data:
rules:
- apiGroups:
- ""
resources:
- pods
- secrets
verbs:
- create
- update
- patch
- get
- list
- delete
- watch
- apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
name: edb-license-rolebinding
namespace: "{{ .OperatorNs }}"
data:
subjects:
- kind: ServiceAccount
name: edb-license-sa
roleRef:
kind: Role
name: edb-license-role
apiGroup: rbac.authorization.k8s.io
- apiVersion: postgresql.k8s.enterprisedb.io/v1
data:
spec:
Expand Down