diff --git a/.gitignore b/.gitignore index 210f4ef69a..6542af05bc 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ .DS_Store /vendor/ tools +licenses/* +!licenses/LICENSE.txt diff --git a/Gopkg.lock b/Gopkg.lock index ebbdb30834..1c7a70ea8d 100644 --- a/Gopkg.lock +++ b/Gopkg.lock @@ -79,6 +79,14 @@ revision = "daf2830f2741ebb735b21709a520c5f37d642d85" version = "v1.9.0" +[[projects]] + digest = "1:db78764ccd0698098e746bd1288916950bf875463915672051f1bdfef120e442" + name = "github.com/fsnotify/fsnotify" + packages = ["."] + pruneopts = "UT" + revision = "466b39d216616549a37ee93c7c47775f6a010790" + version = "v1.5.1" + [[projects]] digest = "1:ed15647db08b6d63666bf9755d337725960c302bbfa5e23754b4b915a4797e42" name = "github.com/go-openapi/jsonpointer" @@ -197,6 +205,25 @@ revision = "14eae340515388ca95aa8e7b86f0de668e981f54" version = "v0.5.4" +[[projects]] + digest = "1:c0d19ab64b32ce9fe5cf4ddceba78d5bc9807f0016db6b1183599da3dcc24d10" + name = "github.com/hashicorp/hcl" + packages = [ + ".", + "hcl/ast", + "hcl/parser", + "hcl/printer", + "hcl/scanner", + "hcl/strconv", + "hcl/token", + "json/parser", + "json/scanner", + "json/token", + ] + pruneopts = "UT" + revision = "8cb6e5b959231cc1119e43259c4a608f9c51a241" + version = "v1.0.0" + [[projects]] digest = "1:1a7059d684f8972987e4b6f0703083f207d63f63da0ea19610ef2e6bb73db059" name = "github.com/imdario/mergo" @@ -229,6 +256,14 @@ revision = "f55edac94c9bbba5d6182a4be46d86a2c9b5b50e" version = "v1.0.2" +[[projects]] + digest = "1:fa6d7a5a592ad4052351be50fe4a66f9974a203eff6b675841ab64d99d17bb8e" + name = "github.com/magiconair/properties" + packages = ["."] + pruneopts = "UT" + revision = "869a5592420f4ff6ebf74500b5c658b29d973172" + version = "v1.8.6" + [[projects]] digest = "1:7bbccd3dd7998f2a180264ec1d12e362ed8e02f55ea7b82ac0d0f48ffa2d8888" name = "github.com/mailru/easyjson" @@ -257,6 +292,14 @@ revision = "7b513a986450394f7bbf1476909911b3aa3a55ce" version = "v0.0.12" +[[projects]] + digest = "1:408df21d45d59142857b4a5bb565aa75df89043f235987143ea1128cb8589000" + name = "github.com/mitchellh/mapstructure" + packages = ["."] + pruneopts = "UT" + revision = "b9b99d7d59762a5b2a43df840adc318b2fa229ee" + version = "v1.4.3" + [[projects]] digest = "1:33422d238f147d247752996a26574ac48dcf472976eda7f5134015f06bf16563" name = "github.com/modern-go/concurrent" @@ -281,6 +324,14 @@ revision = "d7acddb4babdf3329ad415cc02b605a239011b4b" version = "v1.0.8" +[[projects]] + digest = "1:fc865e52c574a92a628aee6cc4fb6b78f2bd2becf121881a1d6d1cfc6fb86b33" + name = "github.com/pelletier/go-toml" + packages = ["."] + pruneopts = "UT" + revision = "b8ba995eaaba4be30c8a8090bdfb4aa61af52054" + version = "v1.9.4" + [[projects]] digest = "1:9e1d37b58d17113ec3cb5608ac0382313c5b59470b94ed97d0976e69c7022314" name = "github.com/pkg/errors" @@ -313,6 +364,25 @@ revision = "d417be0fe654de640a82370515129985b407c7e3" version = "v1.5.0" +[[projects]] + digest = "1:0211c1b1e8d4b8945e2712854ebd76832fae02647b4c39fcfd219f10ad341566" + name = "github.com/spf13/afero" + packages = [ + ".", + "mem", + ] + pruneopts = "UT" + revision = "450b30f2bfc09acd88c31d66c28cb814a14b192b" + version = "v1.8.1" + +[[projects]] + digest = "1:df641e58f425436baeeb55d7a65a18f6a109591cd485a9b90d974a8fe4340eb4" + name = "github.com/spf13/cast" + packages = ["."] + pruneopts = "UT" + revision = "88075729b052bca4b8b6c31bf198db2fe6c9da93" + version = "v1.4.1" + [[projects]] digest = "1:abe9f3f23399646a6263682cacc9e86969f6c7e768f0ef036449926aa24cbbef" name = "github.com/spf13/cobra" @@ -324,6 +394,14 @@ revision = "f2b07da1e2c38d5f12845a4f607e2e1018cbb1f5" version = "v0.0.5" +[[projects]] + digest = "1:1b753ec16506f5864d26a28b43703c58831255059644351bbcb019b843950900" + name = "github.com/spf13/jwalterweatherman" + packages = ["."] + pruneopts = "UT" + revision = "94f6ae3ed3bceceafa716478c5fbf8d29ca601a1" + version = "v1.1.0" + [[projects]] digest = "1:524b71991fc7d9246cc7dc2d9e0886ccb97648091c63e30eef619e6862c955dd" name = "github.com/spf13/pflag" @@ -332,6 +410,29 @@ revision = "2e9d26c8c37aae03e3f9d4e90b7116f5accb7cab" version = "v1.0.5" +[[projects]] + digest = "1:f8ae93995f7b68f2aeba036bd6c9e0881c8c6edd67d6120f092eafa4c5a040f0" + name = "github.com/spf13/viper" + packages = [ + ".", + "internal/encoding", + "internal/encoding/hcl", + "internal/encoding/json", + "internal/encoding/toml", + "internal/encoding/yaml", + ] + pruneopts = "UT" + revision = "f646c50b184a0bec644dd1147d6b0e57be17c7aa" + version = "v1.10.1" + +[[projects]] + digest = "1:f4b32291cad5efac2bfdba89ccde6aa04618b62ce06c1a571da2dc4f3f2677fb" + name = "github.com/subosito/gotenv" + packages = ["."] + pruneopts = "UT" + revision = "2ef7124db659d49edac6aa459693a15ae36c671a" + version = "v1.2.0" + [[projects]] digest = "1:577b99fc55ee19cbf1ffd072808c91ced78cd732bd9d0517bec9b90e532069cb" name = "github.com/xdg/stringprep" @@ -342,23 +443,23 @@ [[projects]] branch = "master" - digest = "1:17da86687c09ab43a342bf91c2b2e5feba1dda6b7cce9626d64201fbf0113264" + digest = "1:2590655047facf8013ec25a0390c74c5eaf4aabcf817ff3d6e134b9975a29ed2" name = "golang.org/x/crypto" packages = [ "blowfish", "chacha20", "curve25519", + "curve25519/internal/field", "ed25519", - "ed25519/internal/edwards25519", + "internal/poly1305", "internal/subtle", "pbkdf2", - "poly1305", "ssh", "ssh/internal/bcrypt_pbkdf", "ssh/terminal", ] pruneopts = "UT" - revision = "0ec3e9974c59449edd84298612e9f16fa13368e8" + revision = "86341886e2925764dc890ad96c141a1bc76043af" [[projects]] digest = "1:467bb8fb8fa786448b8d486cd0bb7c1a5577dcd7310441aa02a20110cd9f727d" @@ -410,16 +511,25 @@ [[projects]] branch = "master" - digest = "1:3dcef1d66750aa78c2c57361b88e715b70a2486ab2a9f6c70a7cfb5e0712e9c3" + digest = "1:e1351da01125b2ed0ef635fbccc9a89a1df4a936ac668e8b106ce19366e32836" name = "golang.org/x/sys" packages = [ "cpu", + "plan9", "unix", "windows", ] pruneopts = "UT" revision = "c3d80250170dec19bf61949c81233cede5ddaf61" +[[projects]] + branch = "master" + digest = "1:91489886d519064782c699ea27906e2a5922bf05b31c6a46b74d4962b3657004" + name = "golang.org/x/term" + packages = ["."] + pruneopts = "UT" + revision = "03fcf44c2211dcd5eb77510b5f7c1fb02d6ded50" + [[projects]] digest = "1:66a2f252a58b4fbbad0e4e180e1d85a83c222b6bce09c3dcdef3dc87c72eda7c" name = "golang.org/x/text" @@ -456,7 +566,7 @@ [[projects]] branch = "master" - digest = "1:f09beeb593a009d70c55af474c713e5fdc13c0843896396db9e063c73fe572e4" + digest = "1:2ca7efcc164a3ee0b598bcc27e76563c362ba15d1fe14bda47f5a8e475b5f539" name = "golang.org/x/tools" packages = [ "go/ast/astutil", @@ -465,6 +575,7 @@ "internal/gocommand", "internal/gopathwalk", "internal/imports", + "internal/testenv", ] pruneopts = "UT" revision = "69646383afec4980001de1c52d6a3a6f3073ff6a" @@ -540,6 +651,14 @@ revision = "d2d2541c53f18d2a059457998ce2876cc8e67cbf" version = "v0.9.1" +[[projects]] + digest = "1:e56a0b2f3d01f2a98d2ace2171b4217ca8c08f8ef5f416bb11461064867c6ad4" + name = "gopkg.in/ini.v1" + packages = ["."] + pruneopts = "UT" + revision = "39f9e49bca3bbb9e67f361e9dd883912bb09a1b0" + version = "v1.66.4" + [[projects]] digest = "1:55b110c99c5fdc4f14930747326acce56b52cfce60b24b1c03ef686ac0e46bb1" name = "gopkg.in/yaml.v2" @@ -995,10 +1114,12 @@ "github.com/spf13/cobra", "github.com/spf13/cobra/doc", "github.com/spf13/pflag", + "github.com/spf13/viper", "github.com/xdg/stringprep", "golang.org/x/crypto/pbkdf2", "golang.org/x/crypto/ssh", "golang.org/x/sync/semaphore", + "golang.org/x/tools/internal/testenv", "k8s.io/api/apps/v1", "k8s.io/api/authorization/v1", "k8s.io/api/batch/v1", diff --git a/LICENSE.md b/LICENSE.md index 90fe0562e2..79e1438a7d 100644 --- a/LICENSE.md +++ b/LICENSE.md @@ -176,7 +176,7 @@ END OF TERMS AND CONDITIONS - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/Makefile b/Makefile index d0caa5ed40..9ba121b7a4 100644 --- a/Makefile +++ b/Makefile @@ -2,16 +2,15 @@ GOPATH ?= $(HOME)/odev/go GOBIN ?= $(GOPATH)/bin # Default values if not already set -ANSIBLE_VERSION ?= 2.9.* PGOROOT ?= $(GOPATH)/src/github.com/crunchydata/postgres-operator -PGO_BASEOS ?= centos7 +PGO_BASEOS ?= ubi8 PGO_CMD ?= kubectl PGO_IMAGE_PREFIX ?= crunchydata PGO_IMAGE_TAG ?= $(PGO_BASEOS)-$(PGO_VERSION) PGO_OPERATOR_NAMESPACE ?= pgo -PGO_VERSION ?= 4.5.0 +PGO_VERSION ?= 4.5.9 PGO_PG_VERSION ?= 12 -PGO_PG_FULLVERSION ?= 12.4 +PGO_PG_FULLVERSION ?= 12.13 PGO_BACKREST_VERSION ?= 2.29 PACKAGER ?= yum @@ -95,8 +94,8 @@ images = pgo-apiserver \ postgres-operator .PHONY: all installrbac setup setupnamespaces cleannamespaces bounce \ - deployoperator runmain runapiserver cli-docs clean push pull \ - release default + deployoperator cli-docs clean push pull \ + release default license #======= Main functions ======= @@ -127,6 +126,8 @@ deployoperator: #======= Binary builds ======= +build: build-postgres-operator build-pgo-apiserver build-pgo-client build-pgo-rmdata build-pgo-scheduler license + build-pgo-apiserver: go install -gcflags='$(GCFLAGS)' apiserver.go cp $(GOBIN)/apiserver bin/ @@ -179,7 +180,6 @@ $(PGOROOT)/build/%/Dockerfile: --build-arg PREFIX=$(PGO_IMAGE_PREFIX) \ --build-arg PGVERSION=$(PGO_PG_VERSION) \ --build-arg BACKREST_VERSION=$(PGO_BACKREST_VERSION) \ - --build-arg ANSIBLE_VERSION=$(ANSIBLE_VERSION) \ --build-arg DFSET=$(DFSET) \ --build-arg PACKAGER=$(PACKAGER) \ $(PGOROOT) @@ -196,7 +196,7 @@ endif pgo-base: pgo-base-$(IMGBUILDER) -pgo-base-build: $(PGOROOT)/build/pgo-base/Dockerfile +pgo-base-build: build $(PGOROOT)/build/pgo-base/Dockerfile $(IMGCMDSTEM) \ -f $(PGOROOT)/build/pgo-base/Dockerfile \ -t $(PGO_IMAGE_PREFIX)/pgo-base:$(PGO_IMAGE_TAG) \ @@ -225,6 +225,9 @@ cli-docs: clean: rm -rf $(GOPATH)/pkg/* $(GOBIN)/postgres-operator $(GOBIN)/apiserver $(GOBIN)/*pgo +license: + ./bin/license_aggregator.sh + push: $(images:%=push-%) ; push-%: diff --git a/README.md b/README.md index 86704fd5ba..1bed830964 100644 --- a/README.md +++ b/README.md @@ -1,17 +1,22 @@ -

Crunchy Data PostgreSQL Operator

+

PGO: The Postgres Operator from Crunchy Data

- Crunchy Data + PGO: The Postgres Operator from Crunchy Data

[![Go Report Card](https://goreportcard.com/badge/github.com/CrunchyData/postgres-operator)](https://goreportcard.com/report/github.com/CrunchyData/postgres-operator) -# Run your own production-grade PostgreSQL-as-a-Service on Kubernetes! +# Run Cloud Native PostgreSQL on Kubernetes with PGO: The Postgres Operator from Crunchy Data! -The [Crunchy PostgreSQL Operator][documentation] automates and simplifies deploying and managing -open source PostgreSQL clusters on Kubernetes and other Kubernetes-enabled Platforms by providing -the essential features you need to keep your PostgreSQL clusters up and running, including: +[PGO][documentation], the [Postgres Operator][documentation] developed by +[Crunchy Data](https://crunchydata.com/) and included in [Crunchy PostgreSQL for Kubernetes](https://www.crunchydata.com/products/crunchy-postgresql-for-kubernetes/), automates and simplifies deploying and managing open source +PostgreSQL clusters on Kubernetes. -#### PostgreSQL Cluster [Provisioning][provisioning] +Whether you need to get a simple Postgres cluster up and running, need to deploy +a high availability, fault tolerant cluster in production, or are running your +own database-as-a-service, the PostgreSQL Operator provides the essential +features you need to keep your cloud native Postgres clusters healthy, including: + +#### Postgres Cluster [Provisioning][provisioning] [Create, Scale, & Delete PostgreSQL clusters with ease][provisioning], while fully customizing your Pods and PostgreSQL configuration! @@ -33,7 +38,7 @@ Set how long you want your backups retained for. Works great with very large dat #### TLS Secure communication between your applications and data servers by [enabling TLS for your PostgreSQL servers][pgo-task-tls], -including the ability to enforce that all of your connections to use TLS. +including the ability to enforce all of your connections to use TLS. #### [Monitoring][monitoring] @@ -76,16 +81,22 @@ the S3 protocol. The PostgreSQL Operator can backup, restore, and create new clu #### Multi-Namespace Support -You can control how the PostgreSQL Operator leverages [Kubernetes Namespaces][k8s-namespaces] with several different deployment models: +You can control how PGO, the Postgres Operator, leverages [Kubernetes Namespaces][k8s-namespaces] with several different deployment models: -- Deploy the PostgreSQL Operator and all PostgreSQL clusters to the same namespace -- Deploy the PostgreSQL Operator to one namespaces, and all PostgreSQL clusters to a different namespace -- Deploy the PostgreSQL Operator to one namespace, and have your PostgreSQL clusters managed across multiple namespaces -- Dynamically add and remove namespaces managed by the PostgreSQL Operator using the `pgo create namespace` and `pgo delete namespace` commands +- Deploy PGO and all PostgreSQL clusters to the same namespace +- Deploy PGO to one namespaces, and all PostgreSQL clusters to a different +namespace +- Deploy PGO to one namespace, and have your PostgreSQL clusters managed across +multiple namespaces +- Dynamically add and remove namespaces managed by the PostgreSQL Operator using +the `pgo` client to run `pgo create namespace` and `pgo delete namespace` #### Full Customizability -The Crunchy PostgreSQL Operator makes it easy to get your own PostgreSQL-as-a-Service up and running on Kubernetes-enabled platforms, but we know that there are further customizations that you can make. As such, the Crunchy PostgreSQL Operator allows you to further customize your deployments, including: +The Postgres Operator (PGO) makes it easy to get Postgres up and running on +Kubernetes-enabled platforms, but we know that there are further customizations +that you can make. As such, PGO allows you to further customize your +deployments, including: - Selecting different storage classes for your primary, replica, and backup storage - Select your own container resources class for each PostgreSQL cluster deployment; differentiate between resources applied for primary and replica clusters! @@ -94,7 +105,6 @@ The Crunchy PostgreSQL Operator makes it easy to get your own PostgreSQL-as-a-Se - Bring your own trusted certificate authority (CA) for use with the Operator API server - Override your PostgreSQL configuration for each cluster - [disaster-recovery]: https://access.crunchydata.com/documentation/postgres-operator/latest/architecture/disaster-recovery/ [disaster-recovery-s3]: https://access.crunchydata.com/documentation/postgres-operator/latest/architecture/disaster-recovery/#using-s3 [disaster-recovery-scheduling]: https://access.crunchydata.com/documentation/postgres-operator/latest/architecture/disaster-recovery/#scheduling-backups @@ -117,51 +127,62 @@ The Crunchy PostgreSQL Operator makes it easy to get your own PostgreSQL-as-a-Se ## Deployment Requirements -The PostgreSQL Operator is validated for deployment on Kubernetes, OpenShift, and VMware Enterprise PKS clusters. Some form of storage is required, NFS, hostPath, and Storage Classes are currently supported. +PGO, the Postgres Operator, is validated for deployment on Kubernetes, +OpenShift, GKE, Anthos, AKS, EKS, and VMware Tanzu clusters. PGO is cloud native +and storage agnostic, working with a wide variety of storage classes, hostPath, +and NFS. -The PostgreSQL Operator includes various components that get deployed to your -Kubernetes cluster as shown in the following diagram and detailed -in the Design section of the documentation for the version you are running. +PGO includes various components that get deployed to your Kubernetes cluster as +shown in the following diagram and detailed in the Design section of the +documentation for the version you are running. ![Reference](https://access.crunchydata.com/documentation/postgres-operator/latest/Operator-Architecture.png) -The PostgreSQL Operator is developed and tested on CentOS and RHEL linux platforms but is known to run on other Linux variants. +PGO is developed and tested on CentOS and RHEL linux platforms but is known to +run on other Linux variants. ### Supported Platforms -The Crunchy PostgreSQL Operator is tested on the following Platforms: +PGO, the Postgres Operator, is Kubernetes-native and maintains backwards +compatibility to Kubernetes 1.11 and is tested is tested against the following +platforms: - Kubernetes 1.13+ - OpenShift 3.11+ - Google Kubernetes Engine (GKE), including Anthos - Amazon EKS -- VMware Enterprise PKS 1.3+ - -### Storage +- Microsoft AKS +- VMware Tanzu -The Crunchy PostgreSQL Operator is tested with a variety of different types of Kubernetes storage and Storage Classes, including: +This list only includes the platforms that the Postgres Operator is specifically +tested on as part of the release process: PGO works on other Kubernetes +distributions as well. -- Google Compute Engine persistent volumes -- HostPath -- NFS -- Rook -- StorageOS +### Storage -and more. +PGO, the Postgres Operator, is tested with a variety of different types of +Kubernetes storage and Storage Classes, as well as hostPath and NFS. -We know there are a variety of different types of [Storage Classes](https://kubernetes.io/docs/concepts/storage/storage-classes/) available for Kubernetes and we do our best to test each one, but due to the breadth of this area we are unable to verify PostgreSQL Operator functionality in each one. With that said, the PostgreSQL Operator is designed to be storage class agnostic and has been demonstrated to work with additional Storage Classes. +We know there are a variety of different types of [Storage Classes](https://kubernetes.io/docs/concepts/storage/storage-classes/) +available for Kubernetes and we do our best to test each one, but due to the +breadth of this area we are unable to verify Postgres Operator functionality in +each one. With that said, the PostgreSQL Operator is designed to be storage +class agnostic and has been demonstrated to work with additional Storage +Classes. ## Installation -### PostgreSQL Operator Installation +### Postgres Operator (PGO) Installation -The PostgreSQL Operator provides a few different methods for installation based on your use case. +PGO provides a few different methods for installation methods to get up and +running with cloud native Postgres. -Based on your storage settings in your Kubernetes environment, you may be able to start as quickly as: +Based on your storage settings in your Kubernetes environment, you may be able +to start as quickly as: ```shell kubectl create namespace pgo -kubectl apply -f https://raw.githubusercontent.com/CrunchyData/postgres-operator/v4.5.0/installers/kubectl/postgres-operator.yml +kubectl apply -f https://raw.githubusercontent.com/CrunchyData/postgres-operator/v4.5.9/installers/kubectl/postgres-operator.yml ``` Otherwise, we highly recommend following the instructions from our [Quickstart](https://access.crunchydata.com/documentation/postgres-operator/latest/quickstart/). @@ -176,7 +197,7 @@ Installations methods include: ### `pgo` Client Installation -If you have the PostgreSQL Operator installed in your environment, and are interested in installation of the client interface, please start here: +If you have the Postgres Operator installed in your environment, and are interested in installation of the client interface, please start here: - [pgo Client Install](https://access.crunchydata.com/documentation/postgres-operator/latest/installation/pgo-client/) @@ -189,6 +210,7 @@ There is also a `pgo-client` container if you wish to deploy the client directly - [PostgreSQL](https://www.postgresql.org) - [PostgreSQL Contrib Modules](https://www.postgresql.org/docs/current/contrib.html) - [PL/Python + PL/Python 3](https://www.postgresql.org/docs/current/plpython.html) + - [PL/Perl](https://www.postgresql.org/docs/current/plperl.html) - [pgAudit](https://www.pgaudit.org/) - [pgAudit Analyze](https://github.com/pgaudit/pgaudit_analyze) - [pgnodemx](https://github.com/CrunchyData/pgnodemx) @@ -222,16 +244,24 @@ Additional containers that are not directly integrated with the PostgreSQL Opera For more information about which versions of the PostgreSQL Operator include which components, please visit the [compatibility](https://access.crunchydata.com/documentation/postgres-operator/latest/configuration/compatibility/) section of the documentation. -## Using the PostgreSQL Operator +## Using the PostgreSQL Operator (PGO) + +If you are new to PGO, you can follow along the [tutorial](https://access.crunchydata.com/documentation/postgres-operator/latest/tutorial/) +to learn how to install the PostgreSQL Operator and how to use many of its +features! + +- [PostgreSQL Operator Tutorial](https://access.crunchydata.com/documentation/postgres-operator/latest/tutorial/) -If you have the PostgreSQL and Client Interface installed in your environment and are interested in guidance on the use of the Crunchy PostgreSQL Operator, please start here: +If you have the PostgreSQL and client interface installed in your environment +and are interested in guidance on the use of the Crunchy PostgreSQL Operator, +please start here: -- [PostgreSQL Operator Documentation](https://access.crunchydata.com/documentation/postgres-operator/) +- [PostgreSQL Operator (PGO) Documentation](https://access.crunchydata.com/documentation/postgres-operator/) - [`pgo` Client User Guide](https://access.crunchydata.com/documentation/postgres-operator/latest/pgo-client/) ## Contributing to the Project -Want to contribute to the PostgreSQL Operator project? Great! We've put together +Want to contribute to the PGO Project? Great! We've put together as set of contributing guidelines that you can review here: - [Contributing Guidelines](CONTRIBUTING.md) @@ -264,7 +294,7 @@ For other information, please visit the [Support](https://access.crunchydata.com ## Documentation For additional information regarding design, configuration and operation of the -PostgreSQL Operator, pleases see the [Official Project Documentation][documentation]. +PostgreSQL Operator (PGO), please see the [Official Project Documentation][documentation]. If you are looking for the [nightly builds of the documentation](https://crunchydata.github.io/postgres-operator/latest/), you can view them at: @@ -275,3 +305,18 @@ https://crunchydata.github.io/postgres-operator/latest/ ## Past Versions Documentation for previous releases can be found at the [Crunchy Data Access Portal](https://access.crunchydata.com/documentation/) + +## Releases + +When a PGO general availability (GA) release occurs, the container images are +distributed on the following platforms in order: + +- [Crunchy Data Customer Portal](https://access.crunchydata.com/) +- [Crunchy Data Developer Portal](https://www.crunchydata.com/developers) +- [DockerHub](https://hub.docker.com/u/crunchydata) + +The image rollout can occur over the course of several days. + +To stay up-to-date on when releases are made available in the [Crunchy Data Developer Portal](https://www.crunchydata.com/developers), please sign up for the [Crunchy Data Developer Program Newsletter](https://www.crunchydata.com/developers/newsletter) + +The PGO Postgres Operator project source code is available subject to the [Apache 2.0 license](LICENSE.md) with the PGO logo and branding assets covered by [our trademark guidelines](docs/static/logos/TRADEMARKS.md). diff --git a/apiserver.go b/apiserver.go index 2c3858bb63..49ec61657a 100644 --- a/apiserver.go +++ b/apiserver.go @@ -1,7 +1,7 @@ package main /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/bin/crunchy-postgres-exporter/common_lib.sh b/bin/crunchy-postgres-exporter/common_lib.sh index 283352062b..5dd828322c 100755 --- a/bin/crunchy-postgres-exporter/common_lib.sh +++ b/bin/crunchy-postgres-exporter/common_lib.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2018 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/bin/crunchy-postgres-exporter/start.sh b/bin/crunchy-postgres-exporter/start.sh index f8e02e4094..b98bf56bdd 100755 --- a/bin/crunchy-postgres-exporter/start.sh +++ b/bin/crunchy-postgres-exporter/start.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2017 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -144,6 +144,12 @@ else else echo_err "Custom Query file queries_pg95.yml does not exist (it should).." fi + if [[ -f ${CONFIG_DIR?}/queries_pg_stat_statements_pg95.yml ]] + then + cat ${CONFIG_DIR?}/queries_pg_stat_statements_pg95.yml >> /tmp/queries.yml + else + echo_warn "Custom Query file queries_pg_stat_statements_pg95.yml not loaded." + fi elif (( ${VERSION?} >= 90600 )) && (( ${VERSION?} < 100000 )) then if [[ -f ${CONFIG_DIR?}/queries_pg96.yml ]] @@ -152,6 +158,12 @@ else else echo_err "Custom Query file queries_pg96.yml does not exist (it should).." fi + if [[ -f ${CONFIG_DIR?}/queries_pg_stat_statements_pg96.yml ]] + then + cat ${CONFIG_DIR?}/queries_pg_stat_statements_pg96.yml >> /tmp/queries.yml + else + echo_warn "Custom Query file queries_pg_stat_statements_pg96.yml not loaded." + fi elif (( ${VERSION?} >= 100000 )) && (( ${VERSION?} < 110000 )) then if [[ -f ${CONFIG_DIR?}/queries_pg10.yml ]] @@ -160,6 +172,12 @@ else else echo_err "Custom Query file queries_pg10.yml does not exist (it should).." fi + if [[ -f ${CONFIG_DIR?}/queries_pg_stat_statements_pg10.yml ]] + then + cat ${CONFIG_DIR?}/queries_pg_stat_statements_pg10.yml >> /tmp/queries.yml + else + echo_warn "Custom Query file queries_pg_stat_statements_pg10.yml not loaded." + fi elif (( ${VERSION?} >= 110000 )) && (( ${VERSION?} < 120000 )) then if [[ -f ${CONFIG_DIR?}/queries_pg11.yml ]] @@ -168,6 +186,12 @@ else else echo_err "Custom Query file queries_pg11.yml does not exist (it should).." fi + if [[ -f ${CONFIG_DIR?}/queries_pg_stat_statements_pg11.yml ]] + then + cat ${CONFIG_DIR?}/queries_pg_stat_statements_pg11.yml >> /tmp/queries.yml + else + echo_warn "Custom Query file queries_pg_stat_statements_pg11.yml not loaded." + fi elif (( ${VERSION?} >= 120000 )) && (( ${VERSION?} < 130000 )) then if [[ -f ${CONFIG_DIR?}/queries_pg12.yml ]] @@ -176,13 +200,25 @@ else else echo_err "Custom Query file queries_pg12.yml does not exist (it should).." fi + if [[ -f ${CONFIG_DIR?}/queries_pg_stat_statements_pg12.yml ]] + then + cat ${CONFIG_DIR?}/queries_pg_stat_statements_pg12.yml >> /tmp/queries.yml + else + echo_warn "Custom Query file queries_pg_stat_statements_pg12.yml not loaded." + fi elif (( ${VERSION?} >= 130000 )) then if [[ -f ${CONFIG_DIR?}/queries_pg13.yml ]] then cat ${CONFIG_DIR?}/queries_pg13.yml >> /tmp/queries.yml else - echo_err "Custom Query file queries_pg12.yml does not exist (it should).." + echo_err "Custom Query file queries_pg13.yml does not exist (it should).." + fi + if [[ -f ${CONFIG_DIR?}/queries_pg_stat_statements_pg13.yml ]] + then + cat ${CONFIG_DIR?}/queries_pg_stat_statements_pg13.yml >> /tmp/queries.yml + else + echo_warn "Custom Query file queries_pg_stat_statements_pg13.yml not loaded." fi else echo_err "Unknown or unsupported version of PostgreSQL. Exiting.." @@ -190,7 +226,7 @@ else fi fi -sed -i "s/#PGBACKREST_INFO_THROTTLE_MINUTES#/${PGBACKREST_INFO_THROTTLE_MINUTES:-10}/g" /tmp/queries.yml +sed -i -e "s/#PGBACKREST_INFO_THROTTLE_MINUTES#/${PGBACKREST_INFO_THROTTLE_MINUTES:-10}/g" -e "s/#PG_STAT_STATEMENTS_LIMIT#/${PG_STAT_STATEMENTS_LIMIT:-20}/g" /tmp/queries.yml PG_OPTIONS="--extend.query-path=${QUERY_DIR?}/queries.yml --web.listen-address=:${POSTGRES_EXPORTER_PORT}" diff --git a/bin/get-deps.sh b/bin/get-deps.sh index a0fddd048e..fa199dca13 100755 --- a/bin/get-deps.sh +++ b/bin/get-deps.sh @@ -1,6 +1,6 @@ #!/bin/bash -e -# Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2017 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/bin/get-pgmonitor.sh b/bin/get-pgmonitor.sh index 6bfb720b3e..5bf97d1475 100755 --- a/bin/get-pgmonitor.sh +++ b/bin/get-pgmonitor.sh @@ -1,6 +1,6 @@ #!/bin/bash -e -# Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2017 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -14,7 +14,7 @@ # limitations under the License. echo "Getting pgMonitor..." -PGMONITOR_COMMIT='v4.4-RC6' +PGMONITOR_COMMIT='4.4-1' # pgMonitor Setup if [[ -d ${PGOROOT?}/tools/pgmonitor ]] diff --git a/bin/license_aggregator.sh b/bin/license_aggregator.sh new file mode 100755 index 0000000000..0405891d38 --- /dev/null +++ b/bin/license_aggregator.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +# Copyright 2021 - 2022 Crunchy Data Solutions, Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Inputs / outputs +SCAN_DIR=${PGOROOT:-~/go/src/github.com/crunchydata/postgres-operator}/vendor +OUT_DIR=licenses + +# Fail on error +set -e + +# Clean up before we start our work +rm -rf $OUT_DIR/*/ + +# Get any file in the vendor directory with the word "license" in it. Note that we'll also keep its path +myLicenses=$(find $SCAN_DIR -type f | grep -i license) +for licensefile in $myLicenses +do + # make a new license directory matching the same vendor structure + licensedir=$(dirname $licensefile) + newlicensedir=$(echo $licensedir | sed "s:$SCAN_DIR:$OUT_DIR:" | sed 's:@[0-9a-zA-Z.\\-]*/:/:' | sed 's:@[0-9a-zA-Z.\\-]*::') + mkdir -p $newlicensedir + # And, copy over the license + cp -f $licensefile $newlicensedir +done + +sudo chmod -R 755 licenses +sudo chmod 0644 licenses/LICENSE.txt diff --git a/bin/pgo-backrest-repo-sync/pgo-backrest-repo-sync.sh b/bin/pgo-backrest-repo-sync/pgo-backrest-repo-sync.sh index 53e98e3a2e..2eabeedc6e 100644 --- a/bin/pgo-backrest-repo-sync/pgo-backrest-repo-sync.sh +++ b/bin/pgo-backrest-repo-sync/pgo-backrest-repo-sync.sh @@ -1,6 +1,6 @@ #!/bin/bash -x -# Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2019 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/bin/pgo-backrest-repo/pgo-backrest-repo.sh b/bin/pgo-backrest-repo/pgo-backrest-repo.sh index 25fdec5f69..c470a68210 100755 --- a/bin/pgo-backrest-repo/pgo-backrest-repo.sh +++ b/bin/pgo-backrest-repo/pgo-backrest-repo.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2019 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/bin/pgo-backrest-restore/pgo-backrest-restore.sh b/bin/pgo-backrest-restore/pgo-backrest-restore.sh index 89f3888fff..8d250ea842 100755 --- a/bin/pgo-backrest-restore/pgo-backrest-restore.sh +++ b/bin/pgo-backrest-restore/pgo-backrest-restore.sh @@ -1,6 +1,6 @@ #!/bin/bash -x -# Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2019 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/bin/pgo-backrest/pgo-backrest.sh b/bin/pgo-backrest/pgo-backrest.sh index fda20af57c..f87aadf4df 100755 --- a/bin/pgo-backrest/pgo-backrest.sh +++ b/bin/pgo-backrest/pgo-backrest.sh @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2018 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/bin/pgo-event/pgo-event.sh b/bin/pgo-event/pgo-event.sh index cddcb2e708..7e16d5f3f1 100755 --- a/bin/pgo-event/pgo-event.sh +++ b/bin/pgo-event/pgo-event.sh @@ -1,6 +1,6 @@ #!/bin/bash -x -# Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2019 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/bin/pgo-rmdata/start.sh b/bin/pgo-rmdata/start.sh index 95a4903289..bf9dd9f9c2 100755 --- a/bin/pgo-rmdata/start.sh +++ b/bin/pgo-rmdata/start.sh @@ -1,6 +1,6 @@ #!/bin/bash -x -# Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2018 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/bin/pgo-scheduler/start.sh b/bin/pgo-scheduler/start.sh index 4a32cf8bc3..758a25bbd3 100755 --- a/bin/pgo-scheduler/start.sh +++ b/bin/pgo-scheduler/start.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2019 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/bin/pgo-sqlrunner/start.sh b/bin/pgo-sqlrunner/start.sh index 0b2eb6d417..8a272855f1 100755 --- a/bin/pgo-sqlrunner/start.sh +++ b/bin/pgo-sqlrunner/start.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2019 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/bin/pre-pull-crunchy-containers.sh b/bin/pre-pull-crunchy-containers.sh index 5a7031f8e9..2726b2e02d 100755 --- a/bin/pre-pull-crunchy-containers.sh +++ b/bin/pre-pull-crunchy-containers.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2018 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/bin/pull-from-gcr.sh b/bin/pull-from-gcr.sh index ad25336aab..e747b434c2 100755 --- a/bin/pull-from-gcr.sh +++ b/bin/pull-from-gcr.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2018 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/bin/push-ccp-to-gcr.sh b/bin/push-ccp-to-gcr.sh index 3b9de84ed0..2c6123a0c2 100755 --- a/bin/push-ccp-to-gcr.sh +++ b/bin/push-ccp-to-gcr.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2019 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -16,7 +16,7 @@ GCR_IMAGE_PREFIX=gcr.io/crunchy-dev-test CCP_IMAGE_PREFIX=crunchydata -CCP_IMAGE_TAG=centos7-12.4-4.5.0 +CCP_IMAGE_TAG=ubi8-12.13-4.5.9 IMAGES=( crunchy-prometheus diff --git a/bin/push-to-gcr.sh b/bin/push-to-gcr.sh index f8293d9159..931511bdd7 100755 --- a/bin/push-to-gcr.sh +++ b/bin/push-to-gcr.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2018 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/bin/uid_daemon.sh b/bin/uid_daemon.sh index 83d8aca5e2..58f8fd7505 100755 --- a/bin/uid_daemon.sh +++ b/bin/uid_daemon.sh @@ -1,6 +1,6 @@ #!/usr/bin/bash -# Copyright 2020 Crunchy Data Solutions, Inc. +# Copyright 2020 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/bin/upgrade-secret.sh b/bin/upgrade-secret.sh index ee93af1377..b52b751727 100755 --- a/bin/upgrade-secret.sh +++ b/bin/upgrade-secret.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2018 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/build/pgo-apiserver/Dockerfile b/build/pgo-apiserver/Dockerfile index a2ec3c3b3a..505ea1b4a9 100644 --- a/build/pgo-apiserver/Dockerfile +++ b/build/pgo-apiserver/Dockerfile @@ -5,6 +5,10 @@ ARG PGVERSION ARG BACKREST_VERSION FROM ${PREFIX}/pgo-base:${BASEOS}-${BASEVER} +ARG BASEOS +ARG PACKAGER +ARG PGVERSION + LABEL name="pgo-apiserver" \ summary="Crunchy PostgreSQL Operator - Apiserver" \ description="Crunchy PostgreSQL Operator - Apiserver" diff --git a/build/pgo-base/Dockerfile b/build/pgo-base/Dockerfile index e9a80bea5c..d852c3855b 100644 --- a/build/pgo-base/Dockerfile +++ b/build/pgo-base/Dockerfile @@ -21,7 +21,6 @@ LABEL vendor="Crunchy Data" \ io.openshift.tags="postgresql,postgres,sql,nosql,crunchy" \ io.k8s.description="Trusted open source PostgreSQL-as-a-Service" -COPY redhat/licenses /licenses COPY redhat/atomic/help.1 /help.1 COPY redhat/atomic/help.md /help.md COPY licenses /licenses diff --git a/build/pgo-deployer/Dockerfile b/build/pgo-deployer/Dockerfile index c2000eaa87..5cddb35651 100644 --- a/build/pgo-deployer/Dockerfile +++ b/build/pgo-deployer/Dockerfile @@ -4,7 +4,6 @@ ARG PREFIX FROM ${PREFIX}/pgo-base:${BASEOS}-${BASEVER} ARG BASEOS -ARG ANSIBLE_VERSION ARG PACKAGER ARG DFSET @@ -18,11 +17,10 @@ RUN if [ "$DFSET" = "centos" ] ; then \ ${PACKAGER} install -y epel-release \ && ${PACKAGER} -y install \ --setopt=skip_missing_names_on_install=False \ - kubectl \ - ansible-${ANSIBLE_VERSION} \ + kubectl-1.24* \ + ansible \ which \ gettext \ - openssl \ && ${PACKAGER} -y clean all ; \ fi @@ -33,10 +31,9 @@ RUN if [ "$BASEOS" = "rhel7" ] ; then \ --setopt=skip_missing_names_on_install=False \ --enablerepo='rhel-7-server-ose-4.4-rpms' \ openshift-clients \ - ansible-${ANSIBLE_VERSION} \ + ansible \ which \ gettext \ - openssl \ && ${PACKAGER} -y clean all --enablerepo='rhel-7-server-ose-4.4-rpms' ; \ fi @@ -47,10 +44,9 @@ RUN if [ "$BASEOS" = "ubi7" ] ; then \ --setopt=skip_missing_names_on_install=False \ --enablerepo='rhel-7-server-ose-4.4-rpms' \ openshift-clients \ - ansible-${ANSIBLE_VERSION} \ + ansible \ which \ gettext \ - openssl \ && ${PACKAGER} -y clean all --enablerepo='rhel-7-server-ose-4.4-rpms' ; \ fi @@ -61,15 +57,16 @@ RUN if [ "$BASEOS" = "ubi8" ] ; then \ --setopt=skip_missing_names_on_install=False \ --enablerepo='rhocp-4.5-for-rhel-8-x86_64-rpms' \ openshift-clients \ - ansible-${ANSIBLE_VERSION} \ + ansible \ which \ gettext \ - openssl \ + python39-jmespath \ && ${PACKAGER} -y clean all --enablerepo='rhocp-4.5-for-rhel-8-x86_64-rpms' ; \ fi COPY installers/ansible /ansible/postgres-operator COPY installers/metrics/ansible /ansible/metrics +ADD tools/pgmonitor /tmp/.pgo/metrics/pgmonitor COPY installers/image/bin/pgo-deploy.sh /pgo-deploy.sh COPY bin/uid_daemon.sh /uid_daemon.sh @@ -78,6 +75,7 @@ ENV HOME="/tmp" RUN chmod g=u /etc/passwd RUN chmod g=u /uid_daemon.sh +RUN chown -R 2:2 /tmp/.pgo ENTRYPOINT ["/uid_daemon.sh"] diff --git a/build/pgo-scheduler/Dockerfile b/build/pgo-scheduler/Dockerfile index 49e3700e4e..ab1788a2ff 100644 --- a/build/pgo-scheduler/Dockerfile +++ b/build/pgo-scheduler/Dockerfile @@ -3,6 +3,7 @@ ARG BASEVER ARG PREFIX FROM ${PREFIX}/pgo-base:${BASEOS}-${BASEVER} +ARG BASEOS ARG PGVERSION ARG BACKREST_VERSION ARG PACKAGER @@ -30,6 +31,13 @@ RUN if [ "$DFSET" = "rhel" ] ; then \ && chown -R 2:2 /opt/cpm /pgo-config ; \ fi +RUN if [ "$BASEOS" = "ubi8" ]; then \ + ${PACKAGER} -y install \ + findutils \ + procps \ + && ${PACKAGER} -y clean all ; \ +fi + ADD bin/pgo-scheduler /opt/cpm/bin ADD installers/ansible/roles/pgo-operator/files/pgo-configs /default-pgo-config ADD conf/postgres-operator/pgo.yaml /default-pgo-config/pgo.yaml diff --git a/build/postgres-operator/Dockerfile b/build/postgres-operator/Dockerfile index d88621d73f..dd9895987e 100644 --- a/build/postgres-operator/Dockerfile +++ b/build/postgres-operator/Dockerfile @@ -28,6 +28,7 @@ RUN if [ "$DFSET" = "rhel" ] ; then \ fi ADD bin/postgres-operator /usr/local/bin +ADD installers/ansible/roles/pgo-operator/files/pgo-backrest-repo /default-pgo-backrest-repo ADD installers/ansible/roles/pgo-operator/files/pgo-configs /default-pgo-config ADD conf/postgres-operator/pgo.yaml /default-pgo-config/pgo.yaml diff --git a/conf/postgres-operator/pgo.yaml b/conf/postgres-operator/pgo.yaml index ff5c97ec7f..040bb5e8bf 100644 --- a/conf/postgres-operator/pgo.yaml +++ b/conf/postgres-operator/pgo.yaml @@ -2,7 +2,7 @@ Cluster: CCPImagePrefix: registry.developers.crunchydata.com/crunchydata Metrics: false Badger: false - CCPImageTag: centos7-12.4-4.5.0 + CCPImageTag: ubi8-12.13-4.5.9 Port: 5432 PGBadgerPort: 10000 ExporterPort: 9187 @@ -82,4 +82,4 @@ Storage: Pgo: Audit: false PGOImagePrefix: registry.developers.crunchydata.com/crunchydata - PGOImageTag: centos7-4.5.0 + PGOImageTag: ubi8-4.5.9 diff --git a/crunchy_logo.png b/crunchy_logo.png deleted file mode 100644 index 2fbf3352c1..0000000000 Binary files a/crunchy_logo.png and /dev/null differ diff --git a/deploy/add-targeted-namespace-reconcile-rbac.sh b/deploy/add-targeted-namespace-reconcile-rbac.sh index 8438c10912..66eddb96a0 100755 --- a/deploy/add-targeted-namespace-reconcile-rbac.sh +++ b/deploy/add-targeted-namespace-reconcile-rbac.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2020 Crunchy Data Solutions, Inc. +# Copyright 2020 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/deploy/add-targeted-namespace.sh b/deploy/add-targeted-namespace.sh index af088314d9..9d9b0e58d2 100755 --- a/deploy/add-targeted-namespace.sh +++ b/deploy/add-targeted-namespace.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2019 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/deploy/cleannamespaces.sh b/deploy/cleannamespaces.sh index 66cd693863..3ad11e8766 100755 --- a/deploy/cleannamespaces.sh +++ b/deploy/cleannamespaces.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2019 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/deploy/cleanup-rbac.sh b/deploy/cleanup-rbac.sh index 50f52bbc5f..61e07e13b4 100755 --- a/deploy/cleanup-rbac.sh +++ b/deploy/cleanup-rbac.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2018 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/deploy/cleanup.sh b/deploy/cleanup.sh index afe13f98c7..0068cb0fd7 100755 --- a/deploy/cleanup.sh +++ b/deploy/cleanup.sh @@ -1,5 +1,5 @@ #!/bin/bash -# Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2017 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/deploy/cluster-role-bindings.yaml b/deploy/cluster-role-bindings.yaml index be7d75bb2f..1f6f9a2b35 100644 --- a/deploy/cluster-role-bindings.yaml +++ b/deploy/cluster-role-bindings.yaml @@ -3,6 +3,8 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: pgo-cluster-role + labels: + vendor: crunchydata roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/deploy/cluster-roles-readonly.yaml b/deploy/cluster-roles-readonly.yaml index 773e6cd07e..900e83d434 100644 --- a/deploy/cluster-roles-readonly.yaml +++ b/deploy/cluster-roles-readonly.yaml @@ -2,6 +2,8 @@ kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: pgo-cluster-role + labels: + vendor: crunchydata rules: - apiGroups: - '' diff --git a/deploy/cluster-roles.yaml b/deploy/cluster-roles.yaml index cb0bb85b41..e2a90137c4 100644 --- a/deploy/cluster-roles.yaml +++ b/deploy/cluster-roles.yaml @@ -3,6 +3,8 @@ kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: pgo-cluster-role + labels: + vendor: crunchydata rules: - apiGroups: - '' @@ -41,8 +43,6 @@ rules: - endpoints - pods - pods/exec - - pods/log - - replicasets - secrets - services - persistentvolumeclaims @@ -55,10 +55,19 @@ rules: - update - delete - deletecollection + - apiGroups: + - '' + resources: + - pods/log + verbs: + - get + - list + - watch - apiGroups: - apps resources: - deployments + - replicasets verbs: - get - list diff --git a/deploy/deploy.sh b/deploy/deploy.sh index 823671c7d9..e2abc5c25c 100755 --- a/deploy/deploy.sh +++ b/deploy/deploy.sh @@ -1,5 +1,5 @@ #!/bin/bash -# Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2017 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -46,12 +46,14 @@ fi pgbackrest_aws_s3_key=$(awsKeySecret "aws-s3-key") pgbackrest_aws_s3_key_secret=$(awsKeySecret "aws-s3-key-secret") -$PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE create secret generic pgo-backrest-repo-config \ - --from-file=config=${PGO_CONF_DIR}/pgo-backrest-repo/config \ - --from-file=sshd_config=${PGO_CONF_DIR}/pgo-backrest-repo/sshd_config \ - --from-file=aws-s3-ca.crt=${PGO_CONF_DIR}/pgo-backrest-repo/aws-s3-ca.crt \ - --from-literal=aws-s3-key="${pgbackrest_aws_s3_key}" \ - --from-literal=aws-s3-key-secret="${pgbackrest_aws_s3_key_secret}" +if [[ ! -z $pgbackrest_aws_s3_key ]] || [[ ! -z $pgbackrest_aws_s3_key_secret ]] +then + $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE create secret generic pgo-backrest-repo-config \ + --from-literal=aws-s3-key="${pgbackrest_aws_s3_key}" \ + --from-literal=aws-s3-key-secret="${pgbackrest_aws_s3_key_secret}" + $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE label secret pgo-backrest-repo-config \ + vendor=crunchydata +fi # # credentials for pgo-apiserver TLS REST API @@ -63,11 +65,12 @@ then fi $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE create secret tls pgo.tls --key=${PGOROOT}/conf/postgres-operator/server.key --cert=${PGOROOT}/conf/postgres-operator/server.crt +$PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE label secret pgo.tls vendor=crunchydata $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE create configmap pgo-config \ --from-file=${PGOROOT}/conf/postgres-operator/pgo.yaml \ --from-file=${PGO_CONF_DIR}/pgo-configs - +$PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE label configmap pgo-config vendor=crunchydata # # check if custom port value is set, otherwise set default values diff --git a/deploy/gen-api-keys.sh b/deploy/gen-api-keys.sh index 8aece10000..62b37982c0 100755 --- a/deploy/gen-api-keys.sh +++ b/deploy/gen-api-keys.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2019 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/deploy/install-bootstrap-creds.sh b/deploy/install-bootstrap-creds.sh index 1b446824d3..28c249b42a 100755 --- a/deploy/install-bootstrap-creds.sh +++ b/deploy/install-bootstrap-creds.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2019 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -17,9 +17,9 @@ set -eu # fill out these variables if you want to change the # default pgo bootstrap user and role -PGOADMIN_USERNAME=admin -PGOADMIN_PASSWORD=examplepassword -PGOADMIN_ROLENAME=pgoadmin +PGOADMIN_USERNAME="${PGOADMIN_USERNAME:-admin}" +PGOADMIN_PASSWORD="${PGOADMIN_PASSWORD:-examplepassword}" +PGOADMIN_ROLENAME="${PGOADMIN_ROLENAME:-pgoadmin}" PGOADMIN_PERMS="*" diff --git a/deploy/install-rbac.sh b/deploy/install-rbac.sh index d96532d9f1..9c1b900ca7 100755 --- a/deploy/install-rbac.sh +++ b/deploy/install-rbac.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2018 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/deploy/local-namespace-rbac.yaml b/deploy/local-namespace-rbac.yaml index d74f947653..29277675c6 100644 --- a/deploy/local-namespace-rbac.yaml +++ b/deploy/local-namespace-rbac.yaml @@ -3,6 +3,8 @@ kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: pgo-local-ns + labels: + vendor: crunchydata rules: - apiGroups: - '' @@ -28,6 +30,8 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: pgo-local-ns + labels: + vendor: crunchydata roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -41,6 +45,8 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: pgo-target-role-binding + labels: + vendor: crunchydata roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/deploy/remove-crd.sh b/deploy/remove-crd.sh index 764645264f..3d2182c739 100755 --- a/deploy/remove-crd.sh +++ b/deploy/remove-crd.sh @@ -1,5 +1,5 @@ #!/bin/bash -# Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2017 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/deploy/role-bindings.yaml b/deploy/role-bindings.yaml index b8f21c2391..916858e8ed 100644 --- a/deploy/role-bindings.yaml +++ b/deploy/role-bindings.yaml @@ -4,6 +4,8 @@ kind: RoleBinding metadata: name: pgo-role namespace: "$PGO_OPERATOR_NAMESPACE" + labels: + vendor: crunchydata roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/deploy/roles.yaml b/deploy/roles.yaml index 899551f6a1..e800165f15 100644 --- a/deploy/roles.yaml +++ b/deploy/roles.yaml @@ -4,6 +4,8 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: pgo-role namespace: "$PGO_OPERATOR_NAMESPACE" + labels: + vendor: crunchydata rules: - apiGroups: - '' diff --git a/deploy/service-accounts.yaml b/deploy/service-accounts.yaml index f631c8e06b..d48909d647 100644 --- a/deploy/service-accounts.yaml +++ b/deploy/service-accounts.yaml @@ -4,3 +4,5 @@ kind: ServiceAccount metadata: name: postgres-operator namespace: $PGO_OPERATOR_NAMESPACE + labels: + vendor: crunchydata diff --git a/deploy/service.json b/deploy/service.json index f026f5d7d5..97b76e4bc9 100644 --- a/deploy/service.json +++ b/deploy/service.json @@ -4,7 +4,8 @@ "metadata": { "name": "postgres-operator", "labels": { - "name": "postgres-operator" + "name": "postgres-operator", + "vendor": "crunchydata" } }, "spec": { diff --git a/deploy/setupnamespaces.sh b/deploy/setupnamespaces.sh index 9d2188a56f..50f5e874a6 100755 --- a/deploy/setupnamespaces.sh +++ b/deploy/setupnamespaces.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2019 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/deploy/show-crd.sh b/deploy/show-crd.sh index 7f40285c5d..6af0001e7c 100755 --- a/deploy/show-crd.sh +++ b/deploy/show-crd.sh @@ -1,5 +1,5 @@ #!/bin/bash -# Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2017 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/deploy/upgrade-creds.sh b/deploy/upgrade-creds.sh index ddc0953df7..1b1024202a 100755 --- a/deploy/upgrade-creds.sh +++ b/deploy/upgrade-creds.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2019 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/deploy/upgrade-pgo.sh b/deploy/upgrade-pgo.sh index 66f61639eb..7f332c0340 100755 --- a/deploy/upgrade-pgo.sh +++ b/deploy/upgrade-pgo.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2020 Crunchy Data Solutions, Inc. +# Copyright 2020 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/docs/config.toml b/docs/config.toml index 48ef2d760d..9a64427568 100644 --- a/docs/config.toml +++ b/docs/config.toml @@ -2,7 +2,7 @@ baseURL= "" languageCode = "en-us" DefaultContentLanguage = "en" -title = "Crunchy PostgreSQL Operator Documentation" +title = "PGO: PostgreSQL Operator from Crunchy Data Documentation" theme = "crunchy-hugo-theme" pygmentsCodeFences = true pygmentsStyle = "monokailight" @@ -25,16 +25,14 @@ disableNavChevron = false # set true to hide next/prev chevron, default is false highlightClientSide = false # set true to use highlight.pack.js instead of the default hugo chroma highlighter menushortcutsnewtab = true # set true to open shortcuts links to a new tab/window enableGitInfo = true -operatorVersion = "4.5.0" -postgresVersion = "12.4" -postgresVersion13 = "13.0" -postgresVersion12 = "12.4" -postgresVersion11 = "11.9" -postgresVersion10 = "10.14" -postgresVersion96 = "9.6.19" -postgresVersion95 = "9.5.23" +operatorVersion = "4.5.9" +postgresVersion = "13.9" +postgresVersion13 = "13.9" +postgresVersion12 = "12.13" +postgresVersion11 = "11.18" +postgresVersion10 = "10.23" postgisVersion = "3.0" -centosBase = "centos7" +ubiBase = "ubi8" [outputs] home = [ "HTML", "RSS", "JSON"] diff --git a/docs/content/Configuration/compatibility.md b/docs/content/Configuration/compatibility.md index b805ef9c08..1780ebad7b 100644 --- a/docs/content/Configuration/compatibility.md +++ b/docs/content/Configuration/compatibility.md @@ -12,7 +12,60 @@ version dependencies between the two projects. Below are the operator releases a | Operator Release | Container Release | Postgres | PgBackrest Version |:----------|:-------------|:------------|:-------------- -| 4.5.0 | 4.5.0 | 12.4 | 2.29 | +| 4.5.9 | 4.5.9 | 13.9 | 2.29 | +|||12.13|2.29| +|||11.18|2.29| +|||10.23|2.29| +|||| +| 4.5.8 | 4.5.8 | 13.8 | 2.29 | +|||12.12|2.29| +|||11.17|2.29| +|||10.22|2.29| +|||| +| 4.5.7 | 4.5.7 | 13.7 | 2.29 | +|||12.11|2.29| +|||11.16|2.29| +|||10.21|2.29| +|||| +| 4.5.6 | 4.5.6 | 13.6 | 2.29 | +|||12.10|2.29| +|||11.15|2.29| +|||10.20|2.29| +|||| +| 4.5.5 | 4.5.5 | 13.5 | 2.29 | +|||12.9|2.29| +|||11.14|2.29| +|||10.19|2.29| +|||9.6.24|2.29| +|||| +| 4.5.4 | 4.5.4 | 13.4 | 2.29 | +|||12.8|2.29| +|||11.13|2.29| +|||10.18|2.29| +|||9.6.23|2.29| +|||| +| 4.5.3 | 4.5.3 | 13.3 | 2.29 | +|||12.7|2.29| +|||11.12|2.29| +|||10.17|2.29| +|||9.6.22|2.29| +|||| +| 4.5.2 | 4.5.2 | 13.2 | 2.29 | +|||12.6|2.29| +|||11.11|2.29| +|||10.16|2.29| +|||9.6.21|2.29| +|||9.5.25|2.29| +|||| +| 4.5.1 | 4.5.1 | 13.1 | 2.29 | +|||12.5|2.29| +|||11.10|2.29| +|||10.15|2.29| +|||9.6.20|2.29| +|||9.5.24|2.29| +|||| +| 4.5.0 | 4.5.0 | 13.0 | 2.29 | +|||12.4|2.29| |||11.9|2.29| |||10.14|2.29| |||9.6.19|2.29| diff --git a/docs/content/Configuration/configuration.md b/docs/content/Configuration/configuration.md index e85823a865..e6bae33be9 100644 --- a/docs/content/Configuration/configuration.md +++ b/docs/content/Configuration/configuration.md @@ -16,9 +16,9 @@ The configuration files used by the Operator are found in 2 places: * the pgo-config ConfigMap in the namespace the Operator is running in * or, a copy of the configuration files are also included by default into the Operator container images themselves to support a very simplistic deployment of the Operator -If the pgo-config ConfigMap is not found by the Operator, it will use -the configuration files that are included in the Operator container -images. +If the `pgo-config` ConfigMap is not found by the Operator, it will create a +`pgo-config` ConfigMap using the configuration files that are included in the +Operator container. ## conf/postgres-operator/pgo.yaml The *pgo.yaml* file sets many different Operator configuration settings and is described in the [pgo.yaml configuration]({{< ref "pgo-yaml-configuration.md" >}}) documentation section. diff --git a/docs/content/Configuration/pgo-yaml-configuration.md b/docs/content/Configuration/pgo-yaml-configuration.md index c1b6a894e1..46f944e309 100644 --- a/docs/content/Configuration/pgo-yaml-configuration.md +++ b/docs/content/Configuration/pgo-yaml-configuration.md @@ -16,7 +16,7 @@ The *pgo.yaml* file is broken into major sections as described below: |---|---| |BasicAuth | If set to `"true"` will enable Basic Authentication. If set to `"false"`, will allow a valid Operator user to successfully authenticate regardless of the value of the password provided for Basic Authentication. Defaults to `"true".` |CCPImagePrefix |newly created containers will be based on this image prefix (e.g. crunchydata), update this if you require a custom image prefix -|CCPImageTag |newly created containers will be based on this image version (e.g. {{< param centosBase >}}-{{< param postgresVersion >}}-{{< param operatorVersion >}}), unless you override it using the --ccp-image-tag command line flag +|CCPImageTag |newly created containers will be based on this image version (e.g. {{< param ubiBase >}}-{{< param postgresVersion >}}-{{< param operatorVersion >}}), unless you override it using the --ccp-image-tag command line flag |Port | the PostgreSQL port to use for new containers (e.g. 5432) |PGBadgerPort | the port used to connect to pgbadger (e.g. 10000) |ExporterPort | the port used to connect to postgres exporter (e.g. 9187) @@ -45,9 +45,9 @@ The *pgo.yaml* file is broken into major sections as described below: | Setting|Definition | |---|---| |PrimaryStorage |required, the value of the storage configuration to use for the primary PostgreSQL deployment -|BackupStorage |required, the value of the storage configuration to use for backups, including the storage for pgbackrest repo volumes |ReplicaStorage |required, the value of the storage configuration to use for the replica PostgreSQL deployments -|BackrestStorage |required, the value of the storage configuration to use for the pgbackrest shared repository deployment created when a user specifies pgbackrest to be enabled on a cluster +|BackrestStorage |required, the value of the storage configuration to use for the pgBackRest repository. +|BackupStorage |required, the value of the storage configuration to use for backups generated by `pg_dump`. |WALStorage | optional, the value of the storage configuration to use for PostgreSQL Write Ahead Log |StorageClass | optional, for a dynamic storage type, you can specify the storage class used for storage provisioning (e.g. standard, gold, fast) |AccessMode |the access mode for new PVCs (e.g. ReadWriteMany, ReadWriteOnce, ReadOnlyMany). See below for descriptions of these. diff --git a/docs/content/Security/configure-postgres-operator-rbac.md b/docs/content/Security/configure-postgres-operator-rbac.md index de70e2b480..5e8b72f648 100644 --- a/docs/content/Security/configure-postgres-operator-rbac.md +++ b/docs/content/Security/configure-postgres-operator-rbac.md @@ -73,6 +73,7 @@ The following list shows the current complete list of possible pgo permissions t |DfCluster | allow *pgo df*| |Label | allow *pgo label*| |Reload | allow *pgo reload*| +|Restart | allow *pgo restart*| |Restore | allow *pgo restore*| |RestoreDump | allow *pgo restore* for pgdumps| |ShowBackup | allow *pgo show backup*| diff --git a/docs/content/Upgrade/automatedupgrade.md b/docs/content/Upgrade/automatedupgrade.md index 31480bc07e..72184ced6a 100644 --- a/docs/content/Upgrade/automatedupgrade.md +++ b/docs/content/Upgrade/automatedupgrade.md @@ -127,7 +127,7 @@ pgo upgrade mycluster If you are using the PostGIS-enabled image (i.e. `crunchy-postgres-gis-ha`) or any other custom images, you will need to add the `--ccp-image-tag`: ``` -pgo upgrade --ccp-image-tag={{< param centosBase >}}-{{< param postgresVersion >}}-{{< param postgisVersion >}}-{{< param operatorVersion >}} mygiscluster +pgo upgrade --ccp-image-tag={{< param ubiBase >}}-{{< param postgresVersion >}}-{{< param postgisVersion >}}-{{< param operatorVersion >}} mygiscluster ``` Where `{{< param postgresVersion >}}` is the PostgreSQL version, `{{< param postgisVersion >}}` is the PostGIS version and `{{< param operatorVersion >}}` is the PostgreSQL Operator version. Please note, no tag validation will be performed and additional steps may be required to upgrade your PostGIS extension implementation. For more information on PostGIS upgrade considerations, please see diff --git a/docs/content/Upgrade/manual/upgrade35.md b/docs/content/Upgrade/manual/upgrade35.md index cb7ec25138..261fbf6e89 100644 --- a/docs/content/Upgrade/manual/upgrade35.md +++ b/docs/content/Upgrade/manual/upgrade35.md @@ -17,7 +17,7 @@ A major change to this container is that the PostgreSQL process is now managed b When creating your new clusters using version {{< param operatorVersion >}} of the PostgreSQL Operator, the `pgo create cluster` command will automatically use the new `crunchy-postgres-ha` image if the image is unspecified. If you are creating a PostGIS enabled cluster, please be sure to use the updated image name and image tag, as with the command: ``` -pgo create cluster mygiscluster --ccp-image=crunchy-postgres-gis-ha --ccp-image-tag={{< param centosBase >}}-{{< param postgresVersion >}}-{{< param postgisVersion >}}-{{< param operatorVersion >}} +pgo create cluster mygiscluster --ccp-image=crunchy-postgres-gis-ha --ccp-image-tag={{< param ubiBase >}}-{{< param postgresVersion >}}-{{< param postgisVersion >}}-{{< param operatorVersion >}} ``` Where `{{< param postgresVersion >}}` is the PostgreSQL version, `{{< param postgisVersion >}}` is the PostGIS version and `{{< param operatorVersion >}}` is the PostgreSQL Operator version. Please note, no tag validation will be performed and additional steps may be required to upgrade your PostGIS extension implementation. For more information on PostGIS upgrade considerations, please see diff --git a/docs/content/Upgrade/manual/upgrade4.md b/docs/content/Upgrade/manual/upgrade4.md index da11f86f15..0c2d34baba 100644 --- a/docs/content/Upgrade/manual/upgrade4.md +++ b/docs/content/Upgrade/manual/upgrade4.md @@ -19,7 +19,7 @@ A major change to this container is that the PostgreSQL process is now managed b When creating your new clusters using version {{< param operatorVersion >}} of the PostgreSQL Operator, the `pgo create cluster` command will automatically use the new `crunchy-postgres-ha` image if the image is unspecified. If you are creating a PostGIS enabled cluster, please be sure to use the updated image name and image tag, as with the command: ``` -pgo create cluster mygiscluster --ccp-image=crunchy-postgres-gis-ha --ccp-image-tag={{< param centosBase >}}-{{< param postgresVersion >}}-{{< param postgisVersion >}}-{{< param operatorVersion >}} +pgo create cluster mygiscluster --ccp-image=crunchy-postgres-gis-ha --ccp-image-tag={{< param ubiBase >}}-{{< param postgresVersion >}}-{{< param postgisVersion >}}-{{< param operatorVersion >}} ``` Where `{{< param postgresVersion >}}` is the PostgreSQL version, `{{< param postgisVersion >}}` is the PostGIS version and `{{< param operatorVersion >}}` is the PostgreSQL Operator version. Please note, no tag validation will be performed and additional steps may be required to upgrade your PostGIS extension implementation. For more information on PostGIS upgrade considerations, please see @@ -58,7 +58,7 @@ For example, given the following output: ``` $ pgo show cluster mycluster -cluster : mycluster (crunchy-postgres:centos7-11.5-2.4.2) +cluster : mycluster (crunchy-postgres:ubi8-11.5-2.4.2) pod : mycluster-7bbf54d785-pk5dq (Running) on kubernetes1 (1/1) (replica) pvc : mycluster pod : mycluster-ypvq-5b9b8d645-nvlb6 (Running) on kubernetes1 (1/1) (primary) @@ -223,7 +223,7 @@ For example, given the following output: ``` $ pgo show cluster mycluster -cluster : mycluster (crunchy-postgres:centos7-11.5-2.4.2) +cluster : mycluster (crunchy-postgres:centos8-11.5-2.4.2) pod : mycluster-7bbf54d785-pk5dq (Running) on kubernetes1 (1/1) (replica) pvc : mycluster pod : mycluster-ypvq-5b9b8d645-nvlb6 (Running) on kubernetes1 (1/1) (primary) diff --git a/docs/content/_index.md b/docs/content/_index.md index f83a7c49e1..59564e4991 100644 --- a/docs/content/_index.md +++ b/docs/content/_index.md @@ -1,20 +1,30 @@ --- -title: "Crunchy PostgreSQL Operator" +title: "PGO: The Postgres Operator from Crunchy Data" date: draft: false --- -# Crunchy PostgreSQL Operator +# PGO: The Postgres Operator from Crunchy Data - + PGO: The Postgres Operator from Crunchy Data -## Run your own production-grade PostgreSQL-as-a-Service on Kubernetes! +## Run [Cloud Native PostgreSQL on Kubernetes](https://www.crunchydata.com/products/crunchy-postgresql-for-kubernetes/) with PGO: The [Postgres Operator](https://github.com/CrunchyData/postgres-operator) from [Crunchy Data](https://www.crunchydata.com/)! Latest Release: {{< param operatorVersion >}} -The [Crunchy PostgreSQL Operator](https://www.crunchydata.com/developers/download-postgres/containers/postgres-operator) automates and simplifies deploying and managing open source PostgreSQL clusters on Kubernetes and other Kubernetes-enabled Platforms by providing the essential features you need to keep your PostgreSQL clusters up and running, including: +[PGO](https://www.crunchydata.com/developers/download-postgres/containers/postgres-operator), +the [Postgres Operator](https://github.com/CrunchyData/postgres-operator) +developed by [Crunchy Data](https://crunchydata.com/) and included in +[Crunchy PostgreSQL for Kubernetes](https://www.crunchydata.com/products/crunchy-postgresql-for-kubernetes/), +automates and simplifies deploying and managing open source PostgreSQL clusters +on Kubernetes. -#### PostgreSQL Cluster [Provisioning]({{< relref "/architecture/provisioning.md" >}}) +Whether you need to get a simple Postgres cluster up and running, need to deploy +a high availability, fault tolerant cluster in production, or are running your +own database-as-a-service, the PostgreSQL Operator provides the essential +features you need to keep your cloud native Postgres clusters healthy, including: + +#### Postgres Cluster [Provisioning]({{< relref "/architecture/provisioning.md" >}}) [Create, Scale, & Delete PostgreSQL clusters with ease](/architecture/provisioning/), while fully customizing your Pods and PostgreSQL configuration! @@ -30,7 +40,7 @@ Backups and restores leverage the open source [pgBackRest](https://www.pgbackres #### TLS -Secure communication between your applications and data servers by [enabling TLS for your PostgreSQL servers](/pgo-client/common-tasks/#enable-tls), including the ability to enforce that all of your connections to use TLS. +Secure communication between your applications and data servers by [enabling TLS for your PostgreSQL servers](/pgo-client/common-tasks/#enable-tls), including the ability to enforce all of your connections to use TLS. #### [Monitoring]({{< relref "/architecture/monitoring.md" >}}) @@ -72,16 +82,22 @@ Choose the type of backup (full, incremental, differential) and [how frequently #### Multi-Namespace Support -You can control how the PostgreSQL Operator leverages [Kubernetes Namespaces](https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/) with several different deployment models: +You can control how PGO, the Postgres Operator, leverages [Kubernetes Namespaces](https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/) with several different deployment models: -- Deploy the PostgreSQL Operator and all PostgreSQL clusters to the same namespace -- Deploy the PostgreSQL Operator to one namespaces, and all PostgreSQL clusters to a different namespace -- Deploy the PostgreSQL Operator to one namespace, and have your PostgreSQL clusters managed acrossed multiple namespaces -- Dynamically add and remove namespaces managed by the PostgreSQL Operator using the `pgo create namespace` and `pgo delete namespace` commands +- Deploy PGO and all PostgreSQL clusters to the same namespace +- Deploy PGO to one namespaces, and all PostgreSQL clusters to a different +namespace +- Deploy PGO to one namespace, and have your PostgreSQL clusters managed across +multiple namespaces +- Dynamically add and remove namespaces managed by the PostgreSQL Operator using +the `pgo` client to run `pgo create namespace` and `pgo delete namespace` #### Full Customizability -The Crunchy PostgreSQL Operator makes it easy to get your own PostgreSQL-as-a-Service up and running on Kubernetes-enabled platforms, but we know that there are further customizations that you can make. As such, the Crunchy PostgreSQL Operator allows you to further customize your deployments, including: +The Postgres Operator (PGO) makes it easy to get Postgres up and running on +Kubernetes-enabled platforms, but we know that there are further customizations +that you can make. As such, PGO allows you to further customize your +deployments, including: - Selecting different storage classes for your primary, replica, and backup storage - Select your own container resources class for each PostgreSQL cluster deployment; differentiate between resources applied for primary and replica clusters! @@ -104,6 +120,7 @@ The Crunchy PostgreSQL Operator extends Kubernetes to provide a higher-level abs - [PostgreSQL](https://www.postgresql.org) - [PostgreSQL Contrib Modules](https://www.postgresql.org/docs/current/contrib.html) - [PL/Python + PL/Python 3](https://www.postgresql.org/docs/current/plpython.html) + - [PL/Perl](https://www.postgresql.org/docs/current/plperl.html) - [pgAudit](https://www.pgaudit.org/) - [pgAudit Analyze](https://github.com/pgaudit/pgaudit_analyze) - [pgnodemx](https://github.com/CrunchyData/pgnodemx) @@ -139,24 +156,31 @@ For more information about which versions of the PostgreSQL Operator include whi # Supported Platforms -The Crunchy PostgreSQL Operator is tested on the following Platforms: +PGO, the Postgres Operator, is Kubernetes-native and maintains backwards +compatibility to Kubernetes 1.11 and is tested is tested against the following +platforms: - Kubernetes 1.13+ - OpenShift 3.11+ - Google Kubernetes Engine (GKE), including Anthos - Amazon EKS -- VMware Enterprise PKS 1.3+ +- Microsoft AKS +- VMware Tanzu -## Storage +This list only includes the platforms that the Postgres Operator is specifically +tested on as part of the release process: PGO works on other Kubernetes +distributions as well. -The Crunchy PostgreSQL Operator is tested with a variety of different types of Kubernetes storage and Storage Classes, including: +## Storage -- Rook -- StorageOS -- Google Compute Engine persistent volumes -- NFS -- HostPath +PGO, the Postgres Operator, is tested with a variety of different types of +Kubernetes storage and Storage Classes, as well as hostPath and NFS. -and more. We have had reports of people using the PostgreSQL Operator with other [Storage Classes](https://kubernetes.io/docs/concepts/storage/storage-classes/) as well. +We know there are a variety of different types of [Storage Classes](https://kubernetes.io/docs/concepts/storage/storage-classes/) +available for Kubernetes and we do our best to test each one, but due to the +breadth of this area we are unable to verify Postgres Operator functionality in +each one. With that said, the PostgreSQL Operator is designed to be storage +class agnostic and has been demonstrated to work with additional Storage +Classes. -We know there are a variety of different types of [Storage Classes](https://kubernetes.io/docs/concepts/storage/storage-classes/) available for Kubernetes and we do our best to test each one, but due to the breadth of this area we are unable to verify PostgreSQL Operator functionality in each one. With that said, the PostgreSQL Operator is designed to be storage class agnostic and has been demonstrated to work with additional Storage Classes. Storage is a rapidly evolving field in Kubernetes and we will continue to adapt the PostgreSQL Operator to modern Kubernetes storage standards. +The PGO Postgres Operator project source code is available subject to the [Apache 2.0 license](https://raw.githubusercontent.com/CrunchyData/postgres-operator/master/LICENSE.md) with the PGO logo and branding assets covered by [our trademark guidelines](/logos/TRADEMARKS.md). diff --git a/docs/content/advanced/crunchy-postgres-exporter.md b/docs/content/advanced/crunchy-postgres-exporter.md index b9b2a3ba09..f864a22b5a 100644 --- a/docs/content/advanced/crunchy-postgres-exporter.md +++ b/docs/content/advanced/crunchy-postgres-exporter.md @@ -23,9 +23,9 @@ can be specified for the API to collect. For an example of a queries.yml file, s The crunchy-postgres-exporter Docker image contains the following packages (versions vary depending on PostgreSQL version): -* PostgreSQL ({{< param postgresVersion13 >}}, {{< param postgresVersion12 >}}, {{< param postgresVersion11 >}}, {{< param postgresVersion10 >}}, {{< param postgresVersion96 >}} and {{< param postgresVersion95 >}}) -* CentOS7 - publicly available -* UBI7 - customers only +* PostgreSQL ({{< param postgresVersion13 >}}, {{< param postgresVersion12 >}}, {{< param postgresVersion11 >}}, and {{< param postgresVersion10 >}} +* CentOS 7, UBI 8 - publicly available +* UBI 7, 8 - customers only * [PostgreSQL Exporter](https://github.com/wrouesnel/postgres_exporter) ## Environment Variables diff --git a/docs/content/architecture/disaster-recovery.md b/docs/content/architecture/disaster-recovery.md index deee66dcc5..7833661e07 100644 --- a/docs/content/architecture/disaster-recovery.md +++ b/docs/content/architecture/disaster-recovery.md @@ -196,7 +196,7 @@ to re-enable autofail if you would like your PostgreSQL cluster to be highly-available. You can re-enable autofail with this command: ```shell -pgo update cluster hacluster --autofail=true +pgo update cluster hacluster --enable-autofail ``` ## Scheduling Backups diff --git a/docs/content/architecture/high-availability/_index.md b/docs/content/architecture/high-availability/_index.md index c5f05eaf96..aa1908f3a5 100644 --- a/docs/content/architecture/high-availability/_index.md +++ b/docs/content/architecture/high-availability/_index.md @@ -219,6 +219,30 @@ number of nodes are available to support this configuration, certain deployments will fail, since it will not be possible for Kubernetes to successfully schedule the pods for each deployment. +It is possible to fine tune the pod anti-affinity rules further, specifically, +set different affinity rules for the PostgreSQL, pgBackRest, and pgBouncer +Deployments. These can be handled by the following flags on [`pgo create cluster`]({{< relref "pgo-client/reference/pgo_create_cluster.md">}}): + +- `--pod-anti-affinity`: Sets the pod anti-affinity rules for all the managed +Deployments in the cluster (PostgreSQL, pgBackRest, pgBouncer) +- `--pod-anti-affinity-pgbackrest`: Sets the pod anti-affinity rules for _only_ +the pgBackRest Deployment. This takes precedence over the value of +`--pod-anti-affinity`. +- `--pod-anti-affinity-pgbouncer`: Sets the pod anti-affinity rules for _only_ +the pgBouncer Deployment. This takes precedence over the value of +`--pod-anti-affinity`. + +For example, to use `required` pod anti-affinity between PostgreSQL instances +but use only `preferred` anti-affinity for pgBackRest and pgBouncer, you could +use the following command: + +``` +pgo create cluster hippo --replicas=2 --pgbouncer \ + --pod-anti-affinity=required \ + --pod-anti-affinity=preferred \ + --pod-anti-afinity=preferred +``` + ## Synchronous Replication: Guarding Against Transactions Loss Clusters managed by the Crunchy PostgreSQL Operator can be deployed with diff --git a/docs/content/architecture/high-availability/multi-cluster-kubernetes.md b/docs/content/architecture/high-availability/multi-cluster-kubernetes.md index c6043adba4..1a507bbfb9 100644 --- a/docs/content/architecture/high-availability/multi-cluster-kubernetes.md +++ b/docs/content/architecture/high-availability/multi-cluster-kubernetes.md @@ -93,6 +93,14 @@ that matches that of the active cluster it is replicating. - `--pgbackrest-s3-endpoint`: The S3 endpoint to use - `--pgbackrest-s3-region`: The S3 region to use +If you do not want to set the user credentials, you can retrieve them at a later +time by using the [`pgo show user`]({{< relref "/pgo-client/reference/pgo_show_user.md" >}}) +command with the `--show-system-accounts` flag, e.g. + +``` +pgo show user --show-system-accounts hippo +``` + With respect to the credentials, it should be noted that when the standby cluster is being created within the same Kubernetes cluster AND it has access to the Kubernetes Secret created for the active cluster, one can use the @@ -182,6 +190,9 @@ pgo create cluster hippo-standby --standby --pgbouncer --replica-count=2 \ --password=opensourcehippo ``` +(If you are unsure of your credentials, you can use +`pgo show user hippo --show-system-accounts` to retrieve them). + Note the use of the `--pgbackrest-repo-path` flag as it points to the name of the pgBackRest repository that is used for the original `hippo` cluster. @@ -208,14 +219,14 @@ command. ``` pgo show cluster hippo -cluster : standby (crunchy-postgres-ha:{{< param centosBase >}}-{{< param postgresVersion >}}-{{< param operatorVersion >}}) +cluster : standby (crunchy-postgres-ha:{{< param ubiBase >}}-{{< param postgresVersion >}}-{{< param operatorVersion >}}) standby : true ``` ## Promoting a Standby Cluster There comes a time where a standby cluster needs to be promoted to an active cluster. Promoting a standby cluster means that a PostgreSQL instance within -it will become a priary and start accepting both reads and writes. This has the +it will become a primary and start accepting both reads and writes. This has the net effect of pushing WAL (transaction archives) to the pgBackRest repository, so we need to take a few steps first to ensure we don't accidentally create a split-brain scenario. diff --git a/docs/content/architecture/namespace.md b/docs/content/architecture/namespace.md index f6b4265723..1a551a8b91 100644 --- a/docs/content/architecture/namespace.md +++ b/docs/content/architecture/namespace.md @@ -34,8 +34,8 @@ settings. Enables full dynamic namespace capabilities, in which the Operator can create, delete and update any namespaces within a Kubernetes cluster. With `dynamic` mode enabled, the PostgreSQL Operator -can respond to namespace events in a Kubernetes cluster, such as when a namespace is created, and -take an appropriate action, such as adding the PostgreSQL Operator controllers for the newly +can respond to namespace events in a Kubernetes cluster, such as when a namespace is created, and +take an appropriate action, such as adding the PostgreSQL Operator controllers for the newly created namespace. The following defines the namespace permissions required for the `dynamic` mode to be enabled: @@ -62,8 +62,8 @@ rules: ### `readonly` -In `readonly` mode, the PostgreSQL Operator is still able to listen to namespace events within a -Kubernetes cluster, but it can no longer modify (create, update, delete) namespaces. For example, +In `readonly` mode, the PostgreSQL Operator is still able to listen to namespace events within a +Kubernetes cluster, but it can no longer modify (create, update, delete) namespaces. For example, if a Kubernetes administrator creates a namespace, the PostgreSQL Operator can respond and create controllers for that namespace. @@ -95,7 +95,7 @@ Operator is unable to dynamically respond to namespace events in the cluster, i target namespaces are deleted or new target namespaces need to be added, the PostgreSQL Operator will need to be re-deployed. -Please note that it is important to redeploy the PostgreSQL Operator following the deletion of a +Please note that it is important to redeploy the PostgreSQL Operator following the deletion of a target namespace to ensure it no longer attempts to listen for events in that namespace. The `disabled` mode is enabled the when the PostgreSQL Operator has not been assigned namespace @@ -103,22 +103,22 @@ permissions. ## RBAC Reconciliation -By default, the PostgreSQL Operator will attempt to reconcile RBAC resources (ServiceAccounts, +By default, the PostgreSQL Operator will attempt to reconcile RBAC resources (ServiceAccounts, Roles and RoleBindings) within each namespace configured for the PostgreSQL Operator installation. This allows the PostgreSQL Operator to create, update and delete the various RBAC resources it requires in order to properly create and manage PostgreSQL clusters within each targeted namespace (this includes self-healing RBAC resources as needed if removed and/or misconfigured). In order for RBAC reconciliation to function properly, the PostgreSQL Operator ServiceAccount must -be assigned a certain set of permissions. While the PostgreSQL Operator is not concerned with +be assigned a certain set of permissions. While the PostgreSQL Operator is not concerned with exactly how it has been assigned the permissions required to reconcile RBAC in each target -namespace, the various [installation methods]({{< relref "installation" >}}) supported by the +namespace, the various [installation methods]({{< relref "installation" >}}) supported by the PostgreSQL Operator install a recommended set permissions based on the specific Namespace Operating Mode enabled (see section [Namespace Operating Modes]({{< relref "#namespace-operating-modes" >}}) above for more information regarding the various Namespace Operating Modes available). -The following section defines the recommended set of permissions that should be assigned to the -PostgreSQL Operator ServiceAccount in order to ensure proper RBAC reconciliation based on the +The following section defines the recommended set of permissions that should be assigned to the +PostgreSQL Operator ServiceAccount in order to ensure proper RBAC reconciliation based on the specific Namespace Operating Mode enabled. Please note that each PostgreSQL Operator installation method handles the initial configuration and setup of the permissions shown below based on the Namespace Operating Mode configured during installation. @@ -127,7 +127,7 @@ Namespace Operating Mode configured during installation. When using the `dynamic` Namespace Operating Mode, it is recommended that the PostgreSQL Operator ServiceAccount be granted permissions to manage RBAC inside any namespace in the Kubernetes cluster -via a ClusterRole. This allows for a fully-hands off approach to managing RBAC within each +via a ClusterRole. This allows for a fully-hands off approach to managing RBAC within each targeted namespace space. In other words, as namespaces are added and removed post-installation of the PostgreSQL Operator (e.g. using `pgo create namespace` or `pgo delete namespace`), the Operator is able to automatically reconcile RBAC in those namespaces without the need for any external @@ -170,8 +170,6 @@ rules: - endpoints - pods - pods/exec - - pods/log - - replicasets - secrets - services - persistentvolumeclaims @@ -184,10 +182,19 @@ rules: - update - delete - deletecollection + - apiGroups: + - '' + resources: + - pods/log + verbs: + - get + - list + - watch - apiGroups: - apps resources: - deployments + - replicasets verbs: - get - list @@ -230,7 +237,7 @@ rules: ### `readonly` & `disabled` Namespace Operating Modes -When using the `readonly` or `disabled` Namespace Operating Modes, it is recommended that the +When using the `readonly` or `disabled` Namespace Operating Modes, it is recommended that the PostgreSQL Operator ServiceAccount be granted permissions to manage RBAC inside of any configured namespaces using local Roles within each targeted namespace. This means that as new namespaces are added and removed post-installation of the PostgreSQL Operator, an administrator must manually diff --git a/docs/content/contributing/developer-setup.md b/docs/content/contributing/developer-setup.md index 113139e607..30413da4dd 100644 --- a/docs/content/contributing/developer-setup.md +++ b/docs/content/contributing/developer-setup.md @@ -24,7 +24,7 @@ Variable | Example | Description `GOPATH` | $HOME/odev | Golang project directory `PGOROOT` | $GOPATH/src/github.com/crunchydata/postgres-operator | Operator repository location `PGO_CONF_DIR` | $PGOROOT/installers/ansible/roles/pgo-operator/files | Operator Config Template Directory -`PGO_BASEOS` | {{< param centosBase >}} | Base OS for container images +`PGO_BASEOS` | {{< param ubiBase >}} | Base OS for container images `PGO_CMD` | kubectl | Cluster management tool executable `PGO_IMAGE_PREFIX` | crunchydata | Container image prefix `PGO_OPERATOR_NAMESPACE` | pgo | Kubernetes namespace for the operator diff --git a/docs/content/custom-resources/_index.md b/docs/content/custom-resources/_index.md index e27adfd3e6..58290f8acc 100644 --- a/docs/content/custom-resources/_index.md +++ b/docs/content/custom-resources/_index.md @@ -35,291 +35,219 @@ need to interface through the [`pgo` client]({{< relref "/pgo-client/_index.md" The following sections will describe the functionality that is available today when manipulating the PostgreSQL Operator Custom Resources directly. -## PostgreSQL Operator Custom Resource Definitions - -There are several PostgreSQL Operator Custom Resource Definitions (CRDs) that -are installed in order for the PostgreSQL Operator to successfully function: - -- `pgclusters.crunchydata.com`: Stores information required to manage a -PostgreSQL cluster. This includes things like the cluster name, what storage and -resource classes to use, which version of PostgreSQL to run, information about -how to maintain a high-availability cluster, etc. -- `pgreplicas.crunchydata.com`: Stores information required to manage the -replicas within a PostgreSQL cluster. This includes things like the number of -replicas, what storage and resource classes to use, special affinity rules, etc. -- `pgtasks.crunchydata.com`: A general purpose CRD that accepts a type of task -that is needed to run against a cluster (e.g. take a backup) and tracks the -state of said task through its workflow. -- `pgpolicies.crunchydata.com`: Stores a reference to a SQL file that can be -executed against a PostgreSQL cluster. In the past, this was used to manage RLS -policies on PostgreSQL clusters. - -Below takes an in depth look for what each attribute does in a Custom Resource -Definition, and how they can be used in the creation and update workflow. - -### Glossary - -- `create`: if an attribute is listed as `create`, it means it can affect what -happens when a new Custom Resource is created. -- `update`: if an attribute is listed as `update`, it means it can affect the -Custom Resource, and by extension the objects it manages, when the attribute is -updated. - -### `pgclusters.crunchydata.com` - -The `pgclusters.crunchydata.com` Custom Resource Definition is the fundamental -definition of a PostgreSQL cluster. Most attributes only affect the deployment -of a PostgreSQL cluster at the time the PostgreSQL cluster is created. Some -attributes can be modified during the lifetime of the PostgreSQL cluster and -make changes, as described below. - -#### Specification (`Spec`) - -| Attribute | Action | Description | -|-----------|--------|-------------| -| Annotations | `create`, `update` | Specify Kubernetes [Annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) that can be applied to the different deployments managed by the PostgreSQL Operator (PostgreSQL, pgBackRest, pgBouncer). For more information, please see the "Annotations Specification" below. | -| BackrestConfig | `create` | Optional references to pgBackRest configuration files -| BackrestLimits | `create`, `update` | Specify the container resource limits that the pgBackRest repository should use. Follows the [Kubernetes definitions of resource limits](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container). | -| BackrestResources | `create`, `update` | Specify the container resource requests that the pgBackRest repository should use. Follows the [Kubernetes definitions of resource requests](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container). | -| BackrestS3Bucket | `create` | An optional parameter that specifies a S3 bucket that pgBackRest should use. | -| BackrestS3Endpoint | `create` | An optional parameter that specifies the S3 endpoint pgBackRest should use. | -| BackrestS3Region | `create` | An optional parameter that specifies a cloud region that pgBackRest should use. | -| BackrestS3URIStyle | `create` | An optional parameter that specifies if pgBackRest should use the `path` or `host` S3 URI style. | -| BackrestS3VerifyTLS | `create` | An optional parameter that specifies if pgBackRest should verify the TLS endpoint. | -| BackrestStorage | `create` | A specification that gives information about the storage attributes for the pgBackRest repository, which stores backups and archives, of the PostgreSQL cluster. For details, please see the `Storage Specification` section below. This is required. | -| CCPImage | `create` | The name of the PostgreSQL container image to use, e.g. `crunchy-postgres-ha` or `crunchy-postgres-ha-gis`. | -| CCPImagePrefix | `create` | If provided, the image prefix (or registry) of the PostgreSQL container image, e.g. `registry.developers.crunchydata.com/crunchydata`. The default is to use the image prefix set in the PostgreSQL Operator configuration. | -| CCPImageTag | `create` | The tag of the PostgreSQL container image to use, e.g. `{{< param centosBase >}}-{{< param postgresVersion >}}-{{< param operatorVersion >}}`. | -| CollectSecretName | `create` | An optional attribute unless `crunchy-postgres-exporter` is specified in the `UserLabels`; contains the name of a Kubernetes Secret that contains the credentials for a PostgreSQL user that is used for metrics collection, and is created when the PostgreSQL cluster is first bootstrapped. For more information, please see `User Secret Specification`.| -| ClusterName | `create` | The name of the PostgreSQL cluster, e.g. `hippo`. This is used to group PostgreSQL instances (primary, replicas) together. | -| CustomConfig | `create` | If specified, references a custom ConfigMap to use when bootstrapping a PostgreSQL cluster. For the shape of this file, please see the section on [Custom Configuration]({{< relref "/advanced/custom-configuration.md" >}}) | -| Database | `create` | The name of a database that the PostgreSQL user can log into after the PostgreSQL cluster is created. | -| ExporterLimits | `create`, `update` | Specify the container resource limits that the `crunchy-postgres-exporter` sidecar uses when it is deployed with a PostgreSQL instance. Follows the [Kubernetes definitions of resource limits](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container). | -| ExporterPort | `create` | If the `"crunchy-postgres-exporter"` label is set in `UserLabels`, then this specifies the port that the metrics sidecar runs on (e.g. `9187`) | -| ExporterResources | `create`, `update` | Specify the container resource requests that the `crunchy-postgres-exporter` sidecar uses when it is deployed with a PostgreSQL instance. Follows the [Kubernetes definitions of resource requests](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container). | -| Limits | `create`, `update` | Specify the container resource limits that the PostgreSQL cluster should use. Follows the [Kubernetes definitions of resource limits](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container). | -| Name | `create` | The name of the PostgreSQL instance that is the primary. On creation, this should be set to be the same as `ClusterName`. | -| Namespace | `create` | The Kubernetes Namespace that the PostgreSQL cluster is deployed in. | -| PGBadgerPort | `create` | If the `"crunchy-pgbadger"` label is set in `UserLabels`, then this specifies the port that the pgBadger sidecar runs on (e.g. `10000`) | -| PGDataSource | `create` | Used to indicate if a PostgreSQL cluster should bootstrap its data from a pgBackRest repository. This uses the PostgreSQL Data Source Specification, described below. | -| PGOImagePrefix | `create` | If provided, the image prefix (or registry) of any PostgreSQL Operator images that are used for jobs, e.g. `registry.developers.crunchydata.com/crunchydata`. The default is to use the image prefix set in the PostgreSQL Operator configuration. | -| PgBouncer | `create`, `update` | If specified, defines the attributes to use for the pgBouncer connection pooling deployment that can be used in conjunction with this PostgreSQL cluster. Please see the specification defined below. | -| PodAntiAffinity | `create` | A required section. Sets the [pod anti-affinity rules]({{< relref "/architecture/high-availability/_index.md#how-the-crunchy-postgresql-operator-uses-pod-anti-affinity" >}}) for the PostgreSQL cluster and associated deployments. Please see the `Pod Anti-Affinity Specification` section below. | -| Policies | `create` | If provided, a comma-separated list referring to `pgpolicies.crunchydata.com.Spec.Name` that should be run once the PostgreSQL primary is first initialized. | -| Port | `create` | The port that PostgreSQL will run on, e.g. `5432`. | -| PrimaryStorage | `create` | A specification that gives information about the storage attributes for the primary instance in the PostgreSQL cluster. For details, please see the `Storage Specification` section below. This is required. | -| RootSecretName | `create` | The name of a Kubernetes Secret that contains the credentials for a PostgreSQL _replication user_ that is created when the PostgreSQL cluster is first bootstrapped. For more information, please see `User Secret Specification`.| -| ReplicaStorage | `create` | A specification that gives information about the storage attributes for any replicas in the PostgreSQL cluster. For details, please see the `Storage Specification` section below. This will likely be changed in the future based on the nature of the high-availability system, but presently it is still required that you set it. It is recommended you use similar settings to that of `PrimaryStorage`. | -| Replicas | `create` | The number of replicas to create after a PostgreSQL primary is first initialized. This only works on create; to scale a cluster after it is initialized, please use the [`pgo scale`]({{< relref "/pgo-client/reference/pgo_scale.md" >}}) command. | -| Resources | `create`, `update` | Specify the container resource requests that the PostgreSQL cluster should use. Follows the [Kubernetes definitions of resource requests](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container). | -| RootSecretName | `create` | The name of a Kubernetes Secret that contains the credentials for a PostgreSQL superuser that is created when the PostgreSQL cluster is first bootstrapped. For more information, please see `User Secret Specification`.| -| SyncReplication | `create` | If set to `true`, specifies the PostgreSQL cluster to use [synchronous replication]({{< relref "/architecture/high-availability/_index.md#how-the-crunchy-postgresql-operator-uses-pod-anti-affinity#synchronous-replication-guarding-against-transactions-loss" >}}).| -| User | `create` | The name of the PostgreSQL user that is created when the PostgreSQL cluster is first created. | -| UserLabels | `create` | A set of key-value string pairs that are used as a sort of "catch-all" for things that really should be modeled in the CRD. These values do get copied to the actually CR labels. If you want to set up metrics collection or pgBadger, you would specify `"crunchy-postgres-exporter": "true"` and `"crunchy-pgbadger": "true"` here, respectively. However, this structure does need to be set, so just follow whatever is in the example. | -| UserSecretName | `create` | The name of a Kubernetes Secret that contains the credentials for a standard PostgreSQL user that is created when the PostgreSQL cluster is first bootstrapped. For more information, please see `User Secret Specification`.| -| TablespaceMounts | `create`,`update` | Lists any tablespaces that are attached to the PostgreSQL cluster. Tablespaces can be added at a later time by updating the `TablespaceMounts` entry, but they cannot be removed. Stores a map of information, with the key being the name of the tablespace, and the value being a Storage Specification, defined below. | -| TLS | `create` | Defines the attributes for enabling TLS for a PostgreSQL cluster. See TLS Specification below. | -| TLSOnly | `create` | If set to true, requires client connections to use only TLS to connect to the PostgreSQL database. | -| Standby | `create`, `update` | If set to true, indicates that the PostgreSQL cluster is a "standby" cluster, i.e. is in read-only mode entirely. Please see [Kubernetes Multi-Cluster Deployments]({{< relref "/architecture/high-availability/multi-cluster-kubernetes.md" >}}) for more information. | -| Shutdown | `create`, `update` | If set to true, indicates that a PostgreSQL cluster should shutdown. If set to false, indicates that a PostgreSQL cluster should be up and running. | - -##### Storage Specification - -The storage specification is a spec that defines attributes about the storage to -be used for a particular function of a PostgreSQL cluster (e.g. a primary -instance or for the pgBackRest backup repository). The below describes each -attribute and how it works. - -| Attribute | Action | Description | -|-----------|--------|-------------| -| AccessMode| `create` | The name of the Kubernetes Persistent Volume [Access Mode](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) to use. | -| MatchLabels | `create` | Only used with `StorageType` of `create`, used to match a particular subset of provisioned Persistent Volumes. | -| Name | `create` | Only needed for `PrimaryStorage` in `pgclusters.crunchydata.com`.Used to identify the name of the PostgreSQL cluster. Should match `ClusterName`. | -| Size | `create` | The size of the [Persistent Volume Claim](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) (PVC). Must use a Kubernetes resource value, e.g. `20Gi`. | -| StorageClass | `create` | The name of the Kubernetes [StorageClass](https://kubernetes.io/docs/concepts/storage/storage-classes/) to use. | -| StorageType | `create` | Set to `create` if storage is provisioned (e.g. using `hostpath`). Set to `dynamic` if using a dynamic storage provisioner, e.g. via a `StorageClass`. | -| SupplementalGroups | `create` | If provided, a comma-separated list of group IDs to use in case it is needed to interface with a particular storage system. Typically used with NFS or hostpath storage. | - -##### Pod Anti-Affinity Specification - -Sets the [pod anti-affinity]({{< relref "/architecture/high-availability/_index.md#how-the-crunchy-postgresql-operator-uses-pod-anti-affinity" >}}) -for the PostgreSQL cluster and associated deployments. Each attribute can -contain one of the following values: - -- `required` -- `preferred` (which is also the recommended default) -- `disabled` - -For a detailed explanation for how this works. Please see the [high-availability]({{< relref "/architecture/high-availability/_index.md#how-the-crunchy-postgresql-operator-uses-pod-anti-affinity" >}}) -documentation. - -| Attribute | Action | Description | -|-----------|--------|-------------| -| Default | `create` | The default pod anti-affinity to use for all Pods managed in a given PostgreSQL cluster. | -| PgBackRest | `create` | If set to a value that differs from `Default`, specifies the pod anti-affinity to use for just the pgBackRest repository. | -| PgBouncer | `create` | If set to a value that differs from `Default`, specifies the pod anti-affinity to use for just the pgBouncer Pods. | - -##### PostgreSQL Data Source Specification +## Custom Resource Workflows -This specification is used when one wants to bootstrap the data in a PostgreSQL -cluster from a pgBackRest repository. This can be a pgBackRest repository that -is attached to an active PostgreSQL cluster or is kept around to be used for -spawning new PostgreSQL clusters. +### Create a PostgreSQL Cluster -| Attribute | Action | Description | -|-----------|--------|-------------| -| RestoreFrom | `create` | The name of a PostgreSQL cluster, active or former, that will be used for bootstrapping the data of a new PostgreSQL cluster. | -| RestoreOpts | `create` | Additional pgBackRest [restore options](https://pgbackrest.org/command.html#command-restore) that can be used as part of the bootstrapping operation, for example, point-in-time-recovery options. | +The fundamental workflow for interfacing with a PostgreSQL Operator Custom +Resource Definition is for creating a PostgreSQL cluster. However, this is also +one of the most complicated workflows to go through, as there are several +Kubernetes objects that need to be created prior to using this method. These +include: -##### TLS Specification +- Secrets + - Information for setting up a pgBackRest repository + - PostgreSQL superuser bootstrap credentials + - PostgreSQL replication user bootstrap credentials + - PostgresQL standard user bootstrap credentials -The TLS specification makes a reference to the various secrets that are required -to enable TLS in a PostgreSQL cluster. For more information on how these secrets -should be structured, please see [Enabling TLS in a PostgreSQL Cluster]({{< relref "/pgo-client/common-tasks.md#enable-tls" >}}). +Additionally, if you want to add some of the other sidecars, you may need to +create additional secrets. -| Attribute | Action | Description | -|-----------|--------|-------------| -| CASecret | `create` | A reference to the name of a Kubernetes Secret that specifies a certificate authority for the PostgreSQL cluster to trust. | -| ReplicationTLSSecret | `create` | A reference to the name of a Kubernetes TLS Secret that contains a keypair for authenticating the replication user. Must be used with `CASecret` and `TLSSecret`. | -| TLSSecret | `create` | A reference to the name of a Kubernetes TLS Secret that contains a keypair that is used for the PostgreSQL instance to identify itself and perform TLS communications with PostgreSQL clients. Must be used with `CASecret`. | +The following guide goes through how to create a PostgreSQL cluster called +`hippo` by creating a new custom resource. -##### pgBouncer Specification +#### Step 1: Creating the PostgreSQL User Secrets -The pgBouncer specification defines how a pgBouncer deployment can be deployed -alongside the PostgreSQL cluster. pgBouncer is a PostgreSQL connection pooler -that can also help manage connection state, and is helpful to deploy alongside -a PostgreSQL cluster to help with failover scenarios too. +As mentioned above, there are a minimum of three PostgreSQL user accounts that +you must create in order to bootstrap a PostgreSQL cluster. These are: -| Attribute | Action | Description | -|-----------|--------|-------------| -| Limits | `create`, `update` | Specify the container resource limits that the pgBouncer Pods should use. Follows the [Kubernetes definitions of resource limits](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container). | -| Replicas | `create`, `update` | The number of pgBouncer instances to deploy. Must be set to at least `1` to deploy pgBouncer. Setting to `0` removes an existing pgBouncer deployment for the PostgreSQL cluster. | -| Resources | `create`, `update` | Specify the container resource requests that the pgBouncer Pods should use. Follows the [Kubernetes definitions of resource requests](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container). | +- A PostgreSQL superuser +- A replication user +- A standard PostgreSQL user -##### Annotations Specification +The below code will help you set up these Secrets. -The `pgcluster.crunchydata.com` specification contains a block that allows for -custom [Annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) -to be applied to the Deployments that are managed by the PostgreSQL Operator, -including: +``` +# this variable is the name of the cluster being created +pgo_cluster_name=hippo +# this variable is the namespace the cluster is being deployed into +cluster_namespace=pgo -- PostgreSQL -- pgBackRest -- pgBouncer +# this is the superuser secret +kubectl create secret generic -n "${cluster_namespace}" "${pgo_cluster_name}-postgres-secret" \ + --from-literal=username=postgres \ + --from-literal=password=Supersecurepassword* -This also includes the option to apply Annotations globally across the three -different deployment groups. +# this is the replication user secret +kubectl create secret generic -n "${cluster_namespace}" "${pgo_cluster_name}-primaryuser-secret" \ + --from-literal=username=primaryuser \ + --from-literal=password=Anothersecurepassword* -| Attribute | Action | Description | -|-----------|--------|-------------| -| Backrest | `create`, `update` | Specify annotations that are only applied to the pgBackRest deployments | -| Global | `create`, `update` | Specify annotations that are applied to the PostgreSQL, pgBackRest, and pgBouncer deployments | -| PgBouncer | `create`, `update` | Specify annotations that are only applied to the pgBouncer deployments | -| Postgres | `create`, `update` | Specify annotations that are only applied to the PostgreSQL deployments | +# this is the standard user secret +kubectl create secret generic -n "${cluster_namespace}" "${pgo_cluster_name}-hippo-secret" \ + --from-literal=username=hippo \ + --from-literal=password=Moresecurepassword* -### `pgreplicas.crunchydata.com` -The `pgreplicas.crunchydata.com` Custom Resource Definition contains information -pertaning to the structure of PostgreSQL replicas associated within a PostgreSQL -cluster. All of the attributes only affect the replica when it is created. +kubectl label secrets -n "${cluster_namespace}" "${pgo_cluster_name}-postgres-secret" "pg-cluster=${pgo_cluster_name}" +kubectl label secrets -n "${cluster_namespace}" "${pgo_cluster_name}-primaryuser-secret" "pg-cluster=${pgo_cluster_name}" +kubectl label secrets -n "${cluster_namespace}" "${pgo_cluster_name}-hippo-secret" "pg-cluster=${pgo_cluster_name}" +``` -#### Specification (`Spec`) +#### Step 2: Create the PostgreSQL Cluster -| Attribute | Action | Description | -|-----------|--------|-------------| -| ClusterName | `create` | The name of the PostgreSQL cluster, e.g. `hippo`. This is used to group PostgreSQL instances (primary, replicas) together. | -| Name | `create` | The name of this PostgreSQL replica. It should be unique within a `ClusterName`. | -| Namespace | `create` | The Kubernetes Namespace that the PostgreSQL cluster is deployed in. | -| ReplicaStorage | `create` | A specification that gives information about the storage attributes for any replicas in the PostgreSQL cluster. For details, please see the `Storage Specification` section in the `pgclusters.crunchydata.com` description. This will likely be changed in the future based on the nature of the high-availability system, but presently it is still required that you set it. It is recommended you use similar settings to that of `PrimaryStorage`. | -| UserLabels | `create` | A set of key-value string pairs that are used as a sort of "catch-all" for things that really should be modeled in the CRD. These values do get copied to the actually CR labels. If you want to set up metrics collection, you would specify `"crunchy-postgres-exporter": "true"` here. This also allows for node selector pinning using `NodeLabelKey` and `NodeLabelValue`. However, this structure does need to be set, so just follow whatever is in the example. | +With the Secrets in place. It is now time to create the PostgreSQL cluster. -## Custom Resource Workflows +The below manifest references the Secrets created in the previous step to add a +custom resource to the `pgclusters.crunchydata.com` custom resource definition. -### Create a PostgreSQL Cluster +**NOTE**: You will need to modify the storage sections to match your storage +configuration. -The fundamental workflow for interfacing with a PostgreSQL Operator Custom -Resource Definition is for creating a PostgreSQL cluster. However, this is also -one of the most complicated workflows to go through, as there are several -Kubernetes objects that need to be created prior to using this method. These -include: +``` +# this variable is the name of the cluster being created +export pgo_cluster_name=hippo +# this variable is the namespace the cluster is being deployed into +export cluster_namespace=pgo -- Secrets - - Information for setting up a pgBackRest repository - - PostgreSQL superuser bootstrap credentials - - PostgreSQL replication user bootstrap credentials - - PostgresQL standard user bootstrap credentials +cat <<-EOF > "${pgo_cluster_name}-pgcluster.yaml" +apiVersion: crunchydata.com/v1 +kind: Pgcluster +metadata: + annotations: + current-primary: ${pgo_cluster_name} + labels: + autofail: "true" + crunchy-pgbadger: "false" + crunchy-pgha-scope: ${pgo_cluster_name} + crunchy-postgres-exporter: "false" + deployment-name: ${pgo_cluster_name} + name: ${pgo_cluster_name} + pg-cluster: ${pgo_cluster_name} + pg-pod-anti-affinity: "" + pgo-backrest: "true" + pgo-version: {{< param operatorVersion >}} + pgouser: admin + name: ${pgo_cluster_name} + namespace: ${cluster_namespace} +spec: + BackrestStorage: + accessmode: ReadWriteMany + matchLabels: "" + name: "" + size: 1G + storageclass: "" + storagetype: create + supplementalgroups: "" + PrimaryStorage: + accessmode: ReadWriteMany + matchLabels: "" + name: ${pgo_cluster_name} + size: 1G + storageclass: "" + storagetype: create + supplementalgroups: "" + ReplicaStorage: + accessmode: ReadWriteMany + matchLabels: "" + name: "" + size: 1G + storageclass: "" + storagetype: create + supplementalgroups: "" + annotations: + backrestLimits: {} + backrestRepoPath: "" + backrestResources: + memory: 48Mi + backrestS3Bucket: "" + backrestS3Endpoint: "" + backrestS3Region: "" + backrestS3URIStyle: "" + backrestS3VerifyTLS: "" + ccpimage: crunchy-postgres-ha + ccpimageprefix: registry.developers.crunchydata.com/crunchydata + ccpimagetag: {{< param ubiBase >}}-{{< param postgresVersion >}}-{{< param operatorVersion >}} + clustername: ${pgo_cluster_name} + customconfig: "" + database: ${pgo_cluster_name} + exporterport: "9187" + limits: {} + name: ${pgo_cluster_name} + namespace: ${cluster_namespace} + pgBouncer: + limits: {} + replicas: 0 + pgDataSource: + restoreFrom: "" + restoreOpts: "" + pgbadgerport: "10000" + pgoimageprefix: registry.developers.crunchydata.com/crunchydata + podAntiAffinity: + default: preferred + pgBackRest: preferred + pgBouncer: preferred + policies: "" + port: "5432" + primarysecretname: ${pgo_cluster_name}-primaryuser-secret + replicas: "0" + rootsecretname: ${pgo_cluster_name}-postgres-secret + shutdown: false + standby: false + tablespaceMounts: {} + tls: + caSecret: "" + replicationTLSSecret: "" + tlsSecret: "" + tlsOnly: false + user: hippo + userlabels: + crunchy-postgres-exporter: "false" + pg-pod-anti-affinity: "" + pgo-version: {{< param operatorVersion >}} + usersecretname: ${pgo_cluster_name}-hippo-secret +EOF -Additionally, if you want to add some of the other sidecars, you may need to -create additional secrets. +kubectl apply -f "${pgo_cluster_name}-pgcluster.yaml" +``` -The following guide goes through how to create a PostgreSQL cluster called -`hippo` by creating a new custom resource. +### Create a PostgreSQL Cluster With Backups in S3 -#### Step 1: Create the pgBackRest Secret +A frequent use case is to create a PostgreSQL cluster with S3 or a S3-like +storage system for storing backups. This requires adding a Secret that contains +the S3 key and key secret for your account, and adding some additional +information into the custom resource. -pgBackRest is a fundamental part of a PostgreSQL deployment with the PostgreSQL -Operator: not only is it a backup and archive repository, but it also helps with -operations such as self-healing. A PostgreSQL instance a pgBackRest communicate -using ssh, and as such, we need to generate a unique ssh keypair for -communication for each PostgreSQL cluster we deploy. +#### Step 1: Create the pgBackRest S3 Secrets -In this example, we generate a ssh keypair using ED25519 keys, but if your -environment requires it, you can also use RSA keys. +As mentioned above, it is necessary to create a Secret containing the S3 key and +key secret that will allow a user to create backups in S3. -In your working directory, run the following commands: +The below code will help you set up this Secret. -
+```
 # this variable is the name of the cluster being created
-export pgo_cluster_name=hippo
+pgo_cluster_name=hippo
 # this variable is the namespace the cluster is being deployed into
-export cluster_namespace=pgo
-
-# generate a SSH public/private keypair for use by pgBackRest
-ssh-keygen -t ed25519 -N '' -f "${pgo_cluster_name}-key"
-
-# base64 encoded the keys for the generation of the Kubernetes secret, and place
-# them into variables temporarily
-public_key_temp=$(cat "${pgo_cluster_name}-key.pub" | base64)
-private_key_temp=$(cat "${pgo_cluster_name}-key" | base64)
-export pgbackrest_public_key="${public_key_temp//[$'\n']}" pgbackrest_private_key="${private_key_temp//[$'\n']}"
-
-# create the backrest-repo-config example file and substitute in the newly
-# created keys
-#
-# (Note: that the "config" / "sshd_config" entries contain configuration to
-# ensure that PostgreSQL instances are able to communicate with the pgBackRest
-# repository, which houses backups and archives, and vice versa. Most of the
-# settings follow the sshd defaults, with a few overrides. Edit at your own
-# discretion.)
-cat <<-EOF > "${pgo_cluster_name}-backrest-repo-config.yaml"
-apiVersion: v1
-kind: Secret
-type: Opaque
-metadata:
-  labels:
-    pg-cluster: ${pgo_cluster_name}
-    pgo-backrest-repo: "true"
-  name: ${pgo_cluster_name}-backrest-repo-config
-  namespace: ${cluster_namespace}
-data:
-  authorized_keys: ${pgbackrest_public_key}
-  id_ed25519: ${pgbackrest_private_key}
-  ssh_host_ed25519_key: ${pgbackrest_private_key}
-  config: SG9zdCAqClN0cmljdEhvc3RLZXlDaGVja2luZyBubwpJZGVudGl0eUZpbGUgL3RtcC9pZF9lZDI1NTE5ClBvcnQgMjAyMgpVc2VyIHBnYmFja3Jlc3QK
-  sshd_config: IwkkT3BlbkJTRDogc3NoZF9jb25maWcsdiAxLjEwMCAyMDE2LzA4LzE1IDEyOjMyOjA0IG5hZGR5IEV4cCAkCgojIFRoaXMgaXMgdGhlIHNzaGQgc2VydmVyIHN5c3RlbS13aWRlIGNvbmZpZ3VyYXRpb24gZmlsZS4gIFNlZQojIHNzaGRfY29uZmlnKDUpIGZvciBtb3JlIGluZm9ybWF0aW9uLgoKIyBUaGlzIHNzaGQgd2FzIGNvbXBpbGVkIHdpdGggUEFUSD0vdXNyL2xvY2FsL2JpbjovdXNyL2JpbgoKIyBUaGUgc3RyYXRlZ3kgdXNlZCBmb3Igb3B0aW9ucyBpbiB0aGUgZGVmYXVsdCBzc2hkX2NvbmZpZyBzaGlwcGVkIHdpdGgKIyBPcGVuU1NIIGlzIHRvIHNwZWNpZnkgb3B0aW9ucyB3aXRoIHRoZWlyIGRlZmF1bHQgdmFsdWUgd2hlcmUKIyBwb3NzaWJsZSwgYnV0IGxlYXZlIHRoZW0gY29tbWVudGVkLiAgVW5jb21tZW50ZWQgb3B0aW9ucyBvdmVycmlkZSB0aGUKIyBkZWZhdWx0IHZhbHVlLgoKIyBJZiB5b3Ugd2FudCB0byBjaGFuZ2UgdGhlIHBvcnQgb24gYSBTRUxpbnV4IHN5c3RlbSwgeW91IGhhdmUgdG8gdGVsbAojIFNFTGludXggYWJvdXQgdGhpcyBjaGFuZ2UuCiMgc2VtYW5hZ2UgcG9ydCAtYSAtdCBzc2hfcG9ydF90IC1wIHRjcCAjUE9SVE5VTUJFUgojClBvcnQgMjAyMgojQWRkcmVzc0ZhbWlseSBhbnkKI0xpc3RlbkFkZHJlc3MgMC4wLjAuMAojTGlzdGVuQWRkcmVzcyA6OgoKSG9zdEtleSAvc3NoZC9zc2hfaG9zdF9lZDI1NTE5X2tleQoKIyBDaXBoZXJzIGFuZCBrZXlpbmcKI1Jla2V5TGltaXQgZGVmYXVsdCBub25lCgojIExvZ2dpbmcKI1N5c2xvZ0ZhY2lsaXR5IEFVVEgKU3lzbG9nRmFjaWxpdHkgQVVUSFBSSVYKI0xvZ0xldmVsIElORk8KCiMgQXV0aGVudGljYXRpb246CgojTG9naW5HcmFjZVRpbWUgMm0KUGVybWl0Um9vdExvZ2luIG5vClN0cmljdE1vZGVzIG5vCiNNYXhBdXRoVHJpZXMgNgojTWF4U2Vzc2lvbnMgMTAKClB1YmtleUF1dGhlbnRpY2F0aW9uIHllcwoKIyBUaGUgZGVmYXVsdCBpcyB0byBjaGVjayBib3RoIC5zc2gvYXV0aG9yaXplZF9rZXlzIGFuZCAuc3NoL2F1dGhvcml6ZWRfa2V5czIKIyBidXQgdGhpcyBpcyBvdmVycmlkZGVuIHNvIGluc3RhbGxhdGlvbnMgd2lsbCBvbmx5IGNoZWNrIC5zc2gvYXV0aG9yaXplZF9rZXlzCiNBdXRob3JpemVkS2V5c0ZpbGUJL3BnY29uZi9hdXRob3JpemVkX2tleXMKQXV0aG9yaXplZEtleXNGaWxlCS9zc2hkL2F1dGhvcml6ZWRfa2V5cwoKI0F1dGhvcml6ZWRQcmluY2lwYWxzRmlsZSBub25lCgojQXV0aG9yaXplZEtleXNDb21tYW5kIG5vbmUKI0F1dGhvcml6ZWRLZXlzQ29tbWFuZFVzZXIgbm9ib2R5CgojIEZvciB0aGlzIHRvIHdvcmsgeW91IHdpbGwgYWxzbyBuZWVkIGhvc3Qga2V5cyBpbiAvZXRjL3NzaC9zc2hfa25vd25faG9zdHMKI0hvc3RiYXNlZEF1dGhlbnRpY2F0aW9uIG5vCiMgQ2hhbmdlIHRvIHllcyBpZiB5b3UgZG9uJ3QgdHJ1c3Qgfi8uc3NoL2tub3duX2hvc3RzIGZvcgojIEhvc3RiYXNlZEF1dGhlbnRpY2F0aW9uCiNJZ25vcmVVc2VyS25vd25Ib3N0cyBubwojIERvbid0IHJlYWQgdGhlIHVzZXIncyB+Ly5yaG9zdHMgYW5kIH4vLnNob3N0cyBmaWxlcwojSWdub3JlUmhvc3RzIHllcwoKIyBUbyBkaXNhYmxlIHR1bm5lbGVkIGNsZWFyIHRleHQgcGFzc3dvcmRzLCBjaGFuZ2UgdG8gbm8gaGVyZSEKI1Bhc3N3b3JkQXV0aGVudGljYXRpb24geWVzCiNQZXJtaXRFbXB0eVBhc3N3b3JkcyBubwpQYXNzd29yZEF1dGhlbnRpY2F0aW9uIG5vCgojIENoYW5nZSB0byBubyB0byBkaXNhYmxlIHMva2V5IHBhc3N3b3JkcwpDaGFsbGVuZ2VSZXNwb25zZUF1dGhlbnRpY2F0aW9uIHllcwojQ2hhbGxlbmdlUmVzcG9uc2VBdXRoZW50aWNhdGlvbiBubwoKIyBLZXJiZXJvcyBvcHRpb25zCiNLZXJiZXJvc0F1dGhlbnRpY2F0aW9uIG5vCiNLZXJiZXJvc09yTG9jYWxQYXNzd2QgeWVzCiNLZXJiZXJvc1RpY2tldENsZWFudXAgeWVzCiNLZXJiZXJvc0dldEFGU1Rva2VuIG5vCiNLZXJiZXJvc1VzZUt1c2Vyb2sgeWVzCgojIEdTU0FQSSBvcHRpb25zCiNHU1NBUElBdXRoZW50aWNhdGlvbiB5ZXMKI0dTU0FQSUNsZWFudXBDcmVkZW50aWFscyBubwojR1NTQVBJU3RyaWN0QWNjZXB0b3JDaGVjayB5ZXMKI0dTU0FQSUtleUV4Y2hhbmdlIG5vCiNHU1NBUElFbmFibGVrNXVzZXJzIG5vCgojIFNldCB0aGlzIHRvICd5ZXMnIHRvIGVuYWJsZSBQQU0gYXV0aGVudGljYXRpb24sIGFjY291bnQgcHJvY2Vzc2luZywKIyBhbmQgc2Vzc2lvbiBwcm9jZXNzaW5nLiBJZiB0aGlzIGlzIGVuYWJsZWQsIFBBTSBhdXRoZW50aWNhdGlvbiB3aWxsCiMgYmUgYWxsb3dlZCB0aHJvdWdoIHRoZSBDaGFsbGVuZ2VSZXNwb25zZUF1dGhlbnRpY2F0aW9uIGFuZAojIFBhc3N3b3JkQXV0aGVudGljYXRpb24uICBEZXBlbmRpbmcgb24geW91ciBQQU0gY29uZmlndXJhdGlvbiwKIyBQQU0gYXV0aGVudGljYXRpb24gdmlhIENoYWxsZW5nZVJlc3BvbnNlQXV0aGVudGljYXRpb24gbWF5IGJ5cGFzcwojIHRoZSBzZXR0aW5nIG9mICJQZXJtaXRSb290TG9naW4gd2l0aG91dC1wYXNzd29yZCIuCiMgSWYgeW91IGp1c3Qgd2FudCB0aGUgUEFNIGFjY291bnQgYW5kIHNlc3Npb24gY2hlY2tzIHRvIHJ1biB3aXRob3V0CiMgUEFNIGF1dGhlbnRpY2F0aW9uLCB0aGVuIGVuYWJsZSB0aGlzIGJ1dCBzZXQgUGFzc3dvcmRBdXRoZW50aWNhdGlvbgojIGFuZCBDaGFsbGVuZ2VSZXNwb25zZUF1dGhlbnRpY2F0aW9uIHRvICdubycuCiMgV0FSTklORzogJ1VzZVBBTSBubycgaXMgbm90IHN1cHBvcnRlZCBpbiBSZWQgSGF0IEVudGVycHJpc2UgTGludXggYW5kIG1heSBjYXVzZSBzZXZlcmFsCiMgcHJvYmxlbXMuClVzZVBBTSB5ZXMKCiNBbGxvd0FnZW50Rm9yd2FyZGluZyB5ZXMKI0FsbG93VGNwRm9yd2FyZGluZyB5ZXMKI0dhdGV3YXlQb3J0cyBubwpYMTFGb3J3YXJkaW5nIHllcwojWDExRGlzcGxheU9mZnNldCAxMAojWDExVXNlTG9jYWxob3N0IHllcwojUGVybWl0VFRZIHllcwojUHJpbnRNb3RkIHllcwojUHJpbnRMYXN0TG9nIHllcwojVENQS2VlcEFsaXZlIHllcwojVXNlTG9naW4gbm8KI1Blcm1pdFVzZXJFbnZpcm9ubWVudCBubwojQ29tcHJlc3Npb24gZGVsYXllZAojQ2xpZW50QWxpdmVJbnRlcnZhbCAwCiNDbGllbnRBbGl2ZUNvdW50TWF4IDMKI1Nob3dQYXRjaExldmVsIG5vCiNVc2VETlMgeWVzCiNQaWRGaWxlIC92YXIvcnVuL3NzaGQucGlkCiNNYXhTdGFydHVwcyAxMDozMDoxMDAKI1Blcm1pdFR1bm5lbCBubwojQ2hyb290RGlyZWN0b3J5IG5vbmUKI1ZlcnNpb25BZGRlbmR1bSBub25lCgojIG5vIGRlZmF1bHQgYmFubmVyIHBhdGgKI0Jhbm5lciBub25lCgojIEFjY2VwdCBsb2NhbGUtcmVsYXRlZCBlbnZpcm9ubWVudCB2YXJpYWJsZXMKQWNjZXB0RW52IExBTkcgTENfQ1RZUEUgTENfTlVNRVJJQyBMQ19USU1FIExDX0NPTExBVEUgTENfTU9ORVRBUlkgTENfTUVTU0FHRVMKQWNjZXB0RW52IExDX1BBUEVSIExDX05BTUUgTENfQUREUkVTUyBMQ19URUxFUEhPTkUgTENfTUVBU1VSRU1FTlQKQWNjZXB0RW52IExDX0lERU5USUZJQ0FUSU9OIExDX0FMTCBMQU5HVUFHRQpBY2NlcHRFbnYgWE1PRElGSUVSUwoKIyBvdmVycmlkZSBkZWZhdWx0IG9mIG5vIHN1YnN5c3RlbXMKU3Vic3lzdGVtCXNmdHAJL3Vzci9saWJleGVjL29wZW5zc2gvc2Z0cC1zZXJ2ZXIKCiMgRXhhbXBsZSBvZiBvdmVycmlkaW5nIHNldHRpbmdzIG9uIGEgcGVyLXVzZXIgYmFzaXMKI01hdGNoIFVzZXIgYW5vbmN2cwojCVgxMUZvcndhcmRpbmcgbm8KIwlBbGxvd1RjcEZvcndhcmRpbmcgbm8KIwlQZXJtaXRUVFkgbm8KIwlGb3JjZUNvbW1hbmQgY3ZzIHNlcnZlcgo=
-EOF
+cluster_namespace=pgo
+# the following variables are your S3 key and key secret
+backrest_s3_key=yours3key
+backrest_s3_key_secret=yours3keysecret
 
-# remove the pgBackRest ssh keypair from the shell session
-unset pgbackrest_public_key pgbackrest_private_key
+kubectl -n "${cluster_namespace}" create secret generic "${pgo_cluster_name}-backrest-repo-config" \
+  --from-literal="aws-s3-key=${backrest_s3_key}" \
+  --from-literal="aws-s3-key-secret=${backrest_s3_key_secret}"
 
-# create the pgBackRest secret
-kubectl apply -f "${pgo_cluster_name}-backrest-repo-config.yaml"
-
+unset backrest_s3_key +unset backrest_s3_key_secret +``` #### Step 2: Creating the PostgreSQL User Secrets -As mentioned above, there are a minimum of three PostgreSQL user accounts that -you must create in order to bootstrap a PostgreSQL cluster. These are: +Similar to the basic create cluster example, there are a minimum of three +PostgreSQL user accounts that you must create in order to bootstrap a PostgreSQL +cluster. These are: - A PostgreSQL superuser - A replication user @@ -360,15 +288,18 @@ With the Secrets in place. It is now time to create the PostgreSQL cluster. The below manifest references the Secrets created in the previous step to add a custom resource to the `pgclusters.crunchydata.com` custom resource definition. - -**NOTE**: You will need to modify the storage sections to match your storage -configuration. +There are some additions in this example specifically for storing backups in S3. ``` # this variable is the name of the cluster being created export pgo_cluster_name=hippo # this variable is the namespace the cluster is being deployed into export cluster_namespace=pgo +# the following variables store the information for your S3 cluster. You may +# need to adjust them for your actual settings +export backrest_s3_bucket=your-bucket +export backrest_s3_endpoint=s3.region-name.amazonaws.com +export backrest_s3_region=region-name cat <<-EOF > "${pgo_cluster_name}-pgcluster.yaml" apiVersion: crunchydata.com/v1 @@ -378,6 +309,7 @@ metadata: current-primary: ${pgo_cluster_name} labels: autofail: "true" + backrest-storage-type: "s3" crunchy-pgbadger: "false" crunchy-pgha-scope: ${pgo_cluster_name} crunchy-postgres-exporter: "false" @@ -397,7 +329,7 @@ spec: name: "" size: 1G storageclass: "" - storagetype: create + storagetype: dynamic supplementalgroups: "" PrimaryStorage: accessmode: ReadWriteMany @@ -405,7 +337,7 @@ spec: name: ${pgo_cluster_name} size: 1G storageclass: "" - storagetype: create + storagetype: dynamic supplementalgroups: "" ReplicaStorage: accessmode: ReadWriteMany @@ -413,21 +345,21 @@ spec: name: "" size: 1G storageclass: "" - storagetype: create + storagetype: dynamic supplementalgroups: "" annotations: backrestLimits: {} backrestRepoPath: "" backrestResources: memory: 48Mi - backrestS3Bucket: "" - backrestS3Endpoint: "" - backrestS3Region: "" + backrestS3Bucket: ${backrest_s3_bucket} + backrestS3Endpoint: ${backrest_s3_endpoint} + backrestS3Region: ${backrest_s3_region} backrestS3URIStyle: "" backrestS3VerifyTLS: "" ccpimage: crunchy-postgres-ha ccpimageprefix: registry.developers.crunchydata.com/crunchydata - ccpimagetag: {{< param centosBase >}}-{{< param postgresVersion >}}-{{< param operatorVersion >}} + ccpimagetag: {{< param ubiBase >}}-{{< param postgresVersion >}}-{{< param operatorVersion >}} clustername: ${pgo_cluster_name} customconfig: "" database: ${pgo_cluster_name} @@ -462,6 +394,7 @@ spec: tlsOnly: false user: hippo userlabels: + backrest-storage-type: "s3" crunchy-postgres-exporter: "false" pg-pod-anti-affinity: "" pgo-version: {{< param operatorVersion >}} @@ -690,3 +623,201 @@ spec: Save your edits, and in a short period of time, you should see these annotations applied to the managed Deployments. + +## PostgreSQL Operator Custom Resource Definitions + +There are several PostgreSQL Operator Custom Resource Definitions (CRDs) that +are installed in order for the PostgreSQL Operator to successfully function: + +- `pgclusters.crunchydata.com`: Stores information required to manage a +PostgreSQL cluster. This includes things like the cluster name, what storage and +resource classes to use, which version of PostgreSQL to run, information about +how to maintain a high-availability cluster, etc. +- `pgreplicas.crunchydata.com`: Stores information required to manage the +replicas within a PostgreSQL cluster. This includes things like the number of +replicas, what storage and resource classes to use, special affinity rules, etc. +- `pgtasks.crunchydata.com`: A general purpose CRD that accepts a type of task +that is needed to run against a cluster (e.g. take a backup) and tracks the +state of said task through its workflow. +- `pgpolicies.crunchydata.com`: Stores a reference to a SQL file that can be +executed against a PostgreSQL cluster. In the past, this was used to manage RLS +policies on PostgreSQL clusters. + +Below takes an in depth look for what each attribute does in a Custom Resource +Definition, and how they can be used in the creation and update workflow. + +### Glossary + +- `create`: if an attribute is listed as `create`, it means it can affect what +happens when a new Custom Resource is created. +- `update`: if an attribute is listed as `update`, it means it can affect the +Custom Resource, and by extension the objects it manages, when the attribute is +updated. + +### `pgclusters.crunchydata.com` + +The `pgclusters.crunchydata.com` Custom Resource Definition is the fundamental +definition of a PostgreSQL cluster. Most attributes only affect the deployment +of a PostgreSQL cluster at the time the PostgreSQL cluster is created. Some +attributes can be modified during the lifetime of the PostgreSQL cluster and +make changes, as described below. + +#### Specification (`Spec`) + +| Attribute | Action | Description | +|-----------|--------|-------------| +| Annotations | `create`, `update` | Specify Kubernetes [Annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) that can be applied to the different deployments managed by the PostgreSQL Operator (PostgreSQL, pgBackRest, pgBouncer). For more information, please see the "Annotations Specification" below. | +| BackrestConfig | `create` | Optional references to pgBackRest configuration files +| BackrestLimits | `create`, `update` | Specify the container resource limits that the pgBackRest repository should use. Follows the [Kubernetes definitions of resource limits](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container). | +| BackrestResources | `create`, `update` | Specify the container resource requests that the pgBackRest repository should use. Follows the [Kubernetes definitions of resource requests](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container). | +| BackrestS3Bucket | `create` | An optional parameter that specifies a S3 bucket that pgBackRest should use. | +| BackrestS3Endpoint | `create` | An optional parameter that specifies the S3 endpoint pgBackRest should use. | +| BackrestS3Region | `create` | An optional parameter that specifies a cloud region that pgBackRest should use. | +| BackrestS3URIStyle | `create` | An optional parameter that specifies if pgBackRest should use the `path` or `host` S3 URI style. | +| BackrestS3VerifyTLS | `create` | An optional parameter that specifies if pgBackRest should verify the TLS endpoint. | +| BackrestStorage | `create` | A specification that gives information about the storage attributes for the pgBackRest repository, which stores backups and archives, of the PostgreSQL cluster. For details, please see the `Storage Specification` section below. This is required. | +| CCPImage | `create` | The name of the PostgreSQL container image to use, e.g. `crunchy-postgres-ha` or `crunchy-postgres-ha-gis`. | +| CCPImagePrefix | `create` | If provided, the image prefix (or registry) of the PostgreSQL container image, e.g. `registry.developers.crunchydata.com/crunchydata`. The default is to use the image prefix set in the PostgreSQL Operator configuration. | +| CCPImageTag | `create` | The tag of the PostgreSQL container image to use, e.g. `{{< param ubiBase >}}-{{< param postgresVersion >}}-{{< param operatorVersion >}}`. | +| CollectSecretName | `create` | An optional attribute unless `crunchy-postgres-exporter` is specified in the `UserLabels`; contains the name of a Kubernetes Secret that contains the credentials for a PostgreSQL user that is used for metrics collection, and is created when the PostgreSQL cluster is first bootstrapped. For more information, please see `User Secret Specification`.| +| ClusterName | `create` | The name of the PostgreSQL cluster, e.g. `hippo`. This is used to group PostgreSQL instances (primary, replicas) together. | +| CustomConfig | `create` | If specified, references a custom ConfigMap to use when bootstrapping a PostgreSQL cluster. For the shape of this file, please see the section on [Custom Configuration]({{< relref "/advanced/custom-configuration.md" >}}) | +| Database | `create` | The name of a database that the PostgreSQL user can log into after the PostgreSQL cluster is created. | +| ExporterLimits | `create`, `update` | Specify the container resource limits that the `crunchy-postgres-exporter` sidecar uses when it is deployed with a PostgreSQL instance. Follows the [Kubernetes definitions of resource limits](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container). | +| ExporterPort | `create` | If the `"crunchy-postgres-exporter"` label is set in `UserLabels`, then this specifies the port that the metrics sidecar runs on (e.g. `9187`) | +| ExporterResources | `create`, `update` | Specify the container resource requests that the `crunchy-postgres-exporter` sidecar uses when it is deployed with a PostgreSQL instance. Follows the [Kubernetes definitions of resource requests](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container). | +| Limits | `create`, `update` | Specify the container resource limits that the PostgreSQL cluster should use. Follows the [Kubernetes definitions of resource limits](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container). | +| Name | `create` | The name of the PostgreSQL instance that is the primary. On creation, this should be set to be the same as `ClusterName`. | +| Namespace | `create` | The Kubernetes Namespace that the PostgreSQL cluster is deployed in. | +| PGBadgerPort | `create` | If the `"crunchy-pgbadger"` label is set in `UserLabels`, then this specifies the port that the pgBadger sidecar runs on (e.g. `10000`) | +| PGDataSource | `create` | Used to indicate if a PostgreSQL cluster should bootstrap its data from a pgBackRest repository. This uses the PostgreSQL Data Source Specification, described below. | +| PGOImagePrefix | `create` | If provided, the image prefix (or registry) of any PostgreSQL Operator images that are used for jobs, e.g. `registry.developers.crunchydata.com/crunchydata`. The default is to use the image prefix set in the PostgreSQL Operator configuration. | +| PgBouncer | `create`, `update` | If specified, defines the attributes to use for the pgBouncer connection pooling deployment that can be used in conjunction with this PostgreSQL cluster. Please see the specification defined below. | +| PodAntiAffinity | `create` | A required section. Sets the [pod anti-affinity rules]({{< relref "/architecture/high-availability/_index.md#how-the-crunchy-postgresql-operator-uses-pod-anti-affinity" >}}) for the PostgreSQL cluster and associated deployments. Please see the `Pod Anti-Affinity Specification` section below. | +| Policies | `create` | If provided, a comma-separated list referring to `pgpolicies.crunchydata.com.Spec.Name` that should be run once the PostgreSQL primary is first initialized. | +| Port | `create` | The port that PostgreSQL will run on, e.g. `5432`. | +| PrimaryStorage | `create` | A specification that gives information about the storage attributes for the primary instance in the PostgreSQL cluster. For details, please see the `Storage Specification` section below. This is required. | +| RootSecretName | `create` | The name of a Kubernetes Secret that contains the credentials for a PostgreSQL _replication user_ that is created when the PostgreSQL cluster is first bootstrapped. For more information, please see `User Secret Specification`.| +| ReplicaStorage | `create` | A specification that gives information about the storage attributes for any replicas in the PostgreSQL cluster. For details, please see the `Storage Specification` section below. This will likely be changed in the future based on the nature of the high-availability system, but presently it is still required that you set it. It is recommended you use similar settings to that of `PrimaryStorage`. | +| Replicas | `create` | The number of replicas to create after a PostgreSQL primary is first initialized. This only works on create; to scale a cluster after it is initialized, please use the [`pgo scale`]({{< relref "/pgo-client/reference/pgo_scale.md" >}}) command. | +| Resources | `create`, `update` | Specify the container resource requests that the PostgreSQL cluster should use. Follows the [Kubernetes definitions of resource requests](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container). | +| RootSecretName | `create` | The name of a Kubernetes Secret that contains the credentials for a PostgreSQL superuser that is created when the PostgreSQL cluster is first bootstrapped. For more information, please see `User Secret Specification`.| +| SyncReplication | `create` | If set to `true`, specifies the PostgreSQL cluster to use [synchronous replication]({{< relref "/architecture/high-availability/_index.md#how-the-crunchy-postgresql-operator-uses-pod-anti-affinity#synchronous-replication-guarding-against-transactions-loss" >}}).| +| User | `create` | The name of the PostgreSQL user that is created when the PostgreSQL cluster is first created. | +| UserLabels | `create` | A set of key-value string pairs that are used as a sort of "catch-all" for things that really should be modeled in the CRD. These values do get copied to the actually CR labels. If you want to set up metrics collection or pgBadger, you would specify `"crunchy-postgres-exporter": "true"` and `"crunchy-pgbadger": "true"` here, respectively. However, this structure does need to be set, so just follow whatever is in the example. | +| UserSecretName | `create` | The name of a Kubernetes Secret that contains the credentials for a standard PostgreSQL user that is created when the PostgreSQL cluster is first bootstrapped. For more information, please see `User Secret Specification`.| +| TablespaceMounts | `create`,`update` | Lists any tablespaces that are attached to the PostgreSQL cluster. Tablespaces can be added at a later time by updating the `TablespaceMounts` entry, but they cannot be removed. Stores a map of information, with the key being the name of the tablespace, and the value being a Storage Specification, defined below. | +| TLS | `create` | Defines the attributes for enabling TLS for a PostgreSQL cluster. See TLS Specification below. | +| TLSOnly | `create` | If set to true, requires client connections to use only TLS to connect to the PostgreSQL database. | +| Standby | `create`, `update` | If set to true, indicates that the PostgreSQL cluster is a "standby" cluster, i.e. is in read-only mode entirely. Please see [Kubernetes Multi-Cluster Deployments]({{< relref "/architecture/high-availability/multi-cluster-kubernetes.md" >}}) for more information. | +| Shutdown | `create`, `update` | If set to true, indicates that a PostgreSQL cluster should shutdown. If set to false, indicates that a PostgreSQL cluster should be up and running. | + +##### Storage Specification + +The storage specification is a spec that defines attributes about the storage to +be used for a particular function of a PostgreSQL cluster (e.g. a primary +instance or for the pgBackRest backup repository). The below describes each +attribute and how it works. + +| Attribute | Action | Description | +|-----------|--------|-------------| +| AccessMode| `create` | The name of the Kubernetes Persistent Volume [Access Mode](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes) to use. | +| MatchLabels | `create` | Only used with `StorageType` of `create`, used to match a particular subset of provisioned Persistent Volumes. | +| Name | `create` | Only needed for `PrimaryStorage` in `pgclusters.crunchydata.com`.Used to identify the name of the PostgreSQL cluster. Should match `ClusterName`. | +| Size | `create` | The size of the [Persistent Volume Claim](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) (PVC). Must use a Kubernetes resource value, e.g. `20Gi`. | +| StorageClass | `create` | The name of the Kubernetes [StorageClass](https://kubernetes.io/docs/concepts/storage/storage-classes/) to use. | +| StorageType | `create` | Set to `create` if storage is provisioned (e.g. using `hostpath`). Set to `dynamic` if using a dynamic storage provisioner, e.g. via a `StorageClass`. | +| SupplementalGroups | `create` | If provided, a comma-separated list of group IDs to use in case it is needed to interface with a particular storage system. Typically used with NFS or hostpath storage. | + +##### Pod Anti-Affinity Specification + +Sets the [pod anti-affinity]({{< relref "/architecture/high-availability/_index.md#how-the-crunchy-postgresql-operator-uses-pod-anti-affinity" >}}) +for the PostgreSQL cluster and associated deployments. Each attribute can +contain one of the following values: + +- `required` +- `preferred` (which is also the recommended default) +- `disabled` + +For a detailed explanation for how this works. Please see the [high-availability]({{< relref "/architecture/high-availability/_index.md#how-the-crunchy-postgresql-operator-uses-pod-anti-affinity" >}}) +documentation. + +| Attribute | Action | Description | +|-----------|--------|-------------| +| Default | `create` | The default pod anti-affinity to use for all Pods managed in a given PostgreSQL cluster. | +| PgBackRest | `create` | If set to a value that differs from `Default`, specifies the pod anti-affinity to use for just the pgBackRest repository. | +| PgBouncer | `create` | If set to a value that differs from `Default`, specifies the pod anti-affinity to use for just the pgBouncer Pods. | + +##### PostgreSQL Data Source Specification + +This specification is used when one wants to bootstrap the data in a PostgreSQL +cluster from a pgBackRest repository. This can be a pgBackRest repository that +is attached to an active PostgreSQL cluster or is kept around to be used for +spawning new PostgreSQL clusters. + +| Attribute | Action | Description | +|-----------|--------|-------------| +| RestoreFrom | `create` | The name of a PostgreSQL cluster, active or former, that will be used for bootstrapping the data of a new PostgreSQL cluster. | +| RestoreOpts | `create` | Additional pgBackRest [restore options](https://pgbackrest.org/command.html#command-restore) that can be used as part of the bootstrapping operation, for example, point-in-time-recovery options. | + +##### TLS Specification + +The TLS specification makes a reference to the various secrets that are required +to enable TLS in a PostgreSQL cluster. For more information on how these secrets +should be structured, please see [Enabling TLS in a PostgreSQL Cluster]({{< relref "/pgo-client/common-tasks.md#enable-tls" >}}). + +| Attribute | Action | Description | +|-----------|--------|-------------| +| CASecret | `create` | A reference to the name of a Kubernetes Secret that specifies a certificate authority for the PostgreSQL cluster to trust. | +| ReplicationTLSSecret | `create` | A reference to the name of a Kubernetes TLS Secret that contains a keypair for authenticating the replication user. Must be used with `CASecret` and `TLSSecret`. | +| TLSSecret | `create` | A reference to the name of a Kubernetes TLS Secret that contains a keypair that is used for the PostgreSQL instance to identify itself and perform TLS communications with PostgreSQL clients. Must be used with `CASecret`. | + +##### pgBouncer Specification + +The pgBouncer specification defines how a pgBouncer deployment can be deployed +alongside the PostgreSQL cluster. pgBouncer is a PostgreSQL connection pooler +that can also help manage connection state, and is helpful to deploy alongside +a PostgreSQL cluster to help with failover scenarios too. + +| Attribute | Action | Description | +|-----------|--------|-------------| +| Limits | `create`, `update` | Specify the container resource limits that the pgBouncer Pods should use. Follows the [Kubernetes definitions of resource limits](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container). | +| Replicas | `create`, `update` | The number of pgBouncer instances to deploy. Must be set to at least `1` to deploy pgBouncer. Setting to `0` removes an existing pgBouncer deployment for the PostgreSQL cluster. | +| Resources | `create`, `update` | Specify the container resource requests that the pgBouncer Pods should use. Follows the [Kubernetes definitions of resource requests](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container). | + +##### Annotations Specification + +The `pgcluster.crunchydata.com` specification contains a block that allows for +custom [Annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) +to be applied to the Deployments that are managed by the PostgreSQL Operator, +including: + +- PostgreSQL +- pgBackRest +- pgBouncer + +This also includes the option to apply Annotations globally across the three +different deployment groups. + +| Attribute | Action | Description | +|-----------|--------|-------------| +| Backrest | `create`, `update` | Specify annotations that are only applied to the pgBackRest deployments | +| Global | `create`, `update` | Specify annotations that are applied to the PostgreSQL, pgBackRest, and pgBouncer deployments | +| PgBouncer | `create`, `update` | Specify annotations that are only applied to the pgBouncer deployments | +| Postgres | `create`, `update` | Specify annotations that are only applied to the PostgreSQL deployments | + +### `pgreplicas.crunchydata.com` + +The `pgreplicas.crunchydata.com` Custom Resource Definition contains information +pertaning to the structure of PostgreSQL replicas associated within a PostgreSQL +cluster. All of the attributes only affect the replica when it is created. + +#### Specification (`Spec`) + +| Attribute | Action | Description | +|-----------|--------|-------------| +| ClusterName | `create` | The name of the PostgreSQL cluster, e.g. `hippo`. This is used to group PostgreSQL instances (primary, replicas) together. | +| Name | `create` | The name of this PostgreSQL replica. It should be unique within a `ClusterName`. | +| Namespace | `create` | The Kubernetes Namespace that the PostgreSQL cluster is deployed in. | +| ReplicaStorage | `create` | A specification that gives information about the storage attributes for any replicas in the PostgreSQL cluster. For details, please see the `Storage Specification` section in the `pgclusters.crunchydata.com` description. This will likely be changed in the future based on the nature of the high-availability system, but presently it is still required that you set it. It is recommended you use similar settings to that of `PrimaryStorage`. | +| UserLabels | `create` | A set of key-value string pairs that are used as a sort of "catch-all" for things that really should be modeled in the CRD. These values do get copied to the actually CR labels. If you want to set up metrics collection, you would specify `"crunchy-postgres-exporter": "true"` here. This also allows for node selector pinning using `NodeLabelKey` and `NodeLabelValue`. However, this structure does need to be set, so just follow whatever is in the example. | diff --git a/docs/content/installation/_index.md b/docs/content/installation/_index.md index 909561ce46..036a080a4e 100644 --- a/docs/content/installation/_index.md +++ b/docs/content/installation/_index.md @@ -5,10 +5,10 @@ draft: false weight: 40 --- -There are several different ways to install and deploy the [PostgreSQL Operator](https://www.crunchydata.com/developers/download-postgres/containers/postgres-operator) +There are several different ways to install and deploy the [PGO, the Postgres Operator](https://www.crunchydata.com/developers/download-postgres/containers/postgres-operator) based upon your use case. -For the vast majority of use cases, we recommend using the [PostgreSQL Operator Installer]({{< relref "/installation/postgres-operator.md" >}}), +For the vast majority of use cases, we recommend using the [Postgres Operator Installer]({{< relref "/installation/postgres-operator.md" >}}), which uses the `pgo-deployer` container to set up all of the objects required to run the PostgreSQL Operator. diff --git a/docs/content/installation/configuration.md b/docs/content/installation/configuration.md index 1a09b4afaa..64ca97aaac 100644 --- a/docs/content/installation/configuration.md +++ b/docs/content/installation/configuration.md @@ -5,9 +5,9 @@ draft: false weight: 40 --- -# PostgreSQL Operator Installer Configuration +# PGO Installer Configuration -When installing the PostgreSQL Operator you have many configuration options, these +When installing PGO, the Postgres Operator you have many configuration options, these options are listed in this section. ## General Configuration @@ -31,7 +31,7 @@ Operator. | `ccp_image_prefix` | registry.developers.crunchydata.com/crunchydata | **Required** | Configures the image prefix used when creating containers from Crunchy Container Suite. | | `ccp_image_pull_secret` | | | Name of a Secret containing credentials for container image registries. | | `ccp_image_pull_secret_manifest` | | | Provide a path to the Secret manifest to be installed in each namespace. (optional) | -| `ccp_image_tag` | {{< param centosBase >}}-{{< param postgresVersion >}}-{{< param operatorVersion >}} | **Required** | Configures the image tag (version) used when creating containers from Crunchy Container Suite. | +| `ccp_image_tag` | {{< param ubiBase >}}-{{< param postgresVersion >}}-{{< param operatorVersion >}} | **Required** | Configures the image tag (version) used when creating containers from Crunchy Container Suite. | | `create_rbac` | true | **Required** | Set to true if the installer should create the RBAC resources required to run the PostgreSQL Operator. | | `crunchy_debug` | false | | Set to configure Operator to use debugging mode. Note: this can cause sensitive data such as passwords to appear in Operator logs. | | `db_name` | | | Set to a value to configure the default database name on all newly created clusters. By default, the PostgreSQL Operator will set it to the name of the cluster that is being created. | @@ -53,12 +53,12 @@ Operator. | `namespace_mode` | dynamic | | Determines which namespace permissions are assigned to the PostgreSQL Operator using a ClusterRole. Options: `dynamic`, `readonly`, and `disabled` | | `pgbadgerport` | 10000 | **Required** | Set to configure the default port used to connect to pgbadger. | | `pgo_add_os_ca_store` | false | **Required** | When true, includes system default certificate authorities. | -| `pgo_admin_password` | examplepassword | **Required** | Configures the pgo administrator password. | +| `pgo_admin_password` | examplepassword | | Configures the pgo administrator password. When blank, a random password is generated. | | `pgo_admin_perms` | * | **Required** | Sets the access control rules provided by the PostgreSQL Operator RBAC resources for the PostgreSQL Operator administrative account that is created by this installer. Defaults to allowing all of the permissions, which is represented with the * | | `pgo_admin_role_name` | pgoadmin | **Required** | Sets the name of the PostgreSQL Operator role that is utilized for administrative operations performed by the PostgreSQL Operator. | | `pgo_admin_username` | admin | **Required** | Configures the pgo administrator username. | | `pgo_apiserver_port` | 8443 | | Set to configure the port used by the Crunchy PostgreSQL Operator apiserver. | -| `pgo_apiserver_url` | https://postgres-operator | | Sets the `pgo_apiserver_url` for the `pgo-client` deployment. | +| `pgo_apiserver_url` | https://postgres-operator | | Sets the `pgo_apiserver_url` for the `pgo-client` deployment. Note that the URL should **not** end in a `/`. | | `pgo_client_cert_secret` | pgo.tls | | Sets the secret that the `pgo-client` will use when connecting to the PostgreSQL Operator. | | `pgo_client_container_install` | false | | Run the `pgo-client` deployment with the PostgreSQL Operator. | | `pgo_client_install` | true | | Enable to download the `pgo` client binary as part of the Ansible install | @@ -69,7 +69,7 @@ Operator. | `pgo_image_prefix` | registry.developers.crunchydata.com/crunchydata | **Required** | Configures the image prefix used when creating containers for the Crunchy PostgreSQL Operator (apiserver, operator, scheduler..etc). | | `pgo_image_pull_secret` | | | Name of a Secret containing credentials for container image registries. | | `pgo_image_pull_secret_manifest` | | | Provide a path to the Secret manifest to be installed in each namespace. (optional) | -| `pgo_image_tag` | {{< param centosBase >}}-{{< param operatorVersion >}} | **Required** | Configures the image tag used when creating containers for the Crunchy PostgreSQL Operator (apiserver, operator, scheduler..etc) | +| `pgo_image_tag` | {{< param ubiBase >}}-{{< param operatorVersion >}} | **Required** | Configures the image tag used when creating containers for the Crunchy PostgreSQL Operator (apiserver, operator, scheduler..etc) | | `pgo_installation_name` | devtest | **Required** | The name of the PGO installation. | | `pgo_noauth_routes` | | | Configures URL routes with mTLS and HTTP BasicAuth disabled. | | `pgo_operator_namespace` | pgo | **Required** | Set to configure the namespace where Operator will be deployed. | @@ -135,8 +135,8 @@ other storage classes in production deployments. | Name | Default | Required | Description | |------|---------|----------|-------------| -| `backrest_storage` | hostpathstorage | **Required** | Set the value of the storage configuration to use for the pgbackrest shared repository deployment created when a user specifies pgbackrest to be enabled on a cluster. | -| `backup_storage` | hostpathstorage | **Required** | Set the value of the storage configuration to use for backups, including the storage for pgbackrest repo volumes. | +| `backrest_storage` | hostpathstorage | **Required** | Set the value of the storage configuration to use for the pgBackRest repository. | +| `backup_storage` | hostpathstorage | **Required** | required, the value of the storage configuration to use for backups generated by `pg_dump`. | | `primary_storage` | hostpathstorage | **Required** | Set to configure which storage definition to use when creating volumes used by PostgreSQL primaries on all newly created clusters. | | `replica_storage` | hostpathstorage | **Required** | Set to configure which storage definition to use when creating volumes used by PostgreSQL replicas on all newly created clusters. | | `wal_storage` | | | Set to configure which storage definition to use when creating volumes used for PostgreSQL Write-Ahead Log. | diff --git a/docs/content/installation/metrics/metrics-configuration.md b/docs/content/installation/metrics/metrics-configuration.md index 7d343480cf..d8a6bbf55f 100644 --- a/docs/content/installation/metrics/metrics-configuration.md +++ b/docs/content/installation/metrics/metrics-configuration.md @@ -25,7 +25,7 @@ These variables affect the general configuration of PostgreSQL Operator Monitori | `create_rbac` | true | **Required** | Set to true if the installer should create the RBAC resources required to run the PostgreSQL Operator Monitoring infrastructure. | | `db_port` | 5432 | **Required** | Set to configure the PostgreSQL port used by all PostgreSQL clusters. | | `delete_metrics_namespace` | false | | Set to configure whether or not the metrics namespace (defined using variable `metrics_namespace`) is deleted when uninstalling the monitoring infrastructure. | -| `disable_fsgroup` | false | | Set to `true` for deployments where you do not want to have the default PostgreSQL fsGroup (26) set. The typical usage is in OpenShift environments that have a `restricted` Security Context Constraints. | +| `disable_fsgroup` | false | | Set to `true` for deployments where you do not want to have the default PostgreSQL fsGroup (26) set. The typical usage is in OpenShift environments that have a `restricted` Security Context Constraints. If you use the `anyuid` SCC, you would want to set this to `false`. The Postgres Operator will set this value appropriately by default, except for when using the `anyuid` SCC. | | `grafana_admin_password` | admin | **Required** | Set to configure the login password for the Grafana administrator. | | `grafana_admin_username` | admin | **Required** | Set to configure the login username for the Grafana administrator. | | `grafana_install` | true | **Required** | Set to true to install Grafana to visualize metrics. | @@ -108,7 +108,7 @@ and tag as needed to use the RedHat certified containers: | `alertmanager_image_tag` | v0.21.0 | **Required** | Configures the image tag to use for the Alertmanager container. | | `grafana_image_prefix` | grafana | **Required** | Configures the image prefix to use for the Grafana container.| | `grafana_image_name` | grafana | **Required** | Configures the image name to use for the Grafana container. | -| `grafana_image_tag` | 6.7.4 | **Required** | Configures the image tag to use for the Grafana container. | +| `grafana_image_tag` | 6.7.5 | **Required** | Configures the image tag to use for the Grafana container. | | `prometheus_image_prefix` | prom | **Required** | Configures the image prefix to use for the Prometheus container. | | `prometheus_image_name` | promtheus | **Required** | Configures the image name to use for the Prometheus container. | | `prometheus_image_tag` | v2.20.0 | **Required** | Configures the image tag to use for the Prometheus container. | @@ -124,7 +124,7 @@ PostgreSQL Operator Monitoring infrastructure: | Name | Default | Required | Description | |------|---------|----------|-------------| -| `pgo_image_prefix` | registry.developers.crunchydata.com/crunchydata | **Required** | Configures the image prefix used by the `pgo-deployer` container | -| `pgo_image_tag` | {{< param centosBase >}}-{{< param operatorVersion >}} | **Required** | Configures the image tag used by the `pgo-deployer` container | +| `pgo_image_prefix` | registry.developers.crunchydata.com/crunchydata | **Required** | Configures the image prefix used by the `pgo-deployer` container | +| `pgo_image_tag` | {{< param ubiBase >}}-{{< param operatorVersion >}} | **Required** | Configures the image tag used by the `pgo-deployer` container | -[k8s-service-type]: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types \ No newline at end of file +[k8s-service-type]: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types diff --git a/docs/content/installation/metrics/other/ansible/_index.md b/docs/content/installation/metrics/other/ansible/_index.md index cede0bb875..e48c6801dd 100644 --- a/docs/content/installation/metrics/other/ansible/_index.md +++ b/docs/content/installation/metrics/other/ansible/_index.md @@ -5,17 +5,17 @@ draft: false weight: 10 --- -# Crunchy Data PostgreSQL Operator Monitoring Playbooks +# PGO: Postgres Operator Monitoring Playbooks -The Crunchy Data PostgreSQL Operator Monitoring Playbooks contain [Ansible](https://www.ansible.com/) +PGO, the Postgres Operator from Crunchy Data, Monitoring Playbooks contain [Ansible](https://www.ansible.com/) roles for installing and managing the [Crunchy Data PostgreSQL Operator Monitoring infrastructure]({{< relref "/installation/other/ansible/installing-operator.md" >}}). ## Features The playbooks provided allow users to: -* install PostgreSQL Operator Monitoring on Kubernetes and OpenShift -* install PostgreSQL Operator from a Linux, Mac or Windows (Ubuntu subsystem) host +* install PGO Monitoring on Kubernetes and OpenShift +* install PGO from a Linux, Mac or Windows (Ubuntu subsystem) host * support a variety of deployment models ## Resources diff --git a/docs/content/installation/metrics/other/ansible/metrics-prerequisites.md b/docs/content/installation/metrics/other/ansible/metrics-prerequisites.md index 1e9d31164d..116559ea30 100644 --- a/docs/content/installation/metrics/other/ansible/metrics-prerequisites.md +++ b/docs/content/installation/metrics/other/ansible/metrics-prerequisites.md @@ -62,7 +62,6 @@ if you are being using them for your environment. Both sets of variables cannot be used at the same time. The unused variables should be left commented out or removed. {{% /notice %}} - | Name | Default | Required | Description | |-----------------------------------|-------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | `kubernetes_context` | | **Required**, if deploying to Kubernetes |When deploying to Kubernetes, set to configure the context name of the kubeconfig to be used for authentication. | @@ -83,10 +82,15 @@ kubectl config current-context ## Configuring - `values.yaml` The `values.yaml` file contains all of the configuration parameters -for deploying the PostgreSQL Operator Monitoring infrastructure. +for deploying the PostgreSQL Operator Monitoring infrastructure. The [example file](https://github.com/CrunchyData/postgres-operator/blob/v{{< param operatorVersion >}}/installers/metrics/ansible/values.yaml) contains defaults that should work in most Kubernetes environments, but it may require some customization. +Note that in OpenShift and CodeReady Containers you will need to set the +`disable_fsgroup` to `true` attribute to `true` if you are using the +`restricted` Security Context Constraint (SCC). If you are using the `anyuid` +SCC, you will need to set `disable_fsgroup` to `false`. + For a detailed description of each configuration parameter, please read the [PostgreSQL Operator Installer Metrics Configuration Reference](<{{< relref "/installation/metrics/metrics-configuration.md">}}>) diff --git a/docs/content/installation/metrics/other/helm-metrics.md b/docs/content/installation/metrics/other/helm-metrics.md index fb94918003..e09a1ae5c8 100644 --- a/docs/content/installation/metrics/other/helm-metrics.md +++ b/docs/content/installation/metrics/other/helm-metrics.md @@ -57,10 +57,15 @@ file will be used to populate the configuation options in the ConfigMap. ### Configuration - `values.yaml` The `values.yaml` file contains all of the configuration parameters for deploying -the PostgreSQL Operator Monitoring infrastructure. +the PostgreSQL Operator Monitoring infrastructure. The [values.yaml file](https://github.com/CrunchyData/postgres-operator/blob/master/installers/metrics/helm/values.yaml) contains the defaults that should work in most Kubernetes environments, but it may require some customization. +Note that in OpenShift and CodeReady Containers you will need to set the +`disable_fsgroup` to `true` attribute to `true` if you are using the +`restricted` Security Context Constraint (SCC). If you are using the `anyuid` +SCC, you will need to set `disable_fsgroup` to `false`. + For a detailed description of each configuration parameter, please read the [PostgreSQL Operator Monitoring Installer Configuration Reference](<{{< relref "/installation/metrics/metrics-configuration.md">}}>) @@ -81,11 +86,11 @@ upgrade and uninstall the PostgreSQL Operator. ## Upgrade and Uninstall -Once install has be completed using Helm, it will also be used to upgrade and +Once install has be completed using Helm, it will also be used to upgrade and uninstall your PostgreSQL Operator. {{% notice tip %}} -The `name` and `namespace` in the following sections should match the options +The `name` and `namespace` in the following sections should match the options provided at install. {{% /notice %}} @@ -111,7 +116,7 @@ helm uninstall -n ## Debugging -When the `pgo-deployer` job does not complete successfully, the resources that +When the `pgo-deployer` job does not complete successfully, the resources that are created and normally cleaned up by Helm will be left in your Kubernetes cluster. This will allow you to use the failed job and its logs to debug the issue. The following command will show the logs for the `pgo-deployer` diff --git a/docs/content/installation/metrics/postgres-operator-metrics.md b/docs/content/installation/metrics/postgres-operator-metrics.md index a077862ba9..2440ebfa66 100644 --- a/docs/content/installation/metrics/postgres-operator-metrics.md +++ b/docs/content/installation/metrics/postgres-operator-metrics.md @@ -18,6 +18,11 @@ kubectl create namespace pgo kubectl apply -f https://raw.githubusercontent.com/CrunchyData/postgres-operator/v{{< param operatorVersion >}}/installers/metrics/kubectl/postgres-operator-metrics.yml ``` +Note that in OpenShift and CodeReady Containers you will need to set the +`disable_fsgroup` to `true` attribute to `true` if you are using the +`restricted` Security Context Constraint (SCC). If you are using the `anyuid` +SCC, you will need to set `disable_fsgroup` to `false`. + However, we still advise that you read onward to see how to properly configure the PostgreSQL Operator Monitoring infrastructure. @@ -53,13 +58,13 @@ environmental requirements. By default, the `pgo-deployer` uses a ServiceAccount called `pgo-metrics-deployer-sa` that has a ClusterRoleBinding (`pgo-metrics-deployer-crb`) with several ClusterRole permissions. This ClusterRole is needed for the initial configuration and deployment -of the various applications comprising the monitoring infrastructure. This includes permissions +of the various applications comprising the monitoring infrastructure. This includes permissions to create: * RBAC for use by Prometheus and/or Grafana * The metrics namespace -The required list of privileges are available in the +The required list of privileges are available in the [postgres-operator-metrics.yml](https://raw.githubusercontent.com/CrunchyData/postgres-operator/v{{< param operatorVersion >}}/installers/metrics/kubectl/postgres-operator-metrics.yml) file: @@ -95,6 +100,11 @@ for deploying PostgreSQL Operator Monitoring. The [example file](https://github. contains defaults that should work in most Kubernetes environments, but it may require some customization. +Note that in OpenShift and CodeReady Containers you will need to set the +`disable_fsgroup` to `true` attribute to `true` if you are using the +`restricted` Security Context Constraint (SCC). If you are using the `anyuid` +SCC, you will need to set `disable_fsgroup` to `false`. + For a detailed description of each configuration parameter, please read the [PostgreSQL Operator Monitoring Installer Configuration Reference](<{{< relref "/installation/metrics/metrics-configuration.md">}}>) @@ -103,7 +113,7 @@ For a detailed description of each configuration parameter, please read the The deploy job can be used to perform different deployment actions for the PostgreSQL Operator Monitoring infrastructure. When you run the job it will install the monitoring infrastructure by default but you can change the deployment action to -uninstall or update. The `DEPLOY_ACTION` environment variable in the `postgres-operator-metrics.yml` +uninstall or update. The `DEPLOY_ACTION` environment variable in the `postgres-operator-metrics.yml` file can be set to `install-metrics`, `update-metrics`, and `uninstall-metrics`. ### Image Pull Secrets diff --git a/docs/content/installation/other/_index.md b/docs/content/installation/other/_index.md index 54722b3e61..1dc5fd84b8 100644 --- a/docs/content/installation/other/_index.md +++ b/docs/content/installation/other/_index.md @@ -6,6 +6,6 @@ weight: 50 --- Though the years, we have built up several other methods for installing the -PostgreSQL Operator. The next few sections provide some alternative ways of +PGO. The next few sections provide some alternative ways of deploying the PostgreSQL Operator. Some of these methods are deprecated and may be removed in a future release. diff --git a/docs/content/installation/other/ansible/_index.md b/docs/content/installation/other/ansible/_index.md index 0cd09a034d..69a647511e 100644 --- a/docs/content/installation/other/ansible/_index.md +++ b/docs/content/installation/other/ansible/_index.md @@ -5,17 +5,17 @@ draft: false weight: 100 --- -# Crunchy Data PostgreSQL Operator Playbooks +# PGO: Postgres Operator Playbooks -The Crunchy Data PostgreSQL Operator Playbooks contain [Ansible](https://www.ansible.com/) +PGO, the Postgres Operator from Crunchy Data, Playbooks contain [Ansible](https://www.ansible.com/) roles for installing and managing the [Crunchy Data PostgreSQL Operator]({{< relref "/installation/other/ansible/installing-operator.md" >}}). ## Features The playbooks provided allow users to: -* install PostgreSQL Operator on Kubernetes and OpenShift -* install PostgreSQL Operator from a Linux, Mac or Windows (Ubuntu subsystem) host +* install PGO on Kubernetes and OpenShift +* install PGO from a Linux, Mac or Windows (Ubuntu subsystem) host * generate TLS certificates required by the PostgreSQL Operator * support a variety of deployment models diff --git a/docs/content/installation/other/ansible/installing-operator.md b/docs/content/installation/other/ansible/installing-operator.md index 8cc82d1448..520732ce72 100644 --- a/docs/content/installation/other/ansible/installing-operator.md +++ b/docs/content/installation/other/ansible/installing-operator.md @@ -56,38 +56,53 @@ oc get deployments -n oc get pods -n ``` -## Configure Environment Variables - -After the Crunchy PostgreSQL Operator has successfully been installed we will need -to configure local environment variables before using the `pgo` client. +## Install the `pgo` Client {{% notice info %}} - If TLS authentication was disabled during installation, please see the [TLS Configuration Page] ({{< relref "Configuration/tls.md" >}}) for additional configuration information. - {{% / notice %}} -To configure the environment variables used by `pgo` run the following command: +During or after the installation of PGO: the Postgres Operator, download the `pgo` client set up script. This will help set up your local environment for using the Postgres Operator: -Note: `` should be replaced with the namespace the Crunchy PostgreSQL -Operator was deployed to. +``` +curl https://raw.githubusercontent.com/CrunchyData/postgres-operator/v{{< param operatorVersion >}}/installers/kubectl/client-setup.sh > client-setup.sh +chmod +x client-setup.sh +``` -```bash -cat <> ~/.bashrc -export PGOUSER="${HOME?}/.pgo//pgouser" -export PGO_CA_CERT="${HOME?}/.pgo//client.crt" -export PGO_CLIENT_CERT="${HOME?}/.pgo//client.crt" -export PGO_CLIENT_KEY="${HOME?}/.pgo//client.key" +When the Postgres Operator is done installing, run the client setup script: + +``` +./client-setup.sh +``` + +This will download the `pgo` client and provide instructions for how to easily use it in your environment. It will prompt you to add some environmental variables for you to set up in your session, which you can do with the following commands: + +``` +export PGOUSER="${HOME?}/.pgo/pgo/pgouser" +export PGO_CA_CERT="${HOME?}/.pgo/pgo/client.crt" +export PGO_CLIENT_CERT="${HOME?}/.pgo/pgo/client.crt" +export PGO_CLIENT_KEY="${HOME?}/.pgo/pgo/client.key" export PGO_APISERVER_URL='https://127.0.0.1:8443' -EOF +export PGO_NAMESPACE=pgo ``` -Apply those changes to the current session by running: +If you wish to permanently add these variables to your environment, you can run the following: + +``` +cat <> ~/.bashrc +export PGOUSER="${HOME?}/.pgo/pgo/pgouser" +export PGO_CA_CERT="${HOME?}/.pgo/pgo/client.crt" +export PGO_CLIENT_CERT="${HOME?}/.pgo/pgo/client.crt" +export PGO_CLIENT_KEY="${HOME?}/.pgo/pgo/client.key" +export PGO_APISERVER_URL='https://127.0.0.1:8443' +export PGO_NAMESPACE=pgo +EOF -```bash source ~/.bashrc ``` +**NOTE**: For macOS users, you must use `~/.bash_profile` instead of `~/.bashrc` + ## Verify `pgo` Connection In a separate terminal we need to setup a port forward to the Crunchy PostgreSQL diff --git a/docs/content/installation/other/bash.md b/docs/content/installation/other/bash.md index 52f4b5cdc6..e1994654f7 100644 --- a/docs/content/installation/other/bash.md +++ b/docs/content/installation/other/bash.md @@ -5,18 +5,18 @@ draft: false weight: 100 --- -A full installation of the Operator includes the following steps: +A full installation of PGO includes the following steps: - create a project structure - configure your environment variables - - configure Operator templates + - configure PGO templates - create security resources - deploy the operator - - install pgo CLI (end user command tool) + - install `pgo` client (end user command tool) -Operator end-users are only required to install the pgo CLI client on their host and can skip the server-side installation steps. pgo CLI clients are provided for Linux, Mac, and Windows clients. +PGO end-users are only required to install the `pgo` client on their host and can skip the server-side installation steps. `pgo` clients are provided for Linux, Mac, and Windows clients. -The Operator can be deployed by multiple methods including: +PGO can be deployed by multiple methods including: * default installation * Ansible playbook installation @@ -25,7 +25,7 @@ The Operator can be deployed by multiple methods including: ## Default Installation - Create Project Structure -The Operator follows a golang project structure, you can create a structure as follows on your local Linux host: +PGO follows a golang project structure, you can create a structure as follows on your local Linux host: mkdir -p $HOME/odev/src/github.com/crunchydata $HOME/odev/bin $HOME/odev/pkg cd $HOME/odev/src/github.com/crunchydata @@ -59,9 +59,9 @@ for Kubernetes events. This value is set as follows: This means namespaces called *pgouser1* and *pgouser2* will be created as part of the default installation. -{{% notice warning %}}In Kubernetes versions prior to 1.12 (including Openshift up through 3.11), there is a limitation that requires an extra step during installation for the operator to function properly with watched namespaces. This limitation does not exist when using Kubernetes 1.12+. When a list of namespaces are provided through the NAMESPACE environment variable, the setupnamespaces.sh script handles the limitation properly in both the bash and ansible installation. +{{% notice warning %}}In Kubernetes versions prior to 1.12 (including Openshift up through 3.11), there is a limitation that requires an extra step during installation for PGO to function properly with watched namespaces. This limitation does not exist when using Kubernetes 1.12+. When a list of namespaces are provided through the NAMESPACE environment variable, the setupnamespaces.sh script handles the limitation properly in both the bash and ansible installation. -However, if the user wishes to add a new watched namespace after installation, where the user would normally use pgo create namespace to add the new namespace, they should instead run the add-targeted-namespace.sh script or they may give themselves cluster-admin privileges instead of having to run setupnamespaces.sh script. Again, this is only required when running on a Kubernetes distribution whose version is below 1.12. In Kubernetes version 1.12+ the pgo create namespace command works as expected. +However, if the user wishes to add a new watched namespace after installation, where the user would normally use `pgo create namespace` to add the new namespace, they should instead run the add-targeted-namespace.sh script or they may give themselves cluster-admin privileges instead of having to run setupnamespaces.sh script. Again, this is only required when running on a Kubernetes distribution whose version is below 1.12. In Kubernetes version 1.12+ the pgo create namespace command works as expected. {{% /notice %}} @@ -83,13 +83,13 @@ Create the Operator namespaces using the Makefile target: The [Design](/design) section of this documentation talks further about the use of namespaces within the Operator. -## Default Installation - Configure Operator Templates +## Default Installation - Configure PGO Templates -Within the Operator [*PGO_CONF_DIR*](/developer-setup/) directory are several configuration files and templates used by the Operator to determine the various resources that it deploys on your Kubernetes cluster, specifically the PostgreSQL clusters it deploys. +Within PGO's [*PGO_CONF_DIR*](/developer-setup/) directory are several configuration files and templates used by PGO to determine the various resources that it deploys on your Kubernetes cluster, specifically the PostgreSQL clusters it deploys. -When you install the Operator you must make choices as to what kind of storage the Operator has to work with for example. Storage varies with each installation. As an installer, you would modify these configuration templates used by the Operator to customize its behavior. +When you install PGO you must make choices as to what kind of storage the Operator has to work with for example. Storage varies with each installation. As an installer, you would modify these configuration templates used by the Operator to customize its behavior. -**Note**: when you want to make changes to these Operator templates and configuration files after your initial installation, you will need to re-deploy the Operator in order for it to pick up any future configuration changes. +**Note**: when you want to make changes to these PGO templates and configuration files after your initial installation, you will need to re-deploy the Operator in order for it to pick up any future configuration changes. Here are some common examples of configuration changes most installers would make: @@ -110,12 +110,10 @@ Listed above are the *pgo.yaml* sections related to storage choices. *PrimarySt This sort of configuration allows for a PostgreSQL primary and replica to use different storage if you want. Other storage settings like *AccessMode*, *Size*, *StorageType*, and *StorageClass* further define the storage configuration. Currently, NFS, HostPath, and Storage Classes are supported in the configuration. -As part of the Operator installation, you will need to adjust these storage settings to suit your deployment requirements. For users wanting to try +As part of PGO installation, you will need to adjust these storage settings to suit your deployment requirements. For users wanting to try out the Operator on Google Kubernetes Engine you would make the following change to the storage configuration in pgo.yaml: - - For NFS Storage, it is assumed that there are sufficient Persistent Volumes (PV) created for the Operator to use when it creates Persistent Volume Claims (PVC). The creation of Persistent Volumes is something a Kubernetes cluster-admin user would typically provide before installing the Operator. There is an example script which can be used to create NFS Persistent Volumes located here: ./pv/create-nfs-pv.sh @@ -135,11 +133,11 @@ Operator. Other settings in *pgo.yaml* are described in the [pgo.yaml Configuration](/configuration/pgo-yaml-configuration) section of the documentation. -## Operator Security +## PGO Security -The Operator implements its own RBAC (Role Based Access Controls) for authenticating Operator users access to the Operator REST API. +PGO implements its own RBAC (Role Based Access Controls) for authenticating Operator users access to the PGO REST API. -A default admin user is created when the operator is deployed. Create a .pgouser in your home directory and insert the text from below: +A default admin user is created when PGO is deployed. Create a .pgouser in your home directory and insert the text from below: ``` admin:examplepassword @@ -157,7 +155,7 @@ To create a unique administrator user on deployment of the operator edit this fi $PGOROOT/deploy/install-bootstrap-creds.sh ``` -After installation users can create optional Operator users as follows: +After installation users can create optional PGO users as follows: ``` pgo create pgouser someuser --pgouser-namespaces="pgouser1,pgouser2" --pgouser-password=somepassword --pgouser-roles="somerole,someotherrole" @@ -166,13 +164,13 @@ pgo create pgouser someuser --pgouser-namespaces="pgouser1,pgouser2" --pgouser-p Note, you can also store the pgouser file in alternate locations, see the Security documentation for details. -Operator security is discussed in the Security section [Security](/security) of the documentation. +PGO security is further discussed in the section [Security]({{< relref "security/_index.md" >}}) section of the documentation. Adjust these settings to meet your local requirements. ## Default Installation - Create Kubernetes RBAC Controls -The Operator installation requires Kubernetes administrators to create Resources required by the Operator. These resources are only allowed to be created by a cluster-admin user. To install on Google Cloud, you will need a user +PGO installation requires Kubernetes administrators to create Resources required by PGO. These resources are only allowed to be created by a cluster-admin user. To install on Google Cloud, you will need a user account with cluster-admin privileges. If you own the GKE cluster you are installing on, you can add cluster-admin role to your account as follows: @@ -185,9 +183,9 @@ Tor create the Kubernetes RBAC used by the Operator, run the following as a clus make installrbac -This set of Resources is created a single time unless a new Operator +This set of Resources is created a single time unless a new PGO release requires these Resources to be recreated. Note that when you -run *make installrbac* the set of keys used by the Operator REST API and +run *make installrbac* the set of keys used by the PGO REST API and also the pgbackrest ssh keys are generated. Verify the Operator Custom Resource Definitions are created as follows: @@ -199,14 +197,15 @@ You should see the *pgclusters* CRD among the listed CRD resource types. See the Security documentation for a description of the various RBAC resources created and used by the Operator. -## Default Installation - Deploy the Operator +## Default Installation - Deploy PGO + At this point, you as a normal Kubernetes user should be able to deploy the Operator. To do this, run the following Makefile target: make deployoperator -This will cause any existing Operator to be removed first, then the configuration to be bundled into a ConfigMap, then the Operator Deployment to be created. +This will cause any existing PGO installation to be removed first, then the configuration to be bundled into a ConfigMap, then the Operator Deployment to be created. -This will create a postgres-operator Deployment and a postgres-operator Service.Operator administrators needing to make changes to the Operator +This will create a postgres-operator Deployment and a postgres-operator Service.Operator administrators needing to make changes to the PGO configuration would run this make target to pick up any changes to pgo.yaml, pgo users/roles, or the Operator templates. @@ -217,17 +216,20 @@ created using the default installation by running the following: make cleannamespaces -This will permanently delete each namespace the Operator installation +This will permanently delete each namespace the PGO installation created previously. -## pgo CLI Installation -Most users will work with the Operator using the *pgo* CLI tool. That tool is downloaded from the GitHub Releases page for the Operator (https://github.com/crunchydata/postgres-operator/releases). Crunchy Enterprise Customer can download the pgo binaries from https://access.crunchydata.com/ on the downloads page. +## `pgo` client Installation -The *pgo* client is provided in Mac, Windows, and Linux binary formats, +Most users will work with the Operator using the `pgo` client. That tool is downloaded from the GitHub Releases page for the Operator (https://github.com/crunchydata/postgres-operator/releases). Crunchy Data customers can download the `pgo` binaries from https://access.crunchydata.com/ on the downloads page. + +The `pgo` client is provided in Mac, Windows, and Linux binary formats, download the appropriate client to your local laptop or workstation to work with a remote Operator. +You can also use the `pgo-client` container. + {{% notice info %}} If TLS authentication was disabled during installation, please see the [TLS Configuration Page] ({{< relref "Configuration/tls.md" >}}) for additional configuration information. @@ -245,9 +247,9 @@ Prior to using *pgo*, users testing the Operator on a single host can specify th pgo version ``` -That URL address needs to be reachable from your local *pgo* client host. Your Kubernetes administrator will likely need to create a network route, ingress, or LoadBalancer service to expose the Operator REST API to applications outside of the Kubernetes cluster. Your Kubernetes administrator might also allow you to run the Kubernetes port-forward command, contact your administrator for details. +That URL address needs to be reachable from your local `pgo` client host. Your Kubernetes administrator will likely need to create a network route, ingress, or LoadBalancer service to expose the PGO REST API to applications outside of the Kubernetes cluster. Your Kubernetes administrator might also allow you to run the Kubernetes port-forward command, contact your administrator for details. -Next, the *pgo* client needs to reference the keys used to secure the Operator REST API: +Next, the `pgo` client needs to reference the keys used to secure the PGO REST API: ``` export PGO_CA_CERT=$PGOROOT/conf/postgres-operator/server.crt @@ -259,7 +261,7 @@ You can also specify these keys on the command line as follows: pgo version --pgo-ca-cert=$PGOROOT/conf/postgres-operator/server.crt --pgo-client-cert=$PGOROOT/conf/postgres-operator/server.crt --pgo-client-key=$PGOROOT/conf/postgres-operator/server.key -{{% notice tip %}} if you are running the Operator on Google Cloud, you would open up another terminal and run *kubectl port-forward ...* to forward the Operator pod port 8443 to your localhost where you can access the Operator API from your local workstation. +{{% notice tip %}} if you are running PGO on Google Cloud, you would open up another terminal and run *kubectl port-forward ...* to forward the Postgres Operator pod port 8443 to your localhost where you can access the PGO API from your local workstation. {{% /notice %}} At this point, you can test connectivity between your laptop or workstation and the Postgres Operator deployed on a Kubernetes cluster as follows: @@ -270,7 +272,7 @@ You should get back a valid response showing the client and server version numbe ## Verify the Installation -Now that you have deployed the Operator, you can verify that it is running correctly. +Now that you have deployed PGO, you can verify that it is running correctly. You should see a pod running that contains the Operator: @@ -281,10 +283,10 @@ You should see a pod running that contains the Operator: That pod should show 3 of 3 containers in *running* state and that the operator is installed into the *pgo* namespace. -The sample environment script, examples/env.sh, if used creates some bash functions that you can use to view the Operator logs. This is useful in case you find one of the Operator containers not in a running status. +The sample environment script, examples/env.sh, if used creates some bash functions that you can use to view the Postgres Operator logs. This is useful in case you find one of the PGO containers not in a running status. -Using the pgo CLI, you can verify the versions of the client and server match as follows: +Using the `pgo` client, you can verify the versions of the client and server match as follows: pgo version -This also tests connectivity between your pgo client host and the Operator server. +This also tests connectivity between your `pgo` client host and Postgres Operator container. diff --git a/docs/content/installation/other/google-cloud-marketplace.md b/docs/content/installation/other/google-cloud-marketplace.md index 64fa52a684..78885dc7af 100644 --- a/docs/content/installation/other/google-cloud-marketplace.md +++ b/docs/content/installation/other/google-cloud-marketplace.md @@ -5,7 +5,7 @@ draft: false weight: 200 --- -The PostgreSQL Operator is installed as part of [Crunchy PostgreSQL for GKE][gcm-listing] +PGO: the PostgreSQL Operator from Crunchy Data is installed as part of [Crunchy PostgreSQL for GKE][gcm-listing] that is available in the Google Cloud Marketplace. [gcm-listing]: https://console.cloud.google.com/marketplace/details/crunchydata/crunchy-postgresql-operator @@ -16,7 +16,6 @@ that is available in the Google Cloud Marketplace. Install [Crunchy PostgreSQL for GKE][gcm-listing] to a Google Kubernetes Engine cluster using Google Cloud Marketplace. - ## Step 2: Verify Installation Install `kubectl` using the `gcloud components` command of the [Google Cloud SDK][sdk-install] or @@ -25,7 +24,7 @@ by following the [Kubernetes documentation][kubectl-install]. [kubectl-install]: https://kubernetes.io/docs/tasks/tools/install-kubectl/ [sdk-install]: https://cloud.google.com/sdk/docs/install -Using the `gcloud` utility, ensure you are logged into the GKE cluster in which you installed the +Using the `gcloud` utility, ensure you are logged into the GKE cluster in which you installed PGO, the PostgreSQL Operator, and see that it is running in the namespace in which you installed it. For example, in the `pgo` namespace: @@ -44,7 +43,7 @@ pod/postgres-operator-56d6ccb97-tmz7m 4/4 Running 0 2m ``` -## Step 3: Install the PostgreSQL Operator User Keys +## Step 3: Install the PGO User Keys You will need to get TLS keys used to secure the Operator REST API. Again, in the `pgo` namespace: @@ -54,9 +53,9 @@ kubectl -n pgo get secret pgo.tls -o 'go-template={{ index .data "tls.key" | bas ``` -## Step 4: Setup PostgreSQL Operator User +## Step 4: Setup PGO User -The PostgreSQL Operator implements its own role-based access control (RBAC) system for authenticating and authorization PostgreSQL Operator users access to its REST API. A default PostgreSQL Operator user (aka a "pgouser") is created as part of the marketplace installation (these credentials are set during the marketplace deployment workflow). +PGO implements its own role-based access control (RBAC) system for authenticating and authorization PostgreSQL Operator users access to its REST API. A default PostgreSQL Operator user (aka a "pgouser") is created as part of the marketplace installation (these credentials are set during the marketplace deployment workflow). Create the pgouser file in `${HOME?}/.pgo//pgouser` and insert the user and password you created on deployment of the PostgreSQL Operator via GCP Marketplace. For example, if you set up a user with the username of `username` and a password of `hippo`: @@ -67,7 +66,7 @@ username:hippo ## Step 5: Setup Environment variables -The PostgreSQL Operator Client uses several environmental variables to make it easier for interfacing with the PostgreSQL Operator. +The `pgo` Client uses several environmental variables to make it easier for interfacing with the PGO, the Postgres Operator. Set the environmental variables to use the key / certificate pair that you pulled in Step 3 was deployed via the marketplace. Using the previous examples, You can set up environment variables with the following command: @@ -98,13 +97,13 @@ source ~/.bashrc **NOTE**: For macOS users, you must use `~/.bash_profile` instead of `~/.bashrc` -## Step 6: Install the PostgreSQL Operator Client `pgo` +## Step 6: Install the `pgo` Client -The [`pgo` client](/pgo-client/) provides a helpful command-line interface to perform key operations on a PostgreSQL Operator, such as creating a PostgreSQL cluster. +The [`pgo` client](/pgo-client/) provides a helpful command-line interface to perform key operations on a PGO Deployment, such as creating a PostgreSQL cluster. The `pgo` client can be downloaded from GitHub [Releases](https://github.com/crunchydata/postgres-operator/releases) (subscribers can download it from the [Crunchy Data Customer Portal](https://access.crunchydata.com)). -Note that the `pgo` client's version must match the version of the PostgreSQL Operator that you have deployed. For example, if you have deployed version {{< param operatorVersion >}} of the PostgreSQL Operator, you must use the `pgo` for {{< param operatorVersion >}}. +Note that the `pgo` client's version must match the deployed version of PGO. For example, if you have deployed version {{< param operatorVersion >}} of the PostgreSQL Operator, you must use the `pgo` for {{< param operatorVersion >}}. Once you have download the `pgo` client, change the permissions on the file to be executable if need be as shown below: @@ -112,9 +111,9 @@ Once you have download the `pgo` client, change the permissions on the file to b chmod +x pgo ``` -## Step 7: Connect to the PostgreSQL Operator +## Step 7: Connect to PGO -Finally, let's see if we can connect to the PostgreSQL Operator from the `pgo` client. In order to communicate with the PostgreSQL Operator API server, you will first need to set up a [port forward](https://kubernetes.io/docs/tasks/access-application-cluster/port-forward-access-application-cluster/) to your local environment. +Finally, let's see if we can connect to the Postgres Operator from the `pgo` client. In order to communicate with the PGO API server, you will first need to set up a [port forward](https://kubernetes.io/docs/tasks/access-application-cluster/port-forward-access-application-cluster/) to your local environment. In a new console window, run the following command to set up a port forward: @@ -137,7 +136,7 @@ pgo-apiserver version {{< param operatorVersion >}} ## Step 8: Create a Namespace -We are almost there! You can optionally add a namespace that can be managed by the PostgreSQL Operator to watch and to deploy a PostgreSQL cluster into. +We are almost there! You can optionally add a namespace that can be managed by PGO to watch and to deploy a PostgreSQL cluster into. ```shell pgo create namespace wateringhole @@ -194,4 +193,3 @@ cluster : hippo ``` The `pgo test` command provides you the basic information you need to connect to your PostgreSQL cluster from within your Kubernetes environment. For more detailed information, you can use `pgo show cluster -n wateringhole hippo`. - diff --git a/docs/content/installation/other/helm.md b/docs/content/installation/other/helm.md index b4bab8ff26..43da7fd553 100644 --- a/docs/content/installation/other/helm.md +++ b/docs/content/installation/other/helm.md @@ -5,12 +5,13 @@ draft: false weight: 100 --- -# The PostgreSQL Operator Helm Chart +# PGO: The Postgres Operator Helm Chart ## Overview -The PostgreSQL Operator comes with a container called `pgo-deployer` which -handles a variety of lifecycle actions for the PostgreSQL Operator, including: +PGO, the Postgres Operator from Crunchy Data, comes with a +container called `pgo-deployer` which handles a variety of +lifecycle actions for the PostgreSQL Operator, including: - Installation - Upgrading @@ -178,11 +179,11 @@ pgo-apiserver version {{< param operatorVersion >}} ## Upgrade and Uninstall -Once install has be completed using Helm, it will also be used to upgrade and +Once install has be completed using Helm, it will also be used to upgrade and uninstall your PostgreSQL Operator. {{% notice tip %}} -The `name` and `namespace` in the following sections should match the options +The `name` and `namespace` in the following sections should match the options provided at install. {{% /notice %}} @@ -208,7 +209,7 @@ helm uninstall -n ## Debugging -When the `pgo-deployer` job does not complete successfully, the resources that +When the `pgo-deployer` job does not complete successfully, the resources that are created and normally cleaned up by Helm will be left in your Kubernetes cluster. This will allow you to use the failed job and its logs to debug the issue. The following command will show the logs for the `pgo-deployer` diff --git a/docs/content/installation/other/operator-hub.md b/docs/content/installation/other/operator-hub.md index 9b077ef073..f0fbdb0c52 100644 --- a/docs/content/installation/other/operator-hub.md +++ b/docs/content/installation/other/operator-hub.md @@ -6,7 +6,7 @@ weight: 200 --- If your Kubernetes cluster is already running the [Operator Lifecycle Manager][OLM], -the PostgreSQL Operator can be installed as part of [Crunchy PostgreSQL for Kubernetes][hub-listing] +then PGO, the Postgres Operator from Crunchy Data, can be installed as part of [Crunchy PostgreSQL for Kubernetes][hub-listing] that is available in OperatorHub.io. [hub-listing]: https://operatorhub.io/operator/postgresql @@ -15,64 +15,23 @@ that is available in OperatorHub.io. ## Before You Begin -There are a few manual steps that the cluster administrator must perform prior to installing the PostgreSQL Operator. -At the very least, it must be provided with an initial configuration. +There are some optional Secrets you can add before installing the PostgreSQL Operator into your cluster. -First, make sure OLM and the OperatorHub.io catalog are installed by running -`kubectl get CatalogSources --all-namespaces`. You should see something similar to the following: +### Secrets (optional) -``` -NAMESPACE NAME DISPLAY TYPE PUBLISHER -olm operatorhubio-catalog Community Operators grpc OperatorHub.io -``` - -Take note of the name and namespace above, you will need them later on. - -Next, select a namespace in which to install the PostgreSQL Operator. PostgreSQL clusters will also be deployed here. -If it does not exist, create it now. - -``` -export PGO_OPERATOR_NAMESPACE=pgo -kubectl create namespace "$PGO_OPERATOR_NAMESPACE" -``` - -Next, clone the PostgreSQL Operator repository locally. - -``` -git clone -b v{{< param operatorVersion >}} https://github.com/CrunchyData/postgres-operator.git -cd postgres-operator -``` - -### PostgreSQL Operator Configuration - -Edit `conf/postgres-operator/pgo.yaml` to configure the deployment. Look over all of the options and make any -changes necessary for your environment. A full description of each option is available in the -[`pgo.yaml` configuration guide]({{< relref "configuration/pgo-yaml-configuration.md" >}}). - -When the file is ready, upload the entire directory to the `pgo-config` ConfigMap. - -``` -kubectl -n "$PGO_OPERATOR_NAMESPACE" create configmap pgo-config \ - --from-file=./conf/postgres-operator -``` - -### Secrets - -Configure pgBackRest for your environment. If you do not plan to use AWS S3 to store backups, you can omit -the `aws-s3` keys below. +If you plan to use AWS S3 to store backups and would like to have the keys available for every backup, you can create a Secret as described below: ``` kubectl -n "$PGO_OPERATOR_NAMESPACE" create secret generic pgo-backrest-repo-config \ - --from-file=./installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/config \ - --from-file=./installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/sshd_config \ - --from-file=./installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/aws-s3-ca.crt \ --from-literal=aws-s3-key="" \ --from-literal=aws-s3-key-secret="" +kubectl -n "$PGO_OPERATOR_NAMESPACE" label secret pgo-backrest-repo-config \ + vendor=crunchydata ``` ### Certificates (optional) -The PostgreSQL Operator has an API that uses TLS to communicate securely with clients. If you have +PGO has an API that uses TLS to communicate securely with clients. If you have a certificate bundle validated by your organization, you can install it now. If not, the API will automatically generate and use a self-signed certificate. @@ -82,9 +41,6 @@ kubectl -n "$PGO_OPERATOR_NAMESPACE" create secret tls pgo.tls \ --key=/path/to/server.key ``` -Once these resources are in place, the PostgreSQL Operator can be installed into the cluster. - - ## Installation Create an `OperatorGroup` and a `Subscription` in your chosen namespace. @@ -117,7 +73,7 @@ YAML ## After You Install -Once the PostgreSQL Operator is installed in your Kubernetes cluster, you will need to do a few things +Once PGO is installed in your Kubernetes cluster, you will need to do a few things to use the [PostgreSQL Operator Client]({{< relref "/pgo-client/_index.md" >}}). Install the first set of client credentials and download the `pgo` binary and client certificates. @@ -127,7 +83,7 @@ PGO_CMD=kubectl ./deploy/install-bootstrap-creds.sh PGO_CMD=kubectl ./installers/kubectl/client-setup.sh ``` -The client needs to be able to reach the PostgreSQL Operator API from outside the Kubernetes cluster. +The client needs to be able to reach the PGO API from outside the Kubernetes cluster. Create an external service or forward a port locally. ``` @@ -152,4 +108,3 @@ pgo version # pgo client version {{< param operatorVersion >}} # pgo-apiserver version {{< param operatorVersion >}} ``` - diff --git a/docs/content/installation/pgo-client.md b/docs/content/installation/pgo-client.md index 69dae759e1..6c584168df 100644 --- a/docs/content/installation/pgo-client.md +++ b/docs/content/installation/pgo-client.md @@ -1,5 +1,5 @@ --- -title: "Install `pgo` Client" +title: "Install \"pgo\" Client" date: draft: false weight: 30 @@ -8,23 +8,22 @@ weight: 30 # Install the PostgreSQL Operator (`pgo`) Client The following will install and configure the `pgo` client on all systems. For the -purpose of these instructions it's assumed that the Crunchy PostgreSQL Operator -is already deployed. +purpose of these instructions it's assumed that PGO: the Postgres Operator from Crunchy +Data is already deployed. ## Prerequisites * For Kubernetes deployments: [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) configured to communicate with Kubernetes * For OpenShift deployments: [oc](https://docs.openshift.com/container-platform/3.11/cli_reference/get_started_cli.html) configured to communicate with OpenShift -To authenticate with the Crunchy PostgreSQL Operator API: +To authenticate with the PGO API: * Client CA Certificate * Client TLS Certificate * Client Key * `pgouser` file containing `:` -All of the requirements above should be obtained from an administrator who installed the Crunchy -PostgreSQL Operator. +All of the requirements above should be obtained from an administrator who installed PGO. ## Linux and macOS @@ -288,5 +287,4 @@ properly by simply running the following: pgo version ``` -If the above command outputs versions of both the client and API server, the Crunchy PostgreSQL -Operator client has been installed successfully. +If the above command outputs versions of both the client and API server, the `pgo` client has been installed successfully. diff --git a/docs/content/installation/postgres-operator.md b/docs/content/installation/postgres-operator.md index 0cbd542dd5..0a79ef9019 100644 --- a/docs/content/installation/postgres-operator.md +++ b/docs/content/installation/postgres-operator.md @@ -1,11 +1,11 @@ --- -title: Install the PostgreSQL Operator +title: Install PGO the Postgres Operator date: draft: false weight: 20 --- -# The PostgreSQL Operator Installer +# PGO: Postgres Operator Installer ## Quickstart @@ -23,8 +23,8 @@ the PostgreSQL Operator. ## Overview -The PostgreSQL Operator comes with a container called `pgo-deployer` which -handles a variety of lifecycle actions for the PostgreSQL Operator, including: +PGO comes with a container called `pgo-deployer` which +handles a variety of lifecycle actions for the Postgres Operator, including: - Installation - Upgrading @@ -52,7 +52,7 @@ environmental requirements. By default, the `pgo-deployer` uses a ServiceAccount called `pgo-deployer-sa` that has a ClusterRoleBinding (`pgo-deployer-crb`) with several ClusterRole permissions. This is required to create the [Custom Resource Definitions](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/) -that power the PostgreSQL Operator. While the PostgreSQL Operator itself can be +that power PGO. While the Postgres Operator itself can be scoped to a specific namespace, you will need to have `cluster-admin` for the initial deployment, or privileges that allow you to install Custom Resource Definitions. The required list of privileges are available in the [postgres-operator.yml](https://raw.githubusercontent.com/CrunchyData/postgres-operator/v{{< param operatorVersion >}}/installers/kubectl/postgres-operator.yml) file: @@ -82,7 +82,7 @@ For example, to create the `pgo` namespace: kubectl create namespace pgo ``` -The PostgreSQL Operator has the ability to manage PostgreSQL clusters across +The Postgres Operator has the ability to manage PostgreSQL clusters across multiple Kubernetes [Namespaces](https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/), including the ability to add and remove Namespaces that it watches. Doing so does require the PostgreSQL Operator to have elevated privileges, and as such, @@ -120,7 +120,7 @@ PostgreSQL Operator cannot create the RBAC itself. ## Configuration - `postgres-operator.yml` The `postgres-operator.yml` file contains all of the configuration parameters -for deploying the PostgreSQL Operator. The [example file](https://github.com/CrunchyData/postgres-operator/blob/v{{< param operatorVersion >}}/installers/kubectl/postgres-operator.yml) +for deploying PGO. The [example file](https://github.com/CrunchyData/postgres-operator/blob/v{{< param operatorVersion >}}/installers/kubectl/postgres-operator.yml) contains defaults that should work in most Kubernetes environments, but it may require some customization. @@ -138,7 +138,7 @@ set to `install`, `update`, and `uninstall`. ### Image Pull Secrets -If you are pulling the PostgreSQL Operator images from a private registry, you +If you are pulling PGO images from a private registry, you will need to setup an [imagePullSecret](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/) with access to the registry. The image pull secret will need to be added to the @@ -174,7 +174,7 @@ oc secrets link --for=pull --namespace=}}) for instructions on how to install the PostgreSQL Operator Monitoring infrastructure. diff --git a/docs/content/installation/prerequisites.md b/docs/content/installation/prerequisites.md index 2df54859d9..0a70756057 100644 --- a/docs/content/installation/prerequisites.md +++ b/docs/content/installation/prerequisites.md @@ -7,11 +7,11 @@ weight: 10 # Prerequisites -The following is required prior to installing PostgreSQL Operator. +The following is required prior to installing PGO. ## Environment -The PostgreSQL Operator is tested in the following environments: +PGO is tested in the following environments: * Kubernetes v1.13+ * Red Hat OpenShift v3.11+ @@ -22,7 +22,7 @@ The PostgreSQL Operator is tested in the following environments: #### IBM Cloud Pak Data -If you install the PostgreSQL Operator, which comes with Crunchy +If you install PGO, which comes with Crunchy PostgreSQL for Kubernetes, on IBM Cloud Pak Data, please note the following additional requirements: @@ -33,14 +33,14 @@ additional requirements: * Minimum Memory Requirements: 120MB * Minimum Storage Requirements: 5MB -**Note**: PostgreSQL clusters deployed by the PostgreSQL Operator with +**Note**: PostgreSQL clusters deployed by PGO with Crunchy PostgreSQL for Kubernetes are workload dependent. As such, users should allocate enough resources for their PostgreSQL clusters. ## Client Interfaces -The PostgreSQL Operator installer will install the [`pgo` client]({{< relref "/pgo-client/_index.md" >}}) interface -to help with using the PostgreSQL Operator. However, it is also recommend that +The Postgres Operator installer will install the [`pgo` client]({{< relref "/pgo-client/_index.md" >}}) interface +to help with using PGO. However, it is also recommend that you have access to [`kubectl`](https://kubernetes.io/docs/tasks/tools/install-kubectl/) or [`oc`](https://www.okd.io/download.html) and are able to communicate with the Kubernetes or OpenShift cluster that you are working with. @@ -63,7 +63,7 @@ access to these ports. ### Application Ports -The PostgreSQL Operator deploys different services to support a production +PGO deploys different services to support a production PostgreSQL environment. Below is a list of the applications and their default Service ports. diff --git a/docs/content/pgo-client/_index.md b/docs/content/pgo-client/_index.md index 99c1040882..5be07b540d 100644 --- a/docs/content/pgo-client/_index.md +++ b/docs/content/pgo-client/_index.md @@ -6,11 +6,11 @@ weight: 50 --- The PostgreSQL Operator Client, aka `pgo`, is the most convenient way to -interact with the PostgreSQL Operator. `pgo` provides many convenience methods +interact with the Postgres Operator. `pgo` provides many convenience methods for creating, managing, and deleting PostgreSQL clusters through a series of simple commands. The `pgo` client interfaces with the API that is provided by the PostgreSQL Operator and can leverage the RBAC and TLS systems that are -provided by the PostgreSQL Operator +provided by the PGO: PostgreSQL Operator. ![Architecture](/Operator-Architecture.png) @@ -134,7 +134,7 @@ There are several global flags available to the `pgo` client. | Flag | Description | | :-- | :-- | -| `--apiserver-url` | The URL for the PostgreSQL Operator apiserver that will process the request from the pgo client. | +| `--apiserver-url` | The URL for the PostgreSQL Operator apiserver that will process the request from the pgo client. Note that the URL should **not** end in a `/`. | | `--debug` | Enable additional output for debugging. | | `--disable-tls` | Disable TLS authentication to the Postgres Operator. | | `--exclude-os-trust` | Exclude CA certs from OS default trust store. | @@ -156,7 +156,7 @@ client. | :-- | :-- | | `EXCLUDE_OS_TRUST` | Exclude CA certs from OS default trust store. | | `GENERATE_BASH_COMPLETION` | If set, will allow `pgo` to leverage "bash completion" to help complete commands as they are typed. | -| `PGO_APISERVER_URL` | The URL for the PostgreSQL Operator apiserver that will process the request from the pgo client. | +| `PGO_APISERVER_URL` | The URL for the PostgreSQL Operator apiserver that will process the request from the pgo client. Note that the URL should **not** end in a `/`. | | `PGO_CA_CERT` | The CA certificate file path for authenticating to the PostgreSQL Operator apiserver. | | `PGO_CLIENT_CERT` | The client certificate file path for authenticating to the PostgreSQL Operator apiserver. | | `PGO_CLIENT_KEY` | The client key file path for authenticating to the PostgreSQL Operator apiserver. | diff --git a/docs/content/pgo-client/common-tasks.md b/docs/content/pgo-client/common-tasks.md index a2ea5d1efe..e339789ee0 100644 --- a/docs/content/pgo-client/common-tasks.md +++ b/docs/content/pgo-client/common-tasks.md @@ -107,7 +107,7 @@ which yields output similar to: BasicAuth: "" Cluster: CCPImagePrefix: crunchydata - CCPImageTag: {{< param centosBase >}}-{{< param postgresVersion >}}-{{< param operatorVersion >}} + CCPImageTag: {{< param ubiBase >}}-{{< param postgresVersion >}}-{{< param operatorVersion >}} Policies: "" Metrics: false Badger: false @@ -136,7 +136,7 @@ Cluster: Pgo: Audit: false PGOImagePrefix: crunchydata - PGOImageTag: {{< param centosBase >}}-{{< param operatorVersion >}} + PGOImageTag: {{< param ubiBase >}}-{{< param operatorVersion >}} PrimaryStorage: nfsstorage BackupStorage: nfsstorage ReplicaStorage: nfsstorage @@ -253,7 +253,7 @@ example below, the cluster will use PostgreSQL {{< param postgresVersion >}} and ```shell pgo create cluster hagiscluster \ --ccp-image=crunchy-postgres-gis-ha \ - --ccp-image-tag={{< param centosBase >}}-{{< param postgresVersion >}}-{{< param postgisVersion >}}-{{< param operatorVersion >}} + --ccp-image-tag={{< param ubiBase >}}-{{< param postgresVersion >}}-{{< param postgisVersion >}}-{{< param operatorVersion >}} ``` #### Create a PostgreSQL Cluster with a Tablespace @@ -378,7 +378,7 @@ pgo show cluster hacluster which will yield output similar to: ``` -cluster : hacluster (crunchy-postgres-ha:{{< param centosBase >}}-{{< param postgresVersion >}}-{{< param operatorVersion >}}) +cluster : hacluster (crunchy-postgres-ha:{{< param ubiBase >}}-{{< param postgresVersion >}}-{{< param operatorVersion >}}) pod : hacluster-6dc6cfcfb9-f9knq (Running) on node01 (1/1) (primary) pvc : hacluster resources : CPU Limit= Memory Limit=, CPU Request= Memory Request= @@ -699,7 +699,7 @@ high availability on the PostgreSQL cluster manually. You can re-enable high availability by executing the following command: ``` -pgo update cluster hacluster --autofail=true +pgo update cluster hacluster --enable-autofail ``` ### Logical Backups (`pg_dump` / `pg_dumpall`) @@ -1298,6 +1298,14 @@ pgo create cluster hippo-standby --standby --replica-count=2 \ --password=opensourcehippo ``` +If you are unsure of your user credentials form the original `hippo` cluster, +you can retrieve them using the [`pgo show user`]({{< relref "/pgo-client/reference/pgo_show_user.md" >}}) +command with the `--show-system-accounts` flag: + +``` +pgo show user hippo --show-system-accounts +``` + The standby cluster will take a few moments to bootstrap, but it is now set up! ### Promoting a Standby Cluster diff --git a/docs/content/pgo-client/reference/pgo_update.md b/docs/content/pgo-client/reference/pgo_update.md index 669c841701..e4dca221ae 100644 --- a/docs/content/pgo-client/reference/pgo_update.md +++ b/docs/content/pgo-client/reference/pgo_update.md @@ -9,8 +9,8 @@ Update a pgouser, pgorole, or cluster The update command allows you to update a pgouser, pgorole, or cluster. For example: - pgo update cluster --selector=name=mycluster --autofail=false - pgo update cluster --all --autofail=true + pgo update cluster --selector=name=mycluster --disable-autofail + pgo update cluster --all --enable-autofail pgo update namespace mynamespace pgo update pgbouncer mycluster --rotate-password pgo update pgorole somerole --pgorole-permission="Cat" diff --git a/docs/content/pgo-client/reference/pgo_update_cluster.md b/docs/content/pgo-client/reference/pgo_update_cluster.md index 007c34b0fc..a907eab7be 100644 --- a/docs/content/pgo-client/reference/pgo_update_cluster.md +++ b/docs/content/pgo-client/reference/pgo_update_cluster.md @@ -9,7 +9,7 @@ Update a PostgreSQL cluster Update a PostgreSQL cluster. For example: - pgo update cluster mycluster --autofail=false + pgo update cluster mycluster --disable-autofail pgo update cluster mycluster myothercluster --disable-autofail pgo update cluster --selector=name=mycluster --disable-autofail pgo update cluster --all --enable-autofail diff --git a/docs/content/pgo-client/reference/pgo_upgrade.md b/docs/content/pgo-client/reference/pgo_upgrade.md index 78d787f6f0..534790f189 100644 --- a/docs/content/pgo-client/reference/pgo_upgrade.md +++ b/docs/content/pgo-client/reference/pgo_upgrade.md @@ -7,10 +7,10 @@ Perform a cluster upgrade. ### Synopsis -UPGRADE allows you to perform a comprehensive PGCluster upgrade - (for use after performing a Postgres Operator upgrade). +UPGRADE allows you to perform a comprehensive PGCluster upgrade + (for use after performing a Postgres Operator upgrade). For example: - + pgo upgrade mycluster Upgrades the cluster for use with the upgraded Postgres Operator version. @@ -24,12 +24,13 @@ pgo upgrade [flags] --ccp-image-tag string The image tag to use for cluster creation. If specified, it overrides the default configuration setting and disables tag validation checking. -h, --help help for upgrade --ignore-validation Disables version checking against the image tags when performing an cluster upgrade. + --no-prompt No command line confirmation. ``` ### Options inherited from parent commands ``` - --apiserver-url string The URL for the PostgreSQL Operator apiserver that will process the request from the pgo client. + --apiserver-url string The URL for the PostgreSQL Operator apiserver that will process the request from the pgo client. Note that the URL should **not** end in a '/'. --debug Enable additional output for debugging. --disable-tls Disable TLS authentication to the Postgres Operator. --exclude-os-trust Exclude CA certs from OS default trust store @@ -43,4 +44,4 @@ pgo upgrade [flags] * [pgo](/pgo-client/reference/pgo/) - The pgo command line interface. -###### Auto generated by spf13/cobra on 1-Oct-2020 +###### Auto generated by spf13/cobra on 20-Dec-2020 diff --git a/docs/content/quickstart/_index.md b/docs/content/quickstart/_index.md index dd29d467be..3809578b77 100644 --- a/docs/content/quickstart/_index.md +++ b/docs/content/quickstart/_index.md @@ -5,26 +5,27 @@ draft: false weight: 10 --- -# PostgreSQL Operator Quickstart +# PGO: PostgreSQL Operator Quickstart -Can't wait to try out the PostgreSQL Operator? Let us show you the quickest possible path to getting up and running. +Can't wait to try out PGO, the Postgres Operator from Crunchy Data? Let us show +you the quickest possible path to getting up and running. -There are two paths to quickly get you up and running with the PostgreSQL Operator: +There are two paths to quickly get you up and running with PGO: -- [Installation via the PostgreSQL Operator Installer](#postgresql-operator-installer) +- [Installation via the Postgres Operator Installer](#postgresql-operator-installer) - Installation via a Marketplace - Installation via [Operator Lifecycle Manager]({{< relref "/installation/other/operator-hub.md" >}}) - Installation via [Google Cloud Marketplace]({{< relref "/installation/other/google-cloud-marketplace.md" >}}) Marketplaces can help you get more quickly started in your environment as they provide a mostly automated process, but there are a few steps you will need to take to ensure you can fully utilize your PostgreSQL Operator environment. You can find out more information about how to get started with one of those installers in the [Installation]({{< relref "/installation/_index.md" >}}) section. -# PostgreSQL Operator Installer +# Postgres Operator Installer Below will guide you through the steps for installing and using the PostgreSQL Operator using an installer that works with Ansible. ## Installation -### Install the PostgreSQL Operator +### Install PGO: the PostgreSQL Operator On environments that have a [default storage class](https://kubernetes.io/docs/tasks/administer-cluster/change-default-storage-class/) set up (which is most modern Kubernetes environments), the below command should work: @@ -39,14 +40,14 @@ If your install is unsuccessful, you may need to modify your configuration. Plea ### Install the `pgo` Client -During or after the installation of the PostgreSQL Operator, download the `pgo` client set up script. This will help set up your local environment for using the PostgreSQL Operator: +During or after the installation of PGO: the Postgres Operator, download the `pgo` client set up script. This will help set up your local environment for using the Postgres Operator: ``` curl https://raw.githubusercontent.com/CrunchyData/postgres-operator/v{{< param operatorVersion >}}/installers/kubectl/client-setup.sh > client-setup.sh chmod +x client-setup.sh ``` -When the PostgreSQL Operator is done installing, run the client setup script: +When the Postgres Operator is done installing, run the client setup script: ``` ./client-setup.sh @@ -83,9 +84,9 @@ source ~/.bashrc ### Post-Installation Setup -Below are a few steps to check if the PostgreSQL Operator is up and running. +Below are a few steps to check if PGO: the Postgres Operator is up and running. -By default, the PostgreSQL Operator installs into a namespace called `pgo`. First, see that the Kubernetes Deployment of the Operator exists and is healthy: +By default, PGO installs into a namespace called `pgo`. First, see that the Kubernetes Deployment of PGO exists and is healthy: ``` kubectl -n pgo get deployments @@ -111,7 +112,7 @@ NAME READY STATUS RESTARTS AGE postgres-operator-56d6ccb97-tmz7m 4/4 Running 0 2m ``` -Finally, let's see if we can connect to the PostgreSQL Operator from the `pgo` command-line client. The Ansible installer installs the `pgo` command line client into your environment, along with the username/password file that allows you to access the PostgreSQL Operator. In order to communicate with the PostgreSQL Operator API server, you will first need to set up a [port forward](https://kubernetes.io/docs/tasks/access-application-cluster/port-forward-access-application-cluster/) to your local environment. +Finally, let's see if we can connect to the Postgres Operator from the `pgo` command-line client. The Ansible installer installs the `pgo` command line client into your environment, along with the username/password file that allows you to access the PostgreSQL Operator. In order to communicate with the PostgreSQL Operator API server, you will first need to set up a [port forward](https://kubernetes.io/docs/tasks/access-application-cluster/port-forward-access-application-cluster/) to your local environment. In a new console window, run the following command to set up a port forward: @@ -134,7 +135,7 @@ pgo-apiserver version {{< param operatorVersion >}} ## Create a PostgreSQL Cluster -The quickstart installation method creates a namespace called `pgo` where the PostgreSQL Operator manages PostgreSQL clusters. Try creating a PostgreSQL cluster called `hippo`: +The quickstart installation method creates a namespace called `pgo` where PGO, the Postgres Operator, manages PostgreSQL clusters. Try creating a PostgreSQL cluster called `hippo`: ``` pgo create cluster -n pgo hippo @@ -155,7 +156,7 @@ created Pgcluster hippo workflow id 1cd0d225-7cd4-4044-b269-aa7bedae219b ``` -This will create a PostgreSQL cluster named `hippo`. It may take a few moments for the cluster to be provisioned. You can see the status of this cluster using the [`pgo test`]({{< relref "pgo-client/reference/pgo_test.md" >}}) command: +This will create a Postgres cluster named `hippo`. It may take a few moments for the cluster to be provisioned. You can see the status of this cluster using the [`pgo test`]({{< relref "pgo-client/reference/pgo_test.md" >}}) command: ``` pgo test -n pgo hippo @@ -175,7 +176,7 @@ The `pgo test` command provides you the basic information you need to connect to ## Connect to a PostgreSQL Cluster -By default, the PostgreSQL Operator creates a database inside the cluster with the same name of the cluster, in this case, `hippo`. Below demonstrates how we can connect to `hippo`. +By default, PGO creates a database inside the cluster with the same name of the cluster, in this case, `hippo`. Below demonstrates how we can connect to `hippo`. ### How Users Work @@ -193,7 +194,7 @@ CLUSTER USERNAME PASSWORD EXPIRES STATUS ERROR hippo testuser datalake never ok ``` -To get the information about all PostgreSQL users that the PostgreSQL Operator is managing, you will need to use the `--show-system-accounts` flag: +To get the information about all PostgreSQL users that PGO is managing, you will need to use the `--show-system-accounts` flag: ``` pgo show user -n pgo hippo --show-system-accounts @@ -217,7 +218,7 @@ The `primaryuser` is the used for replication and [high availability]({{< relref Let's see how we can connect to `hippo` using [`psql`](https://www.postgresql.org/docs/current/app-psql.html), the command-line tool for accessing PostgreSQL. Ensure you have [installed the `psql` client](https://www.crunchydata.com/developers/download-postgres/binaries/postgresql12). -The PostgreSQL Operator creates a service with the same name as the cluster. See for yourself! Get a list of all of the Services available in the `pgo` namespace: +PGO, the Postgres Operator, creates a service with the same name as the cluster. See for yourself! Get a list of all of the Services available in the `pgo` namespace: ``` kubectl -n pgo get svc @@ -293,7 +294,7 @@ For more information, please see the section on [pgAdmin 4]({{< relref "architec Some Kubernetes environments may require you to customize the configuration for the PostgreSQL Operator installer. The below provides a guide on the common parameters that require modification, though this may vary based on your installation. For a full reference, please visit the [Installation]({{< relref "/installation/_index.md" >}}) section. -If you already attempted to install the PostgreSQL Operator and that failed, the easiest way to clean up that installation is to delete the [Namespace](https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/) that you attempted to install the PostgreSQL Operator into. **Note: This deletes all of the other objects in the Namespace, so please be sure this is OK!** +If you already attempted to install PGO and that failed, the easiest way to clean up that installation is to delete the [Namespace](https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/) that you attempted to install the Postgres Operator into. **Note: This deletes all of the other objects in the Namespace, so please be sure this is OK!** To delete the namespace, you can run the following command: @@ -301,15 +302,15 @@ To delete the namespace, you can run the following command: kubectl delete namespace pgo ``` -#### Get the PostgreSQL Operator Installer Manifest +#### Get the Postgres Operator Installer Manifest -You will need to download the PostgreSQL Operator Installer manifest to your environment, which you can do with the following command: +You will need to download the Postgres Operator Installer manifest to your environment, which you can do with the following command: ``` curl https://raw.githubusercontent.com/CrunchyData/postgres-operator/v{{< param operatorVersion >}}/installers/kubectl/postgres-operator.yml > postgres-operator.yml ``` -#### Configure the PostgreSQL Operator Installer +#### Configure the Postgres Operator Installer There are many [configuration parameters]({{< relref "/installation/configuration.md">}}) to help you fine tune your installation, but there are a few that you may want to change to get the PostgreSQL Operator to run in your environment. Open up the `postgres-operator.yml` file and edit a few variables. @@ -326,11 +327,11 @@ primary_storage: "nfsstorage" replica_storage: "nfsstorage" ``` -If you are using either Openshift or CodeReady Containers and you have a `restricted` Security Context Constraint, you will need to set `disable_fsgroup` to `true` in order to deploy the PostgreSQL Operator. +If you are using either OpenShift or CodeReady Containers and you have a `restricted` Security Context Constraint, you will need to set `disable_fsgroup` to `true` in order to deploy PGO. For a full list of available storage types that can be used with this installation method, please review the [configuration parameters]({{< relref "/installation/configuration.md">}}). -When you are done editing the file, you can install the PostgreSQL Operator by running the following commands: +When you are done editing the file, you can install PGO by running the following commands: ``` kubectl create namespace pgo diff --git a/docs/content/releases/4.5.1.md b/docs/content/releases/4.5.1.md new file mode 100644 index 0000000000..eeed22c013 --- /dev/null +++ b/docs/content/releases/4.5.1.md @@ -0,0 +1,38 @@ +--- +title: "4.5.1" +date: +draft: false +weight: 69 +--- + +Crunchy Data announces the release of the PostgreSQL Operator 4.5.1 on November 13, 2020. + +The PostgreSQL Operator is released in conjunction with the [Crunchy Container Suite](https://github.com/CrunchyData/crunchy-containers/). + +PostgreSQL Operator 4.5.1 release includes the following software versions upgrades: + +- [PostgreSQL](https://www.postgresql.org) is now at versions 13.1, 12.5, 11.10, 10.15, 9.6.20, and 9.5.24. +- [Patroni](https://patroni.readthedocs.io/) is now at version 2.0.1. +- PL/Perl can now be used in the PostGIS-enabled containers. + +## Changes + +- Simplified creation of a PostgreSQL cluster from a `pgcluster` resource. A user no longer has to provide a pgBackRest repository Secret: the Postgres Operator will now automatically generate this. +- The exposed ports for Services associated with a cluster is now available from the `pgo show cluster` command. +- If the `pgo-config` ConfigMap is not created during the installation of the Postgres Operator, the Postgres Operator will generate one when it initializes. +- Providing a value for `pgo_admin_password` in the installer is now optional. If no value is provided, the password for the initial administrative user is randomly generated. +- Added an example for how to create a PostgreSQL cluster that uses S3 for pgBackRest backups via a custom resource. + +## Fixes + +- Fix readiness check for a standby leader. Previously, the standby leader would not report as ready, even though it was. Reported by Alec Rooney (@alrooney). +- Proper determination if a `pgcluster` custom resource creation has been processed by its corresponding Postgres Operator controller. This prevents the custom resource from being run by the creation logic multiple times. +- Prevent `initdb` (cluster reinitialization) from occurring if the PostgreSQL container cannot initialize while bootstrapping from an existing PGDATA directory. +- Fix issue with UBI 8 / CentOS 8 when running a pgBackRest bootstrap or restore job, where duplicate "repo types" could be set. Specifically, the ensures the name of the repo type is set via the `PGBACKREST_REPO1_TYPE` environmental variable. Reported by Alec Rooney (@alrooney). +- Ensure external WAL and Tablespace PVCs are fully recreated during a restore. Reported by (@aurelien43). +- Ensure `pgo show backup` will work regardless of state of any of the PostgreSQL clusters. This pulls the information directly from the pgBackRest Pod itself. Reported by (@saltenhub). +- Ensure that sidecars (e.g. metrics collection, pgAdmin 4, pgBouncer) are deployable when using the PostGIS-enabled PostgreSQL image. Reported by Jean-Denis Giguère (@jdenisgiguere). +- Allow for special characters in pgBackRest environmental variables. Reported by (@SockenSalat). +- Ensure password for the `pgbouncer` administrative user stays synchronized between an existing Kubernetes Secret and PostgreSQL should the pgBouncer be recreated. +- When uninstalling an instance of the Postgres Operator in a Kubernetes cluster that has multiple instances of the Postgres Operator, ensure that only the requested instance to be uninstalled is the one that's uninstalled. +- The logger no longer defaults to using a log level of `DEBUG`. diff --git a/docs/content/releases/4.5.2.md b/docs/content/releases/4.5.2.md new file mode 100644 index 0000000000..3914ef2b2d --- /dev/null +++ b/docs/content/releases/4.5.2.md @@ -0,0 +1,54 @@ +--- +title: "4.5.2" +date: +draft: false +weight: 68 +--- + +Crunchy Data announces the release of the PostgreSQL Operator 4.5.2 on February 23, 2021. + +The PostgreSQL Operator is released in conjunction with the [Crunchy Container Suite](https://github.com/CrunchyData/crunchy-containers/). + +PostgreSQL Operator 4.5.2 release includes the following software versions upgrades: + +- [PostgreSQL](https://www.postgresql.org) is now at versions 13.2, 12.6, 11.11, 10.16, 9.6.21, and 9.5.25. +- pgnodemx now uses version 1.0.3 + +PostgreSQL Operator is tested against Kubernetes 1.17 - 1.20, OpenShift 3.11, OpenShift 4.4+, Google Kubernetes Engine (GKE), Amazon EKS, Microsoft AKS, and VMware Enterprise PKS 1.3+, and works on other Kubernetes distributions as well. + +## Changes + +- `crunchy-postgres-exporter` now exposes several pgMonitor metrics related to `pg_stat_statements`. +- When using the `--restore-from` option on `pgo create cluster` to create a new PostgreSQL cluster, the cluster bootstrap Job is now automatically removed if it completes successfully. +- PostgreSQL JIT compilation is explicitly disabled on new cluster creation. This prevents a memory leak that has been observed on queries coming from the metrics exporter. +- The `--compress-type` flag is now supported for the backup options (`--backup-opts`) for pgBackRest backups with `pgo backup`. `none`, `gz`, `bz2`, and `lz4` are all supported. Presently `zst` is not supported. +- The post-cluster creation pgBackRest tasks, i.e. creating a stanza and creating an initial backup, are now deleted by the Operator should they complete successfully. Besides good housekeeping, this provides a workaround for an OpenShift 3.11 bug that was causing the Operator to continuously issue pgBackRest backups during an OpenShift refresh cycle. Reported by Paul Heinen (@v3nturetheworld). +- Add the `--no-prompt` flag to `pgo upgrade`. The mechanism to disable the prompt verification was already in place, but the flag was not exposed. Reported by (@devopsevd). +- Removes certain characters that causes issues in shell environments from consideration when using the random password generator, which is used to create default passwords or with `--rotate-password`. +- Allow for the `--link-map` attribute for a pgBackRest option, which can help with the restore of an existing cluster to a new cluster that adds an external WAL volume. + +## Fixes + +- Fix issue where `pgo test` would indicate every Service was a replica if the cluster name contained the word `replica` in it. Reported by Jose Joye (@jose-joye). +- Do not consider Evicted Pods as part of `pgo test`. This eliminates a behavior where faux primaries are considered as part of `pgo test`. Reported by Dennis Jacobfeuerborn (@dennisjac). +- Fix `pgo df` to not fail in the event it tries to execute a command within a dangling container from the bootstrap process when `pgo create cluster --restore-from` is used. Reported by Ignacio J.Ortega (@IJOL). +- `pgo df` will now only attempt to execute in running Pods, i.e. it does not attempt to run in evicted Pods. Reported by (@kseswar). +- Ensure the sync replication ConfigMap is removed when a cluster is deleted. +- Fix crash in shutdown logic when attempting to shut down a cluster where no primaries exist. Reported by Jeffrey den Drijver (@JeffreyDD). +- Fix syntax in recovery check command which could lead to failures when manually promoting a standby cluster. Reported by (@SockenSalat). +- Fix potential race condition that could lead to a crash in the Operator boot when an error is issued around loading the `pgo-config` ConfigMap. Reported by Aleksander Roszig (@AleksanderRoszig). +- Do not trigger a backup if a standby cluster fails over. Reported by (@aprilito1965). +- Fix issue with `pgo backup` where it was unable to take a backup from a new primary after `pgo failover` was called. Reported by (@mesobreira). +- On initialization, check that primary PostgreSQL Deployment is created before attempting to scale. +- Ensure `archive_mode` is forced to `on` when performing using the "restore in place" method. This ensures that the timeline is correctly incremented post-restore, which could manifest itself with various types of WAL archive failures. +- Ensure pgBouncer Secret is created when adding it to a standby cluster. +- Generally improvements to initialization of a standby cluster. +- Ensure proper label parsing based on Kubernetes rules and that it is consistently applied across all functionality that uses labels. Reported by José Joye (@jose-joye). +- Remove legacy `defaultMode` setting on the volume instructions for the pgBackRest repo Secret as the `readOnly` setting is used on the mount itself. Reported by (@szhang1). +- Only attempts to start scheduled backups in running pgBackRest repository Pods. Reported by Satria Sahputra (@satriashp). +- Allow for `Restart` API server permission to be explicitly set. Reported by Aleksander Roszig (@AleksanderRoszig). +- Update `pgo-target` permissions to match expectations for modern Kubernetes versions. +- Support the substitution for the limit on the number of queries to include the the `pg_stat_statements` support of pgMonitor. Defaults to 20, which is the pgMonitor upstream value. Contributed by Steven Siahetiong (@ssiahetiong). +- Major upgrade container now includes references for `pgnodemx`. +- During a major upgrade, ensure permissions are correct on the old data directory before running `pg_upgrade`. +- The metrics stack installer is fixed to work in environments that may not have connectivity to the Internet ("air gapped"). Reported by (@eliranw). diff --git a/docs/content/releases/4.5.3.md b/docs/content/releases/4.5.3.md new file mode 100644 index 0000000000..c50fe9e248 --- /dev/null +++ b/docs/content/releases/4.5.3.md @@ -0,0 +1,33 @@ +--- +title: "4.5.3" +date: +draft: false +weight: 67 +--- + +Crunchy Data announces the release of the PostgreSQL Operator 4.5.3 on June 2, 2021. + +The PostgreSQL Operator is released in conjunction with the [Crunchy Container Suite](https://github.com/CrunchyData/crunchy-containers/). + +PostgreSQL Operator 4.5.3 release includes the following software versions upgrades: + +- [PostgreSQL](https://www.postgresql.org) is at 13.3, 12.7, 11.12, 10.17, and 9.6.22. +- [Patroni](https://patroni.readthedocs.io/) is now at version 2.0.2. +- [pgBouncer](https://www.pgbouncer.org/) for CentOS 8 / UBI 8 is rebuilt to use the libc for its async DNS backend. + +## Changes + +- Revert setting "UsePAM" to "yes" by default as the bug fix in Docker that required that change was applied roughly one year ago. +- Allow for the `PGOADMIN_USERNAME`, `PGOADMIN_PASSWORD`, `PGOADMIN_ROLENAME` credential bootstrap variables to be overriden as part of the OLM and development install process. Contributed by Mathieu Parent (@sathieu). +- Update Helm installer to follow appropriate conventions. Contributed by Jakub Ráček (@kubaracek). + +## Fixes + +- Fix crash due to superfluous trailing whitespace when parsing `--backup-opts` in `pgo backup`. Reported by Samir Faci (@safaci2000). +- Fix issue where metrics about pgBackRest backups could not be scraped if the backups were stored in a S3-like environment that requires the use of disabling TLS verification. Reported by (@lphan-clv) and (@dakine1111). +- Fix issue where certain pgAdmin 4 functions did not work (e.g. taking a backup) due to `python` references in EL8 containers. Reported by (@douggutaby). +- Fix how the pgAdmin 4 Service is identified in `pgo test`. Prior to this, it was identified as a "primary"; now it is "pgadmin". +- Ensure a Postgres cluster shutdown can execute even if the `status` subresource of a `pgclusters.crunchydata.com` custom resource is missing. +- Ensure major upgrades via `crunchy-upgrade` support PostgreSQL 12 and PostgreSQL 13. Reported by (@lbartnicki92). +- Fix nonbreaking error message that occurs when `pgo-scheduler` container shuts down in the UBI 8 base container. +- The `pgo-deployer` and Ansible installer will no longer create an initial TLS secret for the PGO apiserver. PGO apiserver has been able to self-create this for a long time, and PGO defers to that. This fixes an issue that occurred on newer builds where certificates generated by OpenSSL contained incomplete usage blocks, which could cause for these certificates to be properly outright rejected. diff --git a/docs/content/releases/4.5.4.md b/docs/content/releases/4.5.4.md new file mode 100644 index 0000000000..8f16f24a0b --- /dev/null +++ b/docs/content/releases/4.5.4.md @@ -0,0 +1,25 @@ +--- +title: "4.5.4" +date: +draft: false +weight: 66 +--- + +Crunchy Data announces the release of PGO, the Postgres Operator 4.5.4. + +The PostgreSQL Operator is released in conjunction with the [Crunchy Container Suite](https://github.com/CrunchyData/crunchy-containers/). + +PostgreSQL Operator 4.5.4 release includes the following software versions upgrades: + +- [PostgreSQL](https://www.postgresql.org) is updated to 13.4, 12.8, 11.13, 10.18, and 9.6.23. +- [pgaudit_analyze](https://github.com/pgaudit/pgaudit_analyze) is now at 1.0.8. +- [set_user](https://github.com/pgaudit/set_user) is now at version 2.0.1. + +# Changes + +- Ensure `vendor` label is propagated to all PGO managed objects. Reported by @mdraijer. + +# Fixes + +- Allow backup configuration to be changed when a cluster is recreated. For example, allow backup configuration to change from `posix` to `s3` within a new cluster. +- Ensure a SQL policy that contains writes can be applied to a Postgres cluster after a failover. \ No newline at end of file diff --git a/docs/content/releases/4.5.5.md b/docs/content/releases/4.5.5.md new file mode 100644 index 0000000000..f5f6c0b823 --- /dev/null +++ b/docs/content/releases/4.5.5.md @@ -0,0 +1,26 @@ +--- +title: "4.5.5" +date: +draft: false +weight: 65 +--- + +Crunchy Data announces the release of PGO, the Postgres Operator 4.5.5. + +The PostgreSQL Operator is released in conjunction with the [Crunchy Container Suite](https://github.com/CrunchyData/crunchy-containers/). + +PostgreSQL Operator 4.5.5 release includes the following software versions upgrades: + +- [PostgreSQL](https://www.postgresql.org) versions 13.5, 12.9, 11.14, 10.19 and 9.6.24 are now available. +- The [pgnodemx](https://github.com/CrunchyData/pgnodemx) extension is now at version 1.0.6. +- [pgBouncer](https://www.pgbouncer.org/) is now at version 1.16.1 + +## Changes + +- The default `pgo-backrest-repo-config` Secret can now be automatically generated by the Operator. This functionality was backpatched from v4.6 to help support the fix around automatically updating the AWS CA values. + +## Fixes + +- Ensure the `pgo create pgbouncer` command can set CPU and memory limits via `--cpu-limit` and `--memory-limit` respectively. +- Update the `aws-s3-ca.crt` value to use the newer CAs provided by AWS. If a PostgreSQL cluster is using the old default CA, PGO will update the general one kept in the `pgo-backrest-repo-config` Secret and `pgo upgrade` will update it for a specific cluster. +- Allow for the original primary instance to be scaled down after running `pgo upgrade`. diff --git a/docs/content/releases/4.5.6.md b/docs/content/releases/4.5.6.md new file mode 100644 index 0000000000..a166f188bf --- /dev/null +++ b/docs/content/releases/4.5.6.md @@ -0,0 +1,18 @@ +--- +title: "4.5.6" +date: +draft: false +weight: 64 +--- + +Crunchy Data announces the release of PGO, the Postgres Operator 4.5.6. + +The PostgreSQL Operator is released in conjunction with the [Crunchy Container Suite](https://github.com/CrunchyData/crunchy-containers/). + +PostgreSQL Operator 4.5.6 release includes the following software versions upgrades: + +- [PostgreSQL](https://www.postgresql.org) versions 13.6, 12.10, 11.15 and 10.20 are now available. + +## Changes + +- The version of Go utilized to build `yq` is now aligned with all other Go binaries. diff --git a/docs/content/releases/4.5.7.md b/docs/content/releases/4.5.7.md new file mode 100644 index 0000000000..3e71bea796 --- /dev/null +++ b/docs/content/releases/4.5.7.md @@ -0,0 +1,17 @@ +--- +title: "4.5.7" +date: +draft: false +weight: 63 +--- + +Crunchy Data announces the release of PGO, the Postgres Operator 4.5.7. + +The PostgreSQL Operator is released in conjunction with the [Crunchy Container Suite](https://github.com/CrunchyData/crunchy-containers/). + +PostgreSQL Operator 4.5.7 release includes the following software versions upgrades: + +- [PostgreSQL](https://www.postgresql.org) versions 14.3, 13.7, 12.11, 11.16, and 10.21 are now available. +- [PostGIS](http://postgis.net/) version 3.1.4 is now available. +- The [pg_partman](https://github.com/pgpartman/pg_partman) extension is now at version 4.6.1. +- The [TimescaleDB](https://github.com/timescale/timescaledb) extension is now at version 2.6.1. diff --git a/docs/content/releases/4.5.8.md b/docs/content/releases/4.5.8.md new file mode 100644 index 0000000000..3cc78e476f --- /dev/null +++ b/docs/content/releases/4.5.8.md @@ -0,0 +1,17 @@ +--- +title: "4.5.8" +date: +draft: false +weight: 62 +--- + +Crunchy Data announces the release of PGO, the Postgres Operator 4.5.8. + +The PostgreSQL Operator is released in conjunction with the [Crunchy Container Suite](https://github.com/CrunchyData/crunchy-containers/). + +PostgreSQL Operator 4.5.8 release includes the following software versions upgrades: + +- [PostgreSQL](https://www.postgresql.org) versions 13.8, 12.12, 11.17, and 10.22 are now available. +- [PgBouncer](https://www.pgbouncer.org/) is now at version 1.17. +- The [pg_partman](https://github.com/pgpartman/pg_partman) extension is now at version 4.6.2. +- The [TimescaleDB](https://github.com/timescale/timescaledb) extension is now at version 2.7.2. \ No newline at end of file diff --git a/docs/content/releases/4.5.9.md b/docs/content/releases/4.5.9.md new file mode 100644 index 0000000000..85ec5d7952 --- /dev/null +++ b/docs/content/releases/4.5.9.md @@ -0,0 +1,16 @@ +--- +title: "4.5.9" +date: +draft: false +weight: 61 +--- + +Crunchy Data announces the release of PGO, the Postgres Operator 4.5.9. + +The PostgreSQL Operator is released in conjunction with the [Crunchy Container Suite](https://github.com/CrunchyData/crunchy-containers/). + +PostgreSQL Operator 4.5.9 release includes the following software versions upgrades: + +- [PostgreSQL](https://www.postgresql.org) versions 13.9, 12.13, 11.18, and 10.23 are now available. +- The [pg_partman](https://github.com/pgpartman/pg_partman) extension is now at version 4.7.1. +- The [TimescaleDB](https://github.com/timescale/timescaledb) extension is now at version 2.8.1. diff --git a/docs/content/support/_index.md b/docs/content/support/_index.md index a1cb419443..f8a974c84b 100644 --- a/docs/content/support/_index.md +++ b/docs/content/support/_index.md @@ -5,15 +5,15 @@ draft: false weight: 110 --- -There are a few options available for community support of the [PostgreSQL Operator](https://github.com/CrunchyData/postgres-operator): +There are a few options available for community support of the [PGO: the Postgres Operator](https://github.com/CrunchyData/postgres-operator): -- **If you believe you have found a bug** or have a detailed feature request: please open [an issue on GitHub](https://github.com/CrunchyData/postgres-operator/issues/new/choose). The PostgreSQL Operator community and the Crunchy Data team behind the PostgreSQL Operator is generally active in responding to issues. -- **For general questions or community support**: please join the PostgreSQL Operator community mailing list at [postgres-operator@crunchydata.com](mailto:postgres-operator@crunchydata.com), +- **If you believe you have found a bug** or have a detailed feature request: please open [an issue on GitHub](https://github.com/CrunchyData/postgres-operator/issues/new/choose). The Postgres Operator community and the Crunchy Data team behind the PGO is generally active in responding to issues. +- **For general questions or community support**: please join the [PostgreSQL Operator community mailing list](https://groups.google.com/a/crunchydata.com/forum/#!forum/postgres-operator/join) at [https://groups.google.com/a/crunchydata.com/forum/#!forum/postgres-operator/join](https://groups.google.com/a/crunchydata.com/forum/#!forum/postgres-operator/join), In all cases, please be sure to provide as many details as possible in regards to your issue, including: - Your Platform (e.g. Kubernetes vX.YY.Z) -- Operator Version (e.g. {{< param centosBase >}}-{{< param operatorVersion >}}) +- Operator Version (e.g. {{< param ubiBase >}}-{{< param operatorVersion >}}) - A detailed description of the issue, as well as steps you took that lead up to the issue - Any relevant logs - Any additional information you can provide that you may find helpful diff --git a/docs/content/tutorial/_index.md b/docs/content/tutorial/_index.md index 2919cc6a25..0babd127dc 100644 --- a/docs/content/tutorial/_index.md +++ b/docs/content/tutorial/_index.md @@ -4,10 +4,10 @@ draft: false weight: 15 --- -The PostgreSQL Operator provides functionality that lets you run your own database-as-a-service: from deploying PostgreSQL clusters with [high availability]({{< relref "architecture/high-availability/_index.md" >}}), to a [full stack monitoring]({{< relref "architecture/high-availability/_index.md" >}}) solution, essential [disaster recovery and backup tools]({{< relref "architecture/disaster-recovery.md" >}}), the ability to secure your cluster with TLS, and much more! +PGO, the Postgres Operator, provides functionality that lets you run your own database-as-a-service: from deploying PostgreSQL clusters with [high availability]({{< relref "architecture/high-availability/_index.md" >}}), to a [full stack monitoring]({{< relref "architecture/high-availability/_index.md" >}}) solution, essential [disaster recovery and backup tools]({{< relref "architecture/disaster-recovery.md" >}}), the ability to secure your cluster with TLS, and much more! What's more, you can manage your PostgreSQL clusters with the convenient [`pgo` client]({{< relref "pgo-client/_index.md" >}}) or by interfacing directly with the PostgreSQL Operator [custom resources]({{< relref "custom-resources/_index.md" >}}). -Given the robustness of the PostgreSQL Operator, we think it's helpful to break down the functionality in this step-by-step tutorial. The tutorial covers the essential functions the PostgreSQL Operator can perform and covers many common basic and advanced use cases. +Given the robustness of PGO, we think it's helpful to break down the functionality in this step-by-step tutorial. The tutorial covers the essential functions the Postgres Operator can perform and covers many common basic and advanced use cases. So what are you waiting for? Let's [get started]({{< relref "tutorial/getting-started.md" >}})! diff --git a/docs/content/tutorial/create-cluster.md b/docs/content/tutorial/create-cluster.md index eeb798faf5..6db4090269 100644 --- a/docs/content/tutorial/create-cluster.md +++ b/docs/content/tutorial/create-cluster.md @@ -65,7 +65,7 @@ So what just happened? Let's break down what occurs during the create cluster pr - Creating [persistent volume claims](https://kubernetes.io/docs/concepts/storage/persistent-volumes/) (PVCs) for the PostgreSQL instance and the pgBackRest repository. - Creating [services](https://kubernetes.io/docs/concepts/services-networking/service/) that provide a stable network interface for connecting to the PostgreSQL instance and pgBackRest repository. - Creating [deployments](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/) that house each PostgreSQL instance and pgBackRest repository. Each of these is responsible for one Pod. - - The PostgreSQL Pod, when it is started, provisions a PostgreSQL database and performs other bootstrapping functions, such as creating `testuer`. + - The PostgreSQL Pod, when it is started, provisions a PostgreSQL database and performs other bootstrapping functions, such as creating `testuser`. - The pgBackRest Pod, when it is started, initializes a pgBackRest repository. Note that the pgBackRest repository is not yet ready to start taking backups, but will be after the next step! 3. When the PostgreSQL Operator detects that the PostgreSQL and pgBackRest deployments are up and running, it creates a Kubenretes Job to create a pgBackRest stanza. This is necessary as part of intializing the pgBackRest repository to accept backups from our PostgreSQL cluster. @@ -120,6 +120,33 @@ Also ensure that you have enough persistent volumes available: your Kubernetes a The most common occurrence of this is due to the Kubernetes network blocking SSH connections between Pods. Ensure that your Kubernetes networking layer allows for SSH connections over port 2022 in the Namespace that you are deploying your PostgreSQL clusters into. +### PostgreSQL Pod reports "Authentication Failed for `ccp_monitoring`" + +This is a temporary error that occurs when a new PostgreSQL cluster is first +initialized with the `--metrics` flag. The `crunchy-postgres-exporter` container +within the PostgreSQL Pod may be ready before the container with PostgreSQL is +ready. If a message in your logs further down displays a timestamp, e.g.: + +``` + now +------------------------------- +2020-11-10 08:23:15.968196-05 +``` + +Then the `ccp_monitoring` user is properly reconciled with the PostgreSQL +cluster. + +If the error message does not go away, this could indicate a few things: + +- The PostgreSQL instance has not initialized. Check to ensure that PostgreSQL +has successfully started. +- The password for the `ccp_monitoring` user has changed. In this case you will +need to update the Secret with the monitoring credentials. + +## Custom Resources + +You may also be curious about how to perform the same actions directly with [custom resources]({{< relref "custom-resources/_index.md" >}}). If that is the case, we encourage to skip ahead to the [Custom Resources]({{< relref "custom-resources/_index.md" >}}) section of the documentation. + ## Next Steps Once your cluster is created, the next step is to [connect to your PostgreSQL cluster]({{< relref "tutorial/connect-cluster.md" >}}). You can also [learn how to customize your PostgreSQL cluster]({{< relref "tutorial/customize-cluster.md" >}})! diff --git a/docs/content/tutorial/customize-cluster.md b/docs/content/tutorial/customize-cluster.md index e9be31c268..2fee92bb0a 100644 --- a/docs/content/tutorial/customize-cluster.md +++ b/docs/content/tutorial/customize-cluster.md @@ -184,6 +184,29 @@ There are many reasons why a PostgreSQL Pod may not be scheduled: - **Node affinity rules cannot be satisfied**. If you assigned a node label, ensure that the Nodes with that label are available for scheduling. If they are, ensure that there are enough resources available. - **Pod anti-affinity rules cannot be satisfied**. This most likely happens when [pod anti-affinity]({{< relref "architecture/high-availability/_index.md" >}}#how-the-crunchy-postgresql-operator-uses-pod-anti-affinity) is set to `required` and there are not enough Nodes available for scheduling. Consider adding more Nodes or relaxing your anti-affinity rules. +### PostgreSQL Pod reports "Authentication Failed for `ccp_monitoring`" + +This is a temporary error that occurs when a new PostgreSQL cluster is first +initialized with the `--metrics` flag. The `crunchy-postgres-exporter` container +within the PostgreSQL Pod may be ready before the container with PostgreSQL is +ready. If a message in your logs further down displays a timestamp, e.g.: + +``` + now +------------------------------- +2020-11-10 08:23:15.968196-05 +``` + +Then the `ccp_monitoring` user is properly reconciled with the PostgreSQL +cluster. + +If the error message does not go away, this could indicate a few things: + +- The PostgreSQL instance has not initialized. Check to ensure that PostgreSQL +has successfully started. +- The password for the `ccp_monitoring` user has changed. In this case you will +need to update the Secret with the monitoring credentials. + ## Next Steps As mentioned at the beginning, there are a lot more customizations that you can make to your PostgreSQL cluster, and we will cover those as the tutorial progresses! This section was to get you familiar with some of the most common customizations, and to explore how many options `pgo create cluster` has! diff --git a/docs/content/tutorial/getting-started.md b/docs/content/tutorial/getting-started.md index 8422487ed1..c02fd355a4 100644 --- a/docs/content/tutorial/getting-started.md +++ b/docs/content/tutorial/getting-started.md @@ -6,17 +6,17 @@ weight: 100 ## Installation -If you have not installed the PostgreSQL Operator yet, we recommend you take a look at our [quickstart]({{< relref "quickstart/_index.md" >}}) or the [installation]({{< relref "installation/_index.md" >}}) sections. +If you have not installed PGO, the Postgres Operator, yet, we recommend you take a look at our [quickstart]({{< relref "quickstart/_index.md" >}}) or the [installation]({{< relref "installation/_index.md" >}}) sections. ### Customizing an Installation -How to customize a PostgreSQL Operator installation is a lengthy topic. The details are covered in the [installation]({{< relref "installation/postgres-operator.md" >}}) section, as well as a list of all the [configuration variables]({{< relref "installation/configuration.md" >}}) available. +How to customize a PGO installation is a lengthy topic. The details are covered in the [installation]({{< relref "installation/postgres-operator.md" >}}) section, as well as a list of all the [configuration variables]({{< relref "installation/configuration.md" >}}) available. ## Setup the `pgo` Client -This tutorial will be using the [`pgo` client]({{< relref "pgo-client/_index.md" >}}) to interact with the PostgreSQL Operator. Please follow the instructions in the [quickstart]({{< relref "quickstart/_index.md" >}}) or the [installation]({{< relref "installation/pgo-client.md" >}}) sections for how to configure the `pgo` client. +This tutorial will be using the [`pgo` client]({{< relref "pgo-client/_index.md" >}}) to interact with the Postgres Operator. Please follow the instructions in the [quickstart]({{< relref "quickstart/_index.md" >}}) or the [installation]({{< relref "installation/pgo-client.md" >}}) sections for how to configure the `pgo` client. -The PostgreSQL Operator and `pgo` client are designed to work in a [multi-namespace deployment environment]({{< relref "architecture/namespace.md" >}}) and many `pgo` commands require that the namespace flag (`-n`) are passed into it. You can use the `PGO_NAMESPACE` environmental variable to set which namespace a `pgo` command can use. For example: +The Postgres Operator and `pgo` client are designed to work in a [multi-namespace deployment environment]({{< relref "architecture/namespace.md" >}}) and many `pgo` commands require that the namespace flag (`-n`) are passed into it. You can use the `PGO_NAMESPACE` environmental variable to set which namespace a `pgo` command can use. For example: ``` export PGO_NAMESPACE=pgo @@ -39,13 +39,13 @@ export PGO_NAMESPACE=pgo ## Next Steps -Before proceeding, please make sure that your `pgo` client setup can communicate with your PostgreSQL Operator. In a separate terminal window, set up a port forward to your PostgreSQL Operator: +Before proceeding, please make sure that your `pgo` client setup can communicate with your PGO Deployment. In a separate terminal window, set up a port forward to your PostgreSQL Operator: ``` kubectl port-forward -n pgo svc/postgres-operator 8443:8443 ``` -The [`pgo version`]({{< relref "pgo-client/reference/pgo_version.md" >}}) command is a great way to check connectivity with the PostgreSQL Operator, as it is a very simple, safe operation. Try it out: +The [`pgo version`]({{< relref "pgo-client/reference/pgo_version.md" >}}) command is a great way to check connectivity with the Postgres Operator, as it is a very simple, safe operation. Try it out: ``` pgo version @@ -72,4 +72,4 @@ which yields results similar to: pgo client version {{< param operatorVersion >}} ``` -Alright, we're now ready to start our journey with the PostgreSQL Operator! +Alright, we're now ready to start our journey with PGO! diff --git a/docs/content/tutorial/pgbouncer.md b/docs/content/tutorial/pgbouncer.md index 89ba8ce993..4ca68f561a 100644 --- a/docs/content/tutorial/pgbouncer.md +++ b/docs/content/tutorial/pgbouncer.md @@ -116,7 +116,7 @@ PGPASSWORD=randompassword psql -h localhost -p 5432 -U pgbouncer pgbouncer You should see something similar to this: ``` -psql (12.4, server 1.14.0/bouncer) +psql (12.13, server 1.14.0/bouncer) Type "help" for help. pgbouncer=# diff --git a/docs/layouts/partials/flex/body-aftercontent.html b/docs/layouts/partials/flex/body-aftercontent.html new file mode 100644 index 0000000000..1ec038ea12 --- /dev/null +++ b/docs/layouts/partials/flex/body-aftercontent.html @@ -0,0 +1,44 @@ +
+ {{ partial "next-prev-page.html" . }} +
+ + + + +
+ +
+ {{if .Params.tags }} +
+ {{ range $index, $tag := .Params.tags }} + {{ $tag }} + {{ end }} +
+ {{end}} + + {{with .Params.LastModifierDisplayName}} +
+ {{ . }} +
+ {{end}} + +{{ if not .Page.Lastmod.IsZero }} +
+ {{T "last-update-on"}} {{ .Page.Lastmod.Format "02/01/2006" }} +
+ {{end}} + +
+ + +
+
+ +
+

© 2017 - 2022 Crunchy Data Solutions, Inc.

+
+ + +
+ +{{ partial "flex/scripts.html" . }} diff --git a/docs/static/crunchy-logo.jpg b/docs/static/crunchy-logo.jpg deleted file mode 100644 index 01f9c9b1a4..0000000000 Binary files a/docs/static/crunchy-logo.jpg and /dev/null differ diff --git a/docs/static/logos/TRADEMARKS.md b/docs/static/logos/TRADEMARKS.md new file mode 100644 index 0000000000..e97d80757d --- /dev/null +++ b/docs/static/logos/TRADEMARKS.md @@ -0,0 +1,143 @@ +# PGO Trademark Guidelines + +## 1. Introduction + +This document - the "Policy" - outlines the policy of The PGO Project (the "Project") for the use of our trademarks. + +A trademark’s role is to assure consumers about the quality of the associated products or services. Because an open source license allows you to modify the copyrighted software, we cannot be sure your modified software will not mislead recipients if it is distributed under our trademarks. So, this Policy describes when you may or may not use our trademarks. + +In this Policy, we are not trying to limit the lawful use of our trademarks, but rather describe what we consider lawful use. Trademark law can be ambiguous, so we hope to clarify whether we will consider your use permitted or non-infringing. + +The following sections describe the trademarks this Policy covers, as well as trademark uses we permit. If you want to use our trademarks in ways this Policy doesn’t address, please see "Where to get further information" below for contact information. Any use that does not comply with this Policy, or for which we have not separately provided written permission, is not a use we have approved. + +## 2. We are committed to open source principles + +We want to encourage and facilitate community use of our trademarks in a way that ensures the trademarks are meaningful source and quality indicators for our software and the associated goods and services and continue to embody the high reputation of the software and its associated community. This Policy therefore balances our need to ensure our trademarks remain reliable quality indicators and our community members’ desire to be full Project participants. + +## 3. Trademarks subject to the Policy + +Our trademarks + +This Policy covers: + +### 3.1 Our word trademarks and service marks (the "Word Marks"): + +PGO + +### 3.2. Our logo (the "Logo"): + +PGO: The Postgres Operator from Crunchy Data + +### 3.3 And the unique visual styling of our website (the "Trade Dress"). + +This Policy encompasses all Project trademarks and service marks, whether Word Marks, Logos or Trade Dress, which we collectively call the “Marks." We might not have registered some Marks, but this Policy covers our Marks regardless. + +## 4. Universal considerations for all uses + +Whenever you use a Mark, you must not mislead anyone, either directly or by omission, about what they are getting and from whom. The law reflects this requirement in two major ways described below: it prohibits creating a "likelihood of confusion," but allows for "nominative use." + +For example, you cannot say you are distributing PGO software when you're distributing a modified version of it, because you likely would confuse people, since they are not getting the same features and functionality they would get if they downloaded the software from us. You also cannot use our Logo on your website to suggest your website is an official website or we endorse your website. + +You can, though, say, for example, you like the PGO software, you are a PGO community participant, you are providing unmodified PGO software, or you wrote a book describing how to use the PGO software. + +This fundamental requirement - that it is always clear to people what they are getting and from whom - is reflected throughout this Policy. It should guide you if you are unsure about how you are using the Marks. + +In addition: + +You may not use the Marks in association with software use or distribution if you don’t comply with the license for the software. + +You may not use or register the Marks as part of your own trademark, service mark, domain name, company name, trade name, product name or service name. + +Trademark law does not allow you to use names or trademarks that are too similar to ours. You therefore may not use an obvious Mark variant or phonetic equivalent, foreign language equivalent, takeoff, or abbreviation for a similar or compatible product or service. + +You will not acquire rights in the Marks, and any goodwill you generate using the Marks inures solely to our benefit. +## 5. Use for software + +See universal considerations for all uses, above, which also apply. + +### 5.1 Uses we consider non-infringing + +#### 5.1.1 Distributing unmodified source code or unmodified executable code we have compiled + +When you redistribute our unmodified software, you are not changing its quality or nature. Therefore, you may retain the Word Marks and Logos we have placed on the software, to identify your redistributed software whether you redistribute by optical media, memory stick or download of unmodified source and executable code. This only applies if you are redistributing official software from this Project that you have not changed. You can find the Logo files [here](/). + +#### 5.1.2 Distributing executable code you have compiled, or modified code + +You may use the Word Marks, but not the Logos, to describe the software’s origin, that is, that the code you are distributing is a modification of our software. You may say, for example, "this software is derived from the source code from the PGO Project." +Of course, you can place your own trademarks or logos on software to which you have made substantive modifications, because by modifying the software, you have become the origin of the modified software. + +#### 5.1.3 Statements about compatibility, interoperability or derivation + +You may use the Word Marks, but not the Logos, to describe the relationship between your software and ours. You should use Our Mark after a verb or preposition that describes that relationship. So, you may say, for example, "Bob's plug-in for PGO," but may not say "Bob's PGO plug-in." + +#### 5.1.4 Using trademarks to show community affiliation + +This section discusses using our Marks for application themes, skins and personas. We discuss using our Marks on websites below. +You may use the Word Marks and the Logos in themes, personas, or skins to show your Project support, provided the use is non-commercial and clearly decorative, as contrasted with a use that appears to be the branding for a website or application. + +### 5.2 Permitted uses + +#### 5.2.1 Distributing unmodified software + +You may use the Word Marks and Logos to distribute executable code if you make the code from official Project source code using the procedure for creating an executable found at [https://access.crunchydata.com/documentation/postgres-operator/latest/installation/](https://access.crunchydata.com/documentation/postgres-operator/latest/installation/). + +#### 5.3 Unpermitted uses we consider infringing + +We will likely consider it an infringement to use the Marks in software that combines our software with another software program. In addition to creating a single executable for both software programs, we would consider your software "combined" with ours if installing our software automatically installs yours. We would not consider your software "combined" with ours if it is on the same media but requires separate, independent action to install. + +## 6. Use for non-software goods and services + +See universal considerations for all uses, above, which also apply. + +### 6.1 Uses we consider non-infringing + +#### 6.1.1 Websites + +You may use the Word Marks and Logos on your webpage to show your Project support if: + +- Your own branding or naming is more prominent than any Project Marks; +- The Logos hyperlink to the Project website: [https://github.com/CrunchyData/postgres-operator](https://github.com/CrunchyData/postgres-operator); +- The site does not mislead customers into thinking your website, service, or product is our website, service, or product; and +- The site clearly states the Project does not affiliate with or endorse you. + +#### 6.1.2 Publishing and presenting + +You can use the Word Marks in book and article titles, and the Logo in illustrations within a document, if the use does not suggest we published, endorse, or agree with your work. + +#### 6.1.3 Events + +You can use the Logo to promote the software and Project at events. + +### 6.2 Permitted uses + +#### 6.2.1 Meetups and user groups + +You can use the Word Marks as part of your meetup or user group name if: + +- The group’s main focus is the software; +- Any software or services the group provides are without cost; +- The group does not make a profit; +- Any charge to attend meetings is only to cover the cost of the venue, food and drink. + +The universal considerations for all uses, above, still apply: specifically, you may not use or register the Marks as part of your own trademark, service mark, domain name, company name, trade name, product name or service name. + +### 6.3 Unpermitted uses we consider infringing + +We will likely consider it an infringement to use the Marks as part of a domain name or subdomain. +We also would likely consider it an infringement to use the Marks on for-sale promotional goods. + +## 7 General Information + +### 7.1 Trademark legends + +If you are using our Marks in a way described in the sections entitled "Permitted uses," put the following notice at the foot of the page where you have used the Mark (or, if in a book, on the credits page), on packaging or labeling, and on advertising or marketing materials: "The PGO Project is a trademark of Crunchy Data Solutions, Inc., used with permission." + +### 7.2 What to do when you see abuse + +If you are aware of a confusing use or misuse of the Marks, we would appreciate you bringing it to our attention. Please contact us at [trademarks@crunchydata.com](mailto:trademarks@crunchydata.com) so we can investigate it further. + +### 7.3 Where to get further information + +If you have questions, wish to speak about using our Marks in ways the Policy doesn’t address, or see abuse of our Marks, please send an email to [trademarks@crunchydata.com](mailto:trademarks@crunchydata.com). + +We based these guidelines on the Model Trademark Guidelines, available at [http://www.modeltrademarkguidelines.org](http://www.modeltrademarkguidelines.org), used under a Creative Commons Attribution 3.0 Unported license: [https://creativecommons.org/licenses/by/3.0/deed.en_US](https://creativecommons.org/licenses/by/3.0/deed.en_US). diff --git a/docs/static/logos/pgo.png b/docs/static/logos/pgo.png new file mode 100644 index 0000000000..9d38c8f859 Binary files /dev/null and b/docs/static/logos/pgo.png differ diff --git a/docs/static/logos/pgo.svg b/docs/static/logos/pgo.svg new file mode 100644 index 0000000000..d72f9d7810 --- /dev/null +++ b/docs/static/logos/pgo.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/examples/create-by-resource/fromcrd.json b/examples/create-by-resource/fromcrd.json index 987ec53d55..b044941521 100644 --- a/examples/create-by-resource/fromcrd.json +++ b/examples/create-by-resource/fromcrd.json @@ -16,7 +16,7 @@ "pg-cluster": "fromcrd", "pg-pod-anti-affinity": "", "pgo-backrest": "true", - "pgo-version": "4.5.0", + "pgo-version": "4.5.7", "pgouser": "pgoadmin", "primary": "true" }, @@ -62,7 +62,7 @@ }, "backrestResources": {}, "ccpimage": "crunchy-postgres-ha", - "ccpimagetag": "centos7-12.4-4.5.0", + "ccpimagetag": "ubi8-12.11-4.5.7", "clustername": "fromcrd", "customconfig": "", "database": "userdb", @@ -95,7 +95,7 @@ "userlabels": { "crunchy-postgres-exporter": "false", "pg-pod-anti-affinity": "", - "pgo-version": "4.5.0", + "pgo-version": "4.5.7", "pgouser": "pgoadmin", "pgo-backrest": "true" }, diff --git a/examples/create-by-resource/run.sh b/examples/create-by-resource/run.sh index 1cdefdda77..271154f8f9 100755 --- a/examples/create-by-resource/run.sh +++ b/examples/create-by-resource/run.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2019 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -18,6 +18,8 @@ ######### DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" +# PGO_CMD should either be "kubectl" or "oc" -- defaulting to kubectl +PGO_CMD=${PGO_CMD:-kubectl} # A namespace that exists in NAMESPACE env var - see examples/envs.sh export NS=pgouser1 @@ -41,49 +43,10 @@ rm $DIR/fromcrd-key $DIR/fromcrd-key.pub # EXAMPLE RUN # ############### -# generate a SSH public/private keypair for use by pgBackRest -ssh-keygen -t ed25519 -N '' -f $DIR/fromcrd-key - -# base64 encoded the keys for the generation of the Kube secret, and place -# them into variables temporarily -PUBLIC_KEY_TEMP=$(cat $DIR/fromcrd-key.pub | base64) -PRIVATE_KEY_TEMP=$(cat $DIR/fromcrd-key | base64) - -export PUBLIC_KEY="${PUBLIC_KEY_TEMP//[$'\n']}" -export PRIVATE_KEY="${PRIVATE_KEY_TEMP//[$'\n']}" - -unset PUBLIC_KEY_TEMP -unset PRIVATE_KEY_TEMP - -# create the backrest-repo-config example file and substitute in the newly -# created keys -cat <<-EOF > $DIR/backrest-repo-config.yaml -apiVersion: v1 -data: - authorized_keys: ${PUBLIC_KEY} - id_ed25519: ${PRIVATE_KEY} - ssh_host_ed25519_key: ${PRIVATE_KEY} - config: SG9zdCAqClN0cmljdEhvc3RLZXlDaGVja2luZyBubwpJZGVudGl0eUZpbGUgL3RtcC9pZF9lZDI1NTE5ClBvcnQgMjAyMgpVc2VyIHBnYmFja3Jlc3QK - sshd_config: IwkkT3BlbkJTRDogc3NoZF9jb25maWcsdiAxLjEwMCAyMDE2LzA4LzE1IDEyOjMyOjA0IG5hZGR5IEV4cCAkCgojIFRoaXMgaXMgdGhlIHNzaGQgc2VydmVyIHN5c3RlbS13aWRlIGNvbmZpZ3VyYXRpb24gZmlsZS4gIFNlZQojIHNzaGRfY29uZmlnKDUpIGZvciBtb3JlIGluZm9ybWF0aW9uLgoKIyBUaGlzIHNzaGQgd2FzIGNvbXBpbGVkIHdpdGggUEFUSD0vdXNyL2xvY2FsL2JpbjovdXNyL2JpbgoKIyBUaGUgc3RyYXRlZ3kgdXNlZCBmb3Igb3B0aW9ucyBpbiB0aGUgZGVmYXVsdCBzc2hkX2NvbmZpZyBzaGlwcGVkIHdpdGgKIyBPcGVuU1NIIGlzIHRvIHNwZWNpZnkgb3B0aW9ucyB3aXRoIHRoZWlyIGRlZmF1bHQgdmFsdWUgd2hlcmUKIyBwb3NzaWJsZSwgYnV0IGxlYXZlIHRoZW0gY29tbWVudGVkLiAgVW5jb21tZW50ZWQgb3B0aW9ucyBvdmVycmlkZSB0aGUKIyBkZWZhdWx0IHZhbHVlLgoKIyBJZiB5b3Ugd2FudCB0byBjaGFuZ2UgdGhlIHBvcnQgb24gYSBTRUxpbnV4IHN5c3RlbSwgeW91IGhhdmUgdG8gdGVsbAojIFNFTGludXggYWJvdXQgdGhpcyBjaGFuZ2UuCiMgc2VtYW5hZ2UgcG9ydCAtYSAtdCBzc2hfcG9ydF90IC1wIHRjcCAjUE9SVE5VTUJFUgojClBvcnQgMjAyMgojQWRkcmVzc0ZhbWlseSBhbnkKI0xpc3RlbkFkZHJlc3MgMC4wLjAuMAojTGlzdGVuQWRkcmVzcyA6OgoKSG9zdEtleSAvc3NoZC9zc2hfaG9zdF9lZDI1NTE5X2tleQoKIyBDaXBoZXJzIGFuZCBrZXlpbmcKI1Jla2V5TGltaXQgZGVmYXVsdCBub25lCgojIExvZ2dpbmcKI1N5c2xvZ0ZhY2lsaXR5IEFVVEgKU3lzbG9nRmFjaWxpdHkgQVVUSFBSSVYKI0xvZ0xldmVsIElORk8KCiMgQXV0aGVudGljYXRpb246CgojTG9naW5HcmFjZVRpbWUgMm0KUGVybWl0Um9vdExvZ2luIG5vClN0cmljdE1vZGVzIG5vCiNNYXhBdXRoVHJpZXMgNgojTWF4U2Vzc2lvbnMgMTAKClB1YmtleUF1dGhlbnRpY2F0aW9uIHllcwoKIyBUaGUgZGVmYXVsdCBpcyB0byBjaGVjayBib3RoIC5zc2gvYXV0aG9yaXplZF9rZXlzIGFuZCAuc3NoL2F1dGhvcml6ZWRfa2V5czIKIyBidXQgdGhpcyBpcyBvdmVycmlkZGVuIHNvIGluc3RhbGxhdGlvbnMgd2lsbCBvbmx5IGNoZWNrIC5zc2gvYXV0aG9yaXplZF9rZXlzCkF1dGhvcml6ZWRLZXlzRmlsZQkvc3NoZC9hdXRob3JpemVkX2tleXMKCiNBdXRob3JpemVkUHJpbmNpcGFsc0ZpbGUgbm9uZQoKI0F1dGhvcml6ZWRLZXlzQ29tbWFuZCBub25lCiNBdXRob3JpemVkS2V5c0NvbW1hbmRVc2VyIG5vYm9keQoKIyBGb3IgdGhpcyB0byB3b3JrIHlvdSB3aWxsIGFsc28gbmVlZCBob3N0IGtleXMgaW4gL2V0Yy9zc2gvc3NoX2tub3duX2hvc3RzCiNIb3N0YmFzZWRBdXRoZW50aWNhdGlvbiBubwojIENoYW5nZSB0byB5ZXMgaWYgeW91IGRvbid0IHRydXN0IH4vLnNzaC9rbm93bl9ob3N0cyBmb3IKIyBIb3N0YmFzZWRBdXRoZW50aWNhdGlvbgojSWdub3JlVXNlcktub3duSG9zdHMgbm8KIyBEb24ndCByZWFkIHRoZSB1c2VyJ3Mgfi8ucmhvc3RzIGFuZCB+Ly5zaG9zdHMgZmlsZXMKI0lnbm9yZVJob3N0cyB5ZXMKCiMgVG8gZGlzYWJsZSB0dW5uZWxlZCBjbGVhciB0ZXh0IHBhc3N3b3JkcywgY2hhbmdlIHRvIG5vIGhlcmUhCiNQYXNzd29yZEF1dGhlbnRpY2F0aW9uIHllcwojUGVybWl0RW1wdHlQYXNzd29yZHMgbm8KUGFzc3dvcmRBdXRoZW50aWNhdGlvbiBubwoKIyBDaGFuZ2UgdG8gbm8gdG8gZGlzYWJsZSBzL2tleSBwYXNzd29yZHMKQ2hhbGxlbmdlUmVzcG9uc2VBdXRoZW50aWNhdGlvbiB5ZXMKI0NoYWxsZW5nZVJlc3BvbnNlQXV0aGVudGljYXRpb24gbm8KCiMgS2VyYmVyb3Mgb3B0aW9ucwojS2VyYmVyb3NBdXRoZW50aWNhdGlvbiBubwojS2VyYmVyb3NPckxvY2FsUGFzc3dkIHllcwojS2VyYmVyb3NUaWNrZXRDbGVhbnVwIHllcwojS2VyYmVyb3NHZXRBRlNUb2tlbiBubwojS2VyYmVyb3NVc2VLdXNlcm9rIHllcwoKIyBHU1NBUEkgb3B0aW9ucwojR1NTQVBJQXV0aGVudGljYXRpb24geWVzCiNHU1NBUElDbGVhbnVwQ3JlZGVudGlhbHMgbm8KI0dTU0FQSVN0cmljdEFjY2VwdG9yQ2hlY2sgeWVzCiNHU1NBUElLZXlFeGNoYW5nZSBubwojR1NTQVBJRW5hYmxlazV1c2VycyBubwoKIyBTZXQgdGhpcyB0byAneWVzJyB0byBlbmFibGUgUEFNIGF1dGhlbnRpY2F0aW9uLCBhY2NvdW50IHByb2Nlc3NpbmcsCiMgYW5kIHNlc3Npb24gcHJvY2Vzc2luZy4gSWYgdGhpcyBpcyBlbmFibGVkLCBQQU0gYXV0aGVudGljYXRpb24gd2lsbAojIGJlIGFsbG93ZWQgdGhyb3VnaCB0aGUgQ2hhbGxlbmdlUmVzcG9uc2VBdXRoZW50aWNhdGlvbiBhbmQKIyBQYXNzd29yZEF1dGhlbnRpY2F0aW9uLiAgRGVwZW5kaW5nIG9uIHlvdXIgUEFNIGNvbmZpZ3VyYXRpb24sCiMgUEFNIGF1dGhlbnRpY2F0aW9uIHZpYSBDaGFsbGVuZ2VSZXNwb25zZUF1dGhlbnRpY2F0aW9uIG1heSBieXBhc3MKIyB0aGUgc2V0dGluZyBvZiAiUGVybWl0Um9vdExvZ2luIHdpdGhvdXQtcGFzc3dvcmQiLgojIElmIHlvdSBqdXN0IHdhbnQgdGhlIFBBTSBhY2NvdW50IGFuZCBzZXNzaW9uIGNoZWNrcyB0byBydW4gd2l0aG91dAojIFBBTSBhdXRoZW50aWNhdGlvbiwgdGhlbiBlbmFibGUgdGhpcyBidXQgc2V0IFBhc3N3b3JkQXV0aGVudGljYXRpb24KIyBhbmQgQ2hhbGxlbmdlUmVzcG9uc2VBdXRoZW50aWNhdGlvbiB0byAnbm8nLgojIFdBUk5JTkc6ICdVc2VQQU0gbm8nIGlzIG5vdCBzdXBwb3J0ZWQgaW4gUmVkIEhhdCBFbnRlcnByaXNlIExpbnV4IGFuZCBtYXkgY2F1c2Ugc2V2ZXJhbAojIHByb2JsZW1zLgpVc2VQQU0geWVzIAoKI0FsbG93QWdlbnRGb3J3YXJkaW5nIHllcwojQWxsb3dUY3BGb3J3YXJkaW5nIHllcwojR2F0ZXdheVBvcnRzIG5vClgxMUZvcndhcmRpbmcgeWVzCiNYMTFEaXNwbGF5T2Zmc2V0IDEwCiNYMTFVc2VMb2NhbGhvc3QgeWVzCiNQZXJtaXRUVFkgeWVzCiNQcmludE1vdGQgeWVzCiNQcmludExhc3RMb2cgeWVzCiNUQ1BLZWVwQWxpdmUgeWVzCiNVc2VMb2dpbiBubwpVc2VQcml2aWxlZ2VTZXBhcmF0aW9uIG5vCiNQZXJtaXRVc2VyRW52aXJvbm1lbnQgbm8KI0NvbXByZXNzaW9uIGRlbGF5ZWQKI0NsaWVudEFsaXZlSW50ZXJ2YWwgMAojQ2xpZW50QWxpdmVDb3VudE1heCAzCiNTaG93UGF0Y2hMZXZlbCBubwojVXNlRE5TIHllcwojUGlkRmlsZSAvdmFyL3J1bi9zc2hkLnBpZAojTWF4U3RhcnR1cHMgMTA6MzA6MTAwCiNQZXJtaXRUdW5uZWwgbm8KI0Nocm9vdERpcmVjdG9yeSBub25lCiNWZXJzaW9uQWRkZW5kdW0gbm9uZQoKIyBubyBkZWZhdWx0IGJhbm5lciBwYXRoCiNCYW5uZXIgbm9uZQoKIyBBY2NlcHQgbG9jYWxlLXJlbGF0ZWQgZW52aXJvbm1lbnQgdmFyaWFibGVzCkFjY2VwdEVudiBMQU5HIExDX0NUWVBFIExDX05VTUVSSUMgTENfVElNRSBMQ19DT0xMQVRFIExDX01PTkVUQVJZIExDX01FU1NBR0VTCkFjY2VwdEVudiBMQ19QQVBFUiBMQ19OQU1FIExDX0FERFJFU1MgTENfVEVMRVBIT05FIExDX01FQVNVUkVNRU5UCkFjY2VwdEVudiBMQ19JREVOVElGSUNBVElPTiBMQ19BTEwgTEFOR1VBR0UKQWNjZXB0RW52IFhNT0RJRklFUlMKCiMgb3ZlcnJpZGUgZGVmYXVsdCBvZiBubyBzdWJzeXN0ZW1zClN1YnN5c3RlbQlzZnRwCS91c3IvbGliZXhlYy9vcGVuc3NoL3NmdHAtc2VydmVyCgojIEV4YW1wbGUgb2Ygb3ZlcnJpZGluZyBzZXR0aW5ncyBvbiBhIHBlci11c2VyIGJhc2lzCiNNYXRjaCBVc2VyIGFub25jdnMKIwlYMTFGb3J3YXJkaW5nIG5vCiMJQWxsb3dUY3BGb3J3YXJkaW5nIG5vCiMJUGVybWl0VFRZIG5vCiMJRm9yY2VDb21tYW5kIGN2cyBzZXJ2ZXI= -kind: Secret -metadata: - labels: - pg-cluster: fromcrd - pgo-backrest-repo: "true" - name: fromcrd-backrest-repo-config - namespace: ${NS} -type: Opaque -EOF - -# unset the *_KEY environmental variables -unset PUBLIC_KEY -unset PRIVATE_KEY - # create the required postgres credentials for the fromcrd cluster $PGO_CMD -n $NS create -f $DIR/postgres-secret.yaml $PGO_CMD -n $NS create -f $DIR/primaryuser-secret.yaml $PGO_CMD -n $NS create -f $DIR/testuser-secret.yaml -$PGO_CMD -n $NS create -f $DIR/backrest-repo-config.yaml # create the pgcluster CRD for the fromcrd cluster $PGO_CMD -n $NS create -f $DIR/fromcrd.json diff --git a/examples/custom-config/create.sh b/examples/custom-config/create.sh index b0599f1b37..519ab0433e 100755 --- a/examples/custom-config/create.sh +++ b/examples/custom-config/create.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2018 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -28,11 +28,8 @@ function echo_info() { DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -#Error if PGO_CMD not set -if [[ -z ${PGO_CMD} ]] -then - echo_err "PGO_CMD is not set." -fi +# PGO_CMD should either be "kubectl" or "oc" -- defaulting to kubectl +PGO_CMD=${PGO_CMD:-kubectl} #Error is PGO_NAMESPACE not set if [[ -z ${PGO_NAMESPACE} ]] diff --git a/examples/custom-config/setup.sql b/examples/custom-config/setup.sql index 206005eb8a..ca7510ff93 100644 --- a/examples/custom-config/setup.sql +++ b/examples/custom-config/setup.sql @@ -1,5 +1,5 @@ /* - * Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + * Copyright 2017 - 2022 Crunchy Data Solutions, Inc. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at diff --git a/examples/envs.sh b/examples/envs.sh index 86bde3cde3..d30bb67261 100644 --- a/examples/envs.sh +++ b/examples/envs.sh @@ -22,8 +22,8 @@ export PGO_CONF_DIR=$PGOROOT/installers/ansible/roles/pgo-operator/files # the version of the Operator you run is set by these vars export PGO_IMAGE_PREFIX=registry.developers.crunchydata.com/crunchydata -export PGO_BASEOS=centos7 -export PGO_VERSION=4.5.0 +export PGO_BASEOS=ubi8 +export PGO_VERSION=4.5.7 export PGO_IMAGE_TAG=$PGO_BASEOS-$PGO_VERSION # for setting the pgo apiserver port, disabling TLS or not verifying TLS diff --git a/examples/helm/README.md b/examples/helm/README.md new file mode 100644 index 0000000000..6936a6ea86 --- /dev/null +++ b/examples/helm/README.md @@ -0,0 +1,79 @@ +# create-cluster + +This is a working example of how to create a cluster via the crd workflow +using a [Helm](https://helm.sh/) chart. + +## Prerequisites + +### Postgres Operator + +This example assumes you have the Crunchy PostgreSQL Operator installed +in a namespace called `pgo`. + +### Helm + +Helm will also need to be installed for this example to run + +## Documentation + +Please see the documentation for more guidance using custom resources: + +https://access.crunchydata.com/documentation/postgres-operator/latest/custom-resources/ + +## Setup + +If you are running Postgres Operator 4.5.3 or later, you can skip the below +step. + +### Before 4.5.3 + +``` +cd postgres-operator/examples/helm/create-cluster + +mkdir certs +cd certs + +# this variable is the name of the cluster being created +export pgo_cluster_name=hippo + +# generate a SSH public/private keypair for use by pgBackRest +ssh-keygen -t ed25519 -N '' -f "${pgo_cluster_name}-key" +``` + +## Running the Example + +For this example we will deploy the cluster into the `pgo` namespace where the +Postgres Operator is installed and running. + +Return to the `create-cluster` directory: + +``` +cd postgres-operator/examples/helm/create-cluster +``` + +The following commands will allow you to execute a dry run first with debug +if you want to verify everything is set correctly. Then after everything looks +good run the install command with out the flags: + +``` +helm install --dry-run --debug postgres-operator-create-cluster . -n pgo +helm install postgres-operator-create-cluster . -n pgo +``` + +## Verify + +Now you can your Hippo cluster has deployed into the pgo namespace by running +these few commands: + +``` +kubectl get all -n pgo + +pgo test hippo -n pgo + +pgo show cluster hippo -n pgo +``` + +## NOTE + +As of operator version 4.5.0 when using helm uninstall you will have to manually +clean up some left over artifacts after running the uninstall. diff --git a/examples/helm/create-cluster/.helmignore b/examples/helm/create-cluster/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/examples/helm/create-cluster/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/examples/helm/create-cluster/Chart.yaml b/examples/helm/create-cluster/Chart.yaml new file mode 100644 index 0000000000..5857415edb --- /dev/null +++ b/examples/helm/create-cluster/Chart.yaml @@ -0,0 +1,23 @@ +apiVersion: v2 +name: crunchycrdcluster +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +appVersion: 1.16.0 diff --git a/examples/helm/create-cluster/templates/NOTES.txt b/examples/helm/create-cluster/templates/NOTES.txt new file mode 100644 index 0000000000..542443a66e --- /dev/null +++ b/examples/helm/create-cluster/templates/NOTES.txt @@ -0,0 +1,34 @@ +Thank you deploying a crunchy postgreSQL cluster v{{ .Chart.AppVersion }}! + + (((((((((((((((((((((( + (((((((((((((%%%%%%%((((((((((((((( + (((((((((((%%% %%%%(((((((((((( + (((((((((((%%( (((( ( %%%((((((((((( + (((((((((((((%% (( ,(( %%%((((((((((( + (((((((((((((((%% *%%/ %%%%%%%(((((((((( + (((((((((((((((((((%%(( %%%%%%%%%%#(((((%%%%%%%%%%#(((((((((((( + ((((((((((((((((((%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%(((((((((((((( + *((((((((((((((((((((%%%%%% /%%%%%%%%%%%%%%%%%%%(((((((((((((((( + (((((((((((((((((((((((%%%/ .%, %%%((((((((((((((((((, + ((((((((((((((((((((((% %#((((((((((((((((( +(((((((((((((((%%%%%% #%((((((((((((((((( +((((((((((((((%% %%(((((((((((((((, +((((((((((((%%%#% % %%((((((((((((((( +((((((((((((%. % % #(((((((((((((( +(((((((((((%% % %%* %((((((((((((( +#(###(###(#%% %%% %% %%% #%%#(###(###(# +###########%%%%% /%%%%%%%%%%%%% %% %%%%% ,%%####### +###############%% %%%%%% %%% %%%%%%%% %%##### + ################%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% %%## + ################%% %%%%%%%%%%%%%%%%% %%%% % + ##############%# %% (%%%%%%% %%%%%% + #############% %%%%% %%%%%%%%%%% + ###########% %%%%%%%%%%% %%%%%%%%% + #########%% %% %%%%%%%%%%%%%%%# + ########%% %% %%%%%%%%% + ######%% %% %%%%%% + ####%%% %%%%% % + %% %%%% + +More information about the custom resource workflow the docs can be found here: +https://access.crunchydata.com/documentation/postgres-operator/latest/custom-resources/ diff --git a/examples/helm/create-cluster/templates/_helpers.tpl b/examples/helm/create-cluster/templates/_helpers.tpl new file mode 100644 index 0000000000..8ebe4c4d53 --- /dev/null +++ b/examples/helm/create-cluster/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "crunchycrdcluster.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "crunchycrdcluster.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "crunchycrdcluster.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "crunchycrdcluster.labels" -}} +helm.sh/chart: {{ include "crunchycrdcluster.chart" . }} +{{ include "crunchycrdcluster.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "crunchycrdcluster.selectorLabels" -}} +app.kubernetes.io/name: {{ include "crunchycrdcluster.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "crunchycrdcluster.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "crunchycrdcluster.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/examples/helm/create-cluster/templates/hippo-secret.yaml b/examples/helm/create-cluster/templates/hippo-secret.yaml new file mode 100644 index 0000000000..8e922196e1 --- /dev/null +++ b/examples/helm/create-cluster/templates/hippo-secret.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +data: + password: {{ .Values.hipposecretpassword | b64enc }} + username: {{ .Values.hipposecretuser | b64enc }} +kind: Secret +metadata: + labels: + pg-cluster: {{ .Values.pgclustername }} + vendor: crunchydata + name: {{ .Values.pgclustername }}-hippo-secret + namespace: {{ .Values.namespace }} +type: Opaque diff --git a/examples/helm/create-cluster/templates/pgcluster.yaml b/examples/helm/create-cluster/templates/pgcluster.yaml new file mode 100644 index 0000000000..2b29f4ce97 --- /dev/null +++ b/examples/helm/create-cluster/templates/pgcluster.yaml @@ -0,0 +1,95 @@ +apiVersion: crunchydata.com/v1 +kind: Pgcluster +metadata: + annotations: + current-primary: {{ .Values.pgclustername }} + labels: + autofail: "true" + crunchy-pgbadger: "false" + crunchy-pgha-scope: {{ .Values.pgclustername }} + crunchy-postgres-exporter: "false" + deployment-name: {{ .Values.pgclustername }} + name: {{ .Values.pgclustername }} + pg-cluster: {{ .Values.pgclustername }} + pg-pod-anti-affinity: "" + pgo-backrest: "true" + pgo-version: 4.5.7 + pgouser: admin + name: {{ .Values.pgclustername }} + namespace: {{ .Values.namespace }} +spec: + BackrestStorage: + accessmode: ReadWriteOnce + matchLabels: "" + name: "" + size: 3G + storageclass: "" + storagetype: dynamic + supplementalgroups: "" + PrimaryStorage: + accessmode: ReadWriteOnce + matchLabels: "" + name: {{ .Values.pgclustername }} + size: 3G + storageclass: "" + storagetype: dynamic + supplementalgroups: "" + ReplicaStorage: + accessmode: ReadWriteOnce + matchLabels: "" + name: "" + size: 3G + storageclass: "" + storagetype: dynamic + supplementalgroups: "" + annotations: + backrestLimits: {} + backrestRepoPath: "" + backrestResources: + memory: 48Mi + backrestS3Bucket: "" + backrestS3Endpoint: "" + backrestS3Region: "" + backrestS3URIStyle: "" + backrestS3VerifyTLS: "" + ccpimage: {{ .Values.ccpimage }} + ccpimageprefix: {{ .Values.ccpimageprefix }} + ccpimagetag: {{ .Values.ccpimagetag }} + clustername: {{ .Values.pgclustername }} + customconfig: "" + database: {{ .Values.pgclustername }} + exporterport: "9187" + limits: {} + name: {{ .Values.pgclustername }} + namespace: {{ .Values.namespace }} + pgBouncer: + limits: {} + replicas: 0 + pgDataSource: + restoreFrom: "" + restoreOpts: "" + pgbadgerport: "10000" + pgoimageprefix: {{ .Values.pgoimageprefix }} + podAntiAffinity: + default: preferred + pgBackRest: preferred + pgBouncer: preferred + policies: "" + port: "5432" + primarysecretname: {{ .Values.pgclustername }}-primaryuser-secret + replicas: "0" + rootsecretname: {{ .Values.pgclustername }}-postgres-secret + shutdown: false + standby: false + tablespaceMounts: {} + tls: + caSecret: "" + replicationTLSSecret: "" + tlsSecret: "" + tlsOnly: false + user: hippo + userlabels: + crunchy-postgres-exporter: "false" + pg-pod-anti-affinity: "" + pgo-version: {{ .Values.pgoversion }} + usersecretname: {{ .Values.pgclustername }}-hippo-secret diff --git a/examples/helm/create-cluster/templates/postgres-secret.yaml b/examples/helm/create-cluster/templates/postgres-secret.yaml new file mode 100644 index 0000000000..914da77e1c --- /dev/null +++ b/examples/helm/create-cluster/templates/postgres-secret.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +data: + password: {{ .Values.postgressecretpassword | b64enc }} + username: {{ .Values.postgressecretuser | b64enc }} +kind: Secret +metadata: + labels: + pg-cluster: {{ .Values.pgclustername }} + vendor: crunchydata + name: {{ .Values.pgclustername }}-postgres-secret + namespace: {{ .Values.namespace }} +type: Opaque \ No newline at end of file diff --git a/examples/helm/create-cluster/templates/primaryuser-secret.yaml b/examples/helm/create-cluster/templates/primaryuser-secret.yaml new file mode 100644 index 0000000000..f4471b8fd2 --- /dev/null +++ b/examples/helm/create-cluster/templates/primaryuser-secret.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +data: + password: {{ .Values.primaryusersecretpassword | b64enc }} + username: {{ .Values.primaryusersecretuser | b64enc }} +kind: Secret +metadata: + labels: + pg-cluster: {{ .Values.pgclustername }} + vendor: crunchydata + name: {{ .Values.pgclustername }}-primaryuser-secret + namespace: {{ .Values.namespace }} +type: Opaque \ No newline at end of file diff --git a/examples/helm/create-cluster/values.yaml b/examples/helm/create-cluster/values.yaml new file mode 100644 index 0000000000..b6a8d32648 --- /dev/null +++ b/examples/helm/create-cluster/values.yaml @@ -0,0 +1,17 @@ +# Default values for pg_deployment in SDX. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +# The values is for the namespace and the postgresql cluster name +ccpimage: crunchy-postgres-ha +ccpimageprefix: registry.developers.crunchydata.com/crunchydata +ccpimagetag: ubi8-12.11-4.5.7 +namespace: pgo +pgclustername: hippo +pgoimageprefix: registry.developers.crunchydata.com/crunchydata +pgoversion: 4.5.7 +hipposecretuser: "hippo" +hipposecretpassword: "Supersecurepassword*" +postgressecretuser: "postgres" +postgressecretpassword: "Anothersecurepassword*" +primaryusersecretuser: "primaryuser" +primaryusersecretpassword: "Moresecurepassword*" \ No newline at end of file diff --git a/hack/boilerplate.go.txt b/hack/boilerplate.go.txt index 8aabc9a12b..22523257ce 100644 --- a/hack/boilerplate.go.txt +++ b/hack/boilerplate.go.txt @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/hack/config_sync.sh b/hack/config_sync.sh index cab45b023b..b7a7b95b95 100755 --- a/hack/config_sync.sh +++ b/hack/config_sync.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2020 Crunchy Data Solutions, Inc. +# Copyright 2020 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/hack/update-codegen.sh b/hack/update-codegen.sh index c9795398ae..f010b87f3a 100755 --- a/hack/update-codegen.sh +++ b/hack/update-codegen.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -# Copyright 2020 Crunchy Data Solutions, Inc. +# Copyright 2020 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/hack/verify-codegen.sh b/hack/verify-codegen.sh index c096654ca9..4c359a10bf 100755 --- a/hack/verify-codegen.sh +++ b/hack/verify-codegen.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -# Copyright 2020 Crunchy Data Solutions, Inc. +# Copyright 2020 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/installers/ansible/README.md b/installers/ansible/README.md index a9f0babd16..d6edeb160d 100644 --- a/installers/ansible/README.md +++ b/installers/ansible/README.md @@ -1,15 +1,15 @@ -# Crunchy Data PostgreSQL Operator Playbook +# PGO: Postgres Operator Playbook

- Crunchy Data + PGO: The Postgres Operator from Crunchy Data

-Latest Release: 4.5.0 +Latest Release: 4.5.9 ## General -This repository contains Ansible Roles for deploying the Crunchy PostgreSQL Operator -for Kubernetes and OpenShift. +This repository contains Ansible Roles for deploying PGO: the Postgres Operator +from [Crunchy Data](https://www.crunchydata.com) for Kubernetes and OpenShift. See the [official documentation for more information](https://crunchydata.github.io/postgres-operator/stable/) on installing Crunchy PostgreSQL Operator. diff --git a/installers/ansible/roles/pgo-operator/files/crds/pgclusters-crd.yaml b/installers/ansible/roles/pgo-operator/files/crds/pgclusters-crd.yaml index bea777b436..c6d414d74b 100644 --- a/installers/ansible/roles/pgo-operator/files/crds/pgclusters-crd.yaml +++ b/installers/ansible/roles/pgo-operator/files/crds/pgclusters-crd.yaml @@ -3,6 +3,8 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: pgclusters.crunchydata.com + labels: + vendor: crunchydata spec: group: crunchydata.com names: diff --git a/installers/ansible/roles/pgo-operator/files/crds/pgpolicies-crd.yaml b/installers/ansible/roles/pgo-operator/files/crds/pgpolicies-crd.yaml index 32e0d2014c..73d84f0173 100644 --- a/installers/ansible/roles/pgo-operator/files/crds/pgpolicies-crd.yaml +++ b/installers/ansible/roles/pgo-operator/files/crds/pgpolicies-crd.yaml @@ -3,6 +3,8 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: pgpolicies.crunchydata.com + labels: + vendor: crunchydata spec: group: crunchydata.com names: diff --git a/installers/ansible/roles/pgo-operator/files/crds/pgreplicas-crd.yaml b/installers/ansible/roles/pgo-operator/files/crds/pgreplicas-crd.yaml index 303f77f1ce..167474a41f 100644 --- a/installers/ansible/roles/pgo-operator/files/crds/pgreplicas-crd.yaml +++ b/installers/ansible/roles/pgo-operator/files/crds/pgreplicas-crd.yaml @@ -3,6 +3,8 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: pgreplicas.crunchydata.com + labels: + vendor: crunchydata spec: group: crunchydata.com names: diff --git a/installers/ansible/roles/pgo-operator/files/crds/pgtasks-crd.yaml b/installers/ansible/roles/pgo-operator/files/crds/pgtasks-crd.yaml index 20fce21e7a..14ae07386d 100644 --- a/installers/ansible/roles/pgo-operator/files/crds/pgtasks-crd.yaml +++ b/installers/ansible/roles/pgo-operator/files/crds/pgtasks-crd.yaml @@ -3,6 +3,8 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: pgtasks.crunchydata.com + labels: + vendor: crunchydata spec: group: crunchydata.com names: diff --git a/installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/aws-s3-ca.crt b/installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/aws-s3-ca.crt index 519028c63b..419c8de459 100644 --- a/installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/aws-s3-ca.crt +++ b/installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/aws-s3-ca.crt @@ -19,3 +19,127 @@ Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp -----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF +ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 +b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL +MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv +b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj +ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM +9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw +IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6 +VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L +93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm +jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA +A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI +U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs +N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv +o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU +5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy +rqXRfboQnoZsG4q5WTP468SQvvG5 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwF +ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 +b24gUm9vdCBDQSAyMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTEL +MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv +b3QgQ0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK2Wny2cSkxK +gXlRmeyKy2tgURO8TW0G/LAIjd0ZEGrHJgw12MBvIITplLGbhQPDW9tK6Mj4kHbZ +W0/jTOgGNk3Mmqw9DJArktQGGWCsN0R5hYGCrVo34A3MnaZMUnbqQ523BNFQ9lXg +1dKmSYXpN+nKfq5clU1Imj+uIFptiJXZNLhSGkOQsL9sBbm2eLfq0OQ6PBJTYv9K +8nu+NQWpEjTj82R0Yiw9AElaKP4yRLuH3WUnAnE72kr3H9rN9yFVkE8P7K6C4Z9r +2UXTu/Bfh+08LDmG2j/e7HJV63mjrdvdfLC6HM783k81ds8P+HgfajZRRidhW+me +z/CiVX18JYpvL7TFz4QuK/0NURBs+18bvBt+xa47mAExkv8LV/SasrlX6avvDXbR +8O70zoan4G7ptGmh32n2M8ZpLpcTnqWHsFcQgTfJU7O7f/aS0ZzQGPSSbtqDT6Zj +mUyl+17vIWR6IF9sZIUVyzfpYgwLKhbcAS4y2j5L9Z469hdAlO+ekQiG+r5jqFoz +7Mt0Q5X5bGlSNscpb/xVA1wf+5+9R+vnSUeVC06JIglJ4PVhHvG/LopyboBZ/1c6 ++XUyo05f7O0oYtlNc/LMgRdg7c3r3NunysV+Ar3yVAhU/bQtCSwXVEqY0VThUWcI +0u1ufm8/0i2BWSlmy5A5lREedCf+3euvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB +Af8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSwDPBMMPQFWAJI/TPlUq9LhONm +UjANBgkqhkiG9w0BAQwFAAOCAgEAqqiAjw54o+Ci1M3m9Zh6O+oAA7CXDpO8Wqj2 +LIxyh6mx/H9z/WNxeKWHWc8w4Q0QshNabYL1auaAn6AFC2jkR2vHat+2/XcycuUY ++gn0oJMsXdKMdYV2ZZAMA3m3MSNjrXiDCYZohMr/+c8mmpJ5581LxedhpxfL86kS +k5Nrp+gvU5LEYFiwzAJRGFuFjWJZY7attN6a+yb3ACfAXVU3dJnJUH/jWS5E4ywl +7uxMMne0nxrpS10gxdr9HIcWxkPo1LsmmkVwXqkLN1PiRnsn/eBG8om3zEK2yygm +btmlyTrIQRNg91CMFa6ybRoVGld45pIq2WWQgj9sAq+uEjonljYE1x2igGOpm/Hl +urR8FLBOybEfdF849lHqm/osohHUqS0nGkWxr7JOcQ3AWEbWaQbLU8uz/mtBzUF+ +fUwPfHJ5elnNXkoOrJupmHN5fLT0zLm4BwyydFy4x2+IoZCn9Kr5v2c69BoVYh63 +n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE +76KlXIx3KadowGuuQNKotOrN8I1LOJwZmhsoVLiJkO/KdYE+HvJkJMcYr07/R54H +9jVlpNMKVv/1F2Rs76giJUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT +4PsJYGw= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5 +MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g +Um9vdCBDQSAzMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG +A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg +Q0EgMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCmXp8ZBf8ANm+gBG1bG8lKl +ui2yEujSLtf6ycXYqm0fc4E7O5hrOXwzpcVOho6AF2hiRVd9RFgdszflZwjrZt6j +QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSr +ttvXBp43rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkr +BqWTrBqYaGFy+uGh0PsceGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteM +YyRIHN8wfdVoOw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5 +MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g +Um9vdCBDQSA0MB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG +A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg +Q0EgNDB2MBAGByqGSM49AgEGBSuBBAAiA2IABNKrijdPo1MN/sGKe0uoe0ZLY7Bi +9i0b2whxIdIA6GO9mif78DluXeo9pcmBqqNbIJhFXRbb/egQbeOc4OO9X4Ri83Bk +M6DLJC9wuoihKqB1+IGuYgbEgds5bimwHvouXKNCMEAwDwYDVR0TAQH/BAUwAwEB +/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFNPsxzplbszh2naaVvuc84ZtV+WB +MAoGCCqGSM49BAMDA2gAMGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlw +CkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1AE47xDqUEpHJWEadIRNyp4iciuRMStuW +1KyLa2tJElMzrdfkviT8tQp21KW8EA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT +HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVs +ZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5 +MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNVBAYTAlVTMRAwDgYD +VQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFy +ZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2Vy +dmljZXMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20p +OsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm2 +8xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4PahHQUw2eeBGg6345AWh1K +Ts9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLPLJGmpufe +hRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk +6mFBrMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAw +DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+q +AdcwKziIorhtSpzyEZGDMA0GCSqGSIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMI +bw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPPE95Dz+I0swSdHynVv/heyNXB +ve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTyxQGjhdByPq1z +qwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd +iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn +0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN +sSi6 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl +MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp +U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw +NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE +ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp +ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3 +DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf +8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN ++lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0 +X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa +K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA +1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G +A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR +zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0 +YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD +bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w +DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3 +L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D +eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl +xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp +VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY +WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q= +-----END CERTIFICATE----- diff --git a/installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/sshd_config b/installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/sshd_config index 3a96f209da..5a0f61e8f9 100644 --- a/installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/sshd_config +++ b/installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/sshd_config @@ -80,18 +80,9 @@ ChallengeResponseAuthentication yes #GSSAPIKeyExchange no #GSSAPIEnablek5users no -# Set this to 'yes' to enable PAM authentication, account processing, -# and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication and -# PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via ChallengeResponseAuthentication may bypass -# the setting of "PermitRootLogin without-password". -# If you just want the PAM account and session checks to run without -# PAM authentication, then enable this but set PasswordAuthentication -# and ChallengeResponseAuthentication to 'no'. -# WARNING: 'UsePAM no' is not supported in Red Hat Enterprise Linux and may cause several -# problems. -UsePAM yes +# This is set explicitly to *no* as we are only using pubkey authentication and +# because each container is isolated to only an unprivileged user. +UsePAM no #AllowAgentForwarding yes #AllowTcpForwarding yes diff --git a/installers/ansible/roles/pgo-operator/files/pgo-configs/cluster-bootstrap-job.json b/installers/ansible/roles/pgo-operator/files/pgo-configs/cluster-bootstrap-job.json index ecd2cf735a..9bd5a10f21 100644 --- a/installers/ansible/roles/pgo-operator/files/pgo-configs/cluster-bootstrap-job.json +++ b/installers/ansible/roles/pgo-operator/files/pgo-configs/cluster-bootstrap-job.json @@ -166,8 +166,7 @@ }, { "name": "sshd", "secret": { - "secretName": "{{.RestoreFrom}}-backrest-repo-config", - "defaultMode": 511 + "secretName": "{{.RestoreFrom}}-backrest-repo-config" } }, {{if .TLSEnabled}} diff --git a/installers/ansible/roles/pgo-operator/files/pgo-configs/cluster-deployment.json b/installers/ansible/roles/pgo-operator/files/pgo-configs/cluster-deployment.json index 4a44785b27..b92f0e3b94 100644 --- a/installers/ansible/roles/pgo-operator/files/pgo-configs/cluster-deployment.json +++ b/installers/ansible/roles/pgo-operator/files/pgo-configs/cluster-deployment.json @@ -252,8 +252,7 @@ }, { "name": "sshd", "secret": { - "secretName": "{{.ClusterName}}-backrest-repo-config", - "defaultMode": 511 + "secretName": "{{.ClusterName}}-backrest-repo-config" } }, { "name": "root-volume", diff --git a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgbackrest-env-vars.json b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgbackrest-env-vars.json index fcf64b9679..8391309154 100644 --- a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgbackrest-env-vars.json +++ b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgbackrest-env-vars.json @@ -39,7 +39,7 @@ "value": "{{.PgbackrestPGPort}}" }, { - "name": "PGBACKREST_REPO_TYPE", + "name": "PGBACKREST_REPO1_TYPE", "value": "{{.PgbackrestRepo1Type}}" }, { diff --git a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-repo-template.json b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-repo-template.json index 5f9e5d5049..1c14cc08e4 100644 --- a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-repo-template.json +++ b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-repo-template.json @@ -102,8 +102,7 @@ "volumes": [{ "name": "sshd", "secret": { - "secretName": "{{.SshdSecretsName}}", - "defaultMode": 511 + "secretName": "{{.SshdSecretsName}}" } }, { "name": "backrestrepo", diff --git a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-role-binding.json b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-role-binding.json index 84f1c031fc..5c4163b892 100644 --- a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-role-binding.json +++ b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-role-binding.json @@ -3,7 +3,10 @@ "kind": "RoleBinding", "metadata": { "name": "pgo-backrest-role-binding", - "namespace": "{{.TargetNamespace}}" + "namespace": "{{.TargetNamespace}}", + "labels": { + "vendor": "crunchydata" + } }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", diff --git a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-role.json b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-role.json index ca1c5b4e0b..f14634c7c1 100644 --- a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-role.json +++ b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-role.json @@ -3,7 +3,10 @@ "kind": "Role", "metadata": { "name": "pgo-backrest-role", - "namespace": "{{.TargetNamespace}}" + "namespace": "{{.TargetNamespace}}", + "labels": { + "vendor": "crunchydata" + } }, "rules": [ { diff --git a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-sa.json b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-sa.json index d3d8d19c4b..cf5607a504 100644 --- a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-sa.json +++ b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-backrest-sa.json @@ -3,6 +3,9 @@ "kind": "ServiceAccount", "metadata": { "name": "pgo-backrest", - "namespace": "{{.TargetNamespace}}" + "namespace": "{{.TargetNamespace}}", + "labels": { + "vendor": "crunchydata" + } } } diff --git a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-default-sa.json b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-default-sa.json index 5a8a52865c..f35dd542bd 100644 --- a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-default-sa.json +++ b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-default-sa.json @@ -3,7 +3,10 @@ "kind": "ServiceAccount", "metadata": { "name": "pgo-default", - "namespace": "{{.TargetNamespace}}" + "namespace": "{{.TargetNamespace}}", + "labels": { + "vendor": "crunchydata" + } }, "automountServiceAccountToken": false } diff --git a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-target-role-binding.json b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-target-role-binding.json index df279ee347..5b23bcd927 100644 --- a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-target-role-binding.json +++ b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-target-role-binding.json @@ -3,7 +3,10 @@ "kind": "RoleBinding", "metadata": { "name": "pgo-target-role-binding", - "namespace": "{{.TargetNamespace}}" + "namespace": "{{.TargetNamespace}}", + "labels": { + "vendor": "crunchydata" + } }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", diff --git a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-target-role.json b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-target-role.json index 1cb6a31cc5..612307356d 100644 --- a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-target-role.json +++ b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-target-role.json @@ -3,7 +3,10 @@ "kind": "Role", "metadata": { "name": "pgo-target-role", - "namespace": "{{.TargetNamespace}}" + "namespace": "{{.TargetNamespace}}", + "labels": { + "vendor": "crunchydata" + } }, "rules": [ { @@ -15,8 +18,6 @@ "endpoints", "pods", "pods/exec", - "pods/log", - "replicasets", "secrets", "services", "persistentvolumeclaims" @@ -32,12 +33,26 @@ "deletecollection" ] }, + { + "apiGroups": [ + "" + ], + "resources": [ + "pods/log" + ], + "verbs":[ + "get", + "list", + "watch" + ] + }, { "apiGroups": [ "apps" ], "resources": [ - "deployments" + "deployments", + "replicasets" ], "verbs":[ "get", diff --git a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-target-sa.json b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-target-sa.json index 5d31bd4441..28cfb06565 100644 --- a/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-target-sa.json +++ b/installers/ansible/roles/pgo-operator/files/pgo-configs/pgo-target-sa.json @@ -3,6 +3,9 @@ "kind": "ServiceAccount", "metadata": { "name": "pgo-target", - "namespace": "{{.TargetNamespace}}" + "namespace": "{{.TargetNamespace}}", + "labels": { + "vendor": "crunchydata" + } } } diff --git a/installers/ansible/roles/pgo-operator/tasks/certs.yml b/installers/ansible/roles/pgo-operator/tasks/certs.yml deleted file mode 100644 index 4c66e89892..0000000000 --- a/installers/ansible/roles/pgo-operator/tasks/certs.yml +++ /dev/null @@ -1,54 +0,0 @@ ---- -- name: Ensure directory exists for local self-signed TLS certs. - file: - path: '{{ output_dir }}' - state: directory - tags: - - install - -- name: Generate RSA Key - command: openssl genrsa -out "{{ output_dir }}/server.key" 2048 - args: - creates: "{{ output_dir }}/server.key" - tags: - - install - -- name: Generate CSR - command: openssl req \ - -new \ - -subj '/C=US/ST=SC/L=Charleston/O=CrunchyData/CN=pg-operator' \ - -key "{{ output_dir }}/server.key" \ - -out "{{ output_dir }}/server.csr" - args: - creates: "{{ output_dir }}/server.csr" - tags: - - install - -- name: Generate Self-signed Certificate - command: openssl req \ - -x509 \ - -days 1825 \ - -key "{{ output_dir }}/server.key" \ - -in "{{ output_dir }}/server.csr" \ - -out "{{ output_dir }}/server.crt" - args: - creates: "{{ output_dir }}/server.crt" - tags: - - install - -- name: Ensure {{ pgo_keys_dir }} Directory Exists - file: - path: '{{ pgo_keys_dir }}' - state: directory - tags: - - install - -- name: Copy certificates to {{ pgo_keys_dir }} - command: "cp {{ output_dir }}/server.crt {{ pgo_keys_dir }}/client.crt" - tags: - - install - -- name: Copy keys to {{ pgo_keys_dir }} - command: "cp {{ output_dir }}/server.key {{ pgo_keys_dir }}/client.key" - tags: - - install diff --git a/installers/ansible/roles/pgo-operator/tasks/cleanup.yml b/installers/ansible/roles/pgo-operator/tasks/cleanup.yml index ffe9626c56..2f7925afd2 100644 --- a/installers/ansible/roles/pgo-operator/tasks/cleanup.yml +++ b/installers/ansible/roles/pgo-operator/tasks/cleanup.yml @@ -6,6 +6,20 @@ - uninstall - update +- name: Get number of Operator instances in this cluster + shell: | + {{ kubectl_or_oc }} get deployment --field-selector=metadata.name=postgres-operator --selector=vendor=crunchydata --all-namespaces -o name | wc -l + register: num_operators + tags: + - uninstall + - update + +- name: Set boolean for multi-operator environment + set_fact: multi_operator_env="{{ 'true' if num_operators.stdout | int > 1 else 'false' }}" + tags: + - uninstall + - update + - name: Find watched namespaces shell: | {{ kubectl_or_oc }} get namespaces -o json --selector=vendor=crunchydata,pgo-installation-name={{ pgo_installation_name }} @@ -152,7 +166,8 @@ tags: - uninstall - update - when: create_rbac|bool + when: not multi_operator_env|bool and + create_rbac|bool - name: Delete cluster-admin Cluster Role Binding for PGO Service Account command: "{{ kubectl_or_oc }} delete clusterrolebinding pgo-cluster-admin" @@ -161,7 +176,8 @@ tags: - uninstall - update - when: create_rbac|bool + when: not multi_operator_env|bool and + create_rbac|bool - name: Delete existing Cluster Roles shell: | @@ -173,7 +189,8 @@ tags: - uninstall - update - when: create_rbac|bool + when: not multi_operator_env|bool and + create_rbac|bool - name: Delete existing PGO Role Bindings (Watched Namespaces) shell: | @@ -233,6 +250,7 @@ pgpolicies.crunchydata.com pgreplicas.crunchydata.com pgtasks.crunchydata.com ignore_errors: yes no_log: false + when: not multi_operator_env|bool tags: uninstall - name: Remove Labels from Watched Namespaces @@ -276,7 +294,8 @@ file: state: absent path: "/usr/local/bin/pgo" - when: pgo_client_install == "true" + when: pgo_client_install == "true" and + not multi_operator_env|bool ignore_errors: yes no_log: false tags: uninstall diff --git a/installers/ansible/roles/pgo-operator/tasks/main.yml b/installers/ansible/roles/pgo-operator/tasks/main.yml index c9fc36e6a0..aafe7b6679 100644 --- a/installers/ansible/roles/pgo-operator/tasks/main.yml +++ b/installers/ansible/roles/pgo-operator/tasks/main.yml @@ -44,10 +44,6 @@ tags: - uninstall -- include_tasks: certs.yml - tags: - - install - - name: Use kubectl or oc set_fact: kubectl_or_oc: "{{ openshift_oc_bin if openshift_oc_bin is defined else 'kubectl' }}" @@ -106,7 +102,7 @@ when: pgorole_pgoadmin_result.rc == 1 - name: PGO Service Account - when: + when: - create_rbac|bool tags: - install @@ -128,7 +124,7 @@ when: pgo_service_account_result.rc == 1 - name: Cluster RBAC (namespace_mode 'dynamic') - when: + when: - create_rbac|bool - namespace_mode == "dynamic" tags: @@ -151,7 +147,7 @@ when: cluster_rbac_result.rc == 1 - name: Cluster RBAC (namespace_mode 'readonly') - when: + when: - create_rbac|bool - namespace_mode == "readonly" tags: @@ -179,7 +175,7 @@ tags: - install - update - when: + when: - create_rbac|bool - namespace_mode == "disabled" @@ -219,7 +215,8 @@ command: | {{ kubectl_or_oc }} create clusterrolebinding pgo-cluster-admin \ --clusterrole cluster-admin \ - --serviceaccount "{{ pgo_operator_namespace }}:postgres-operator" + --serviceaccount "{{ pgo_operator_namespace }}:postgres-operator" && \ + {{ kubectl_or_oc }} label clusterrolebinding pgo-cluster-admin vendor=crunchydata when: pgo_cluster_admin_result.rc == 1 @@ -266,31 +263,13 @@ - name: Create PGO BackRest Repo Secret command: | {{ kubectl_or_oc }} create secret generic pgo-backrest-repo-config \ - --from-file=config='{{ role_path }}/files/pgo-backrest-repo/config' \ - --from-file=sshd_config='{{ role_path }}/files/pgo-backrest-repo/sshd_config' \ - --from-file=aws-s3-ca.crt='{{ role_path }}/files/pgo-backrest-repo/aws-s3-ca.crt' \ --from-literal=aws-s3-key='{{ backrest_aws_s3_key }}' \ --from-literal=aws-s3-key-secret='{{ backrest_aws_s3_secret }}' \ -n {{ pgo_operator_namespace }} - when: pgo_backrest_repo_config_result.rc == 1 - - - name: PGO API Secret - tags: - - install - - update - block: - - name: Check PGO API Secret - shell: "{{ kubectl_or_oc }} get secret pgo.tls -n {{ pgo_operator_namespace }}" - register: pgo_tls_result - failed_when: false - - - name: Create PGO API Secret - command: | - {{ kubectl_or_oc }} create secret tls pgo.tls \ - --cert='{{ output_dir }}/server.crt' \ - --key='{{ output_dir }}/server.key' \ - -n {{ pgo_operator_namespace }} - when: pgo_tls_result.rc == 1 + when: + - pgo_backrest_repo_config_result.rc == 1 + - (backrest_aws_s3_key | default('') != '') or + (backrest_aws_s3_secret | default('') != '') - name: PGO ConfigMap tags: @@ -307,7 +286,7 @@ shell: "{{ kubectl_or_oc }} get configmap pgo-config -n {{ pgo_operator_namespace }}" register: pgo_config_result failed_when: false - + - name: Create PGO ConfigMap command: | {{ kubectl_or_oc }} create configmap pgo-config \ @@ -361,6 +340,8 @@ - name: Wait for PGO to finish deploying command: "{{ kubectl_or_oc }} rollout status deployment/postgres-operator -n {{ pgo_operator_namespace }}" async: 600 + vars: + ansible_async_dir: /tmp/.ansible_async - name: PGO Client tags: @@ -403,8 +384,8 @@ shell: "{{ kubectl_or_oc }} get -f {{ output_dir }}/pgo-client.json" register: pgo_client_json_result failed_when: false - + - name: Create PGO-Client deployment command: | {{ kubectl_or_oc }} create --filename='{{ output_dir }}/pgo-client.json' - when: pgo_client_json_result.rc == 1 \ No newline at end of file + when: pgo_client_json_result.rc == 1 diff --git a/installers/ansible/roles/pgo-operator/templates/add-targeted-namespace.sh.j2 b/installers/ansible/roles/pgo-operator/templates/add-targeted-namespace.sh.j2 index 380a8a80b7..b8f2ab2e9f 100644 --- a/installers/ansible/roles/pgo-operator/templates/add-targeted-namespace.sh.j2 +++ b/installers/ansible/roles/pgo-operator/templates/add-targeted-namespace.sh.j2 @@ -1,5 +1,5 @@ #!/bin/bash -# Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2017 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/installers/ansible/roles/pgo-operator/templates/cluster-rbac-readonly.yaml.j2 b/installers/ansible/roles/pgo-operator/templates/cluster-rbac-readonly.yaml.j2 index 3021d4a058..f34e1b9579 100644 --- a/installers/ansible/roles/pgo-operator/templates/cluster-rbac-readonly.yaml.j2 +++ b/installers/ansible/roles/pgo-operator/templates/cluster-rbac-readonly.yaml.j2 @@ -3,6 +3,8 @@ kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: pgo-cluster-role + labels: + vendor: crunchydata rules: - apiGroups: - '' @@ -17,6 +19,8 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: pgo-cluster-role + labels: + vendor: crunchydata roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/installers/ansible/roles/pgo-operator/templates/cluster-rbac.yaml.j2 b/installers/ansible/roles/pgo-operator/templates/cluster-rbac.yaml.j2 index 771080042e..03783810da 100644 --- a/installers/ansible/roles/pgo-operator/templates/cluster-rbac.yaml.j2 +++ b/installers/ansible/roles/pgo-operator/templates/cluster-rbac.yaml.j2 @@ -3,6 +3,8 @@ kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: pgo-cluster-role + labels: + vendor: crunchydata rules: - apiGroups: - '' @@ -42,8 +44,6 @@ rules: - endpoints - pods - pods/exec - - pods/log - - replicasets - secrets - services - persistentvolumeclaims @@ -56,10 +56,19 @@ rules: - update - delete - deletecollection + - apiGroups: + - '' + resources: + - pods/log + verbs: + - get + - list + - watch - apiGroups: - apps resources: - deployments + - replicasets verbs: - get - list @@ -104,6 +113,8 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: pgo-cluster-role + labels: + vendor: crunchydata roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/installers/ansible/roles/pgo-operator/templates/local-namespace-rbac.yaml.j2 b/installers/ansible/roles/pgo-operator/templates/local-namespace-rbac.yaml.j2 index 4a878395ae..6eb3fe6144 100644 --- a/installers/ansible/roles/pgo-operator/templates/local-namespace-rbac.yaml.j2 +++ b/installers/ansible/roles/pgo-operator/templates/local-namespace-rbac.yaml.j2 @@ -3,6 +3,8 @@ kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: pgo-local-ns + labels: + vendor: crunchydata rules: - apiGroups: - '' @@ -28,6 +30,8 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: pgo-local-ns + labels: + vendor: crunchydata roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -41,6 +45,8 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: pgo-target-role-binding + labels: + vendor: crunchydata roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/installers/ansible/roles/pgo-operator/templates/pgo-role-rbac.yaml.j2 b/installers/ansible/roles/pgo-operator/templates/pgo-role-rbac.yaml.j2 index 76af49dbcd..62ecb0a1b3 100644 --- a/installers/ansible/roles/pgo-operator/templates/pgo-role-rbac.yaml.j2 +++ b/installers/ansible/roles/pgo-operator/templates/pgo-role-rbac.yaml.j2 @@ -4,6 +4,8 @@ apiVersion: rbac.authorization.k8s.io/v1 metadata: name: pgo-role namespace: {{ pgo_operator_namespace }} + labels: + vendor: crunchydata rules: - apiGroups: - '' @@ -28,6 +30,8 @@ kind: RoleBinding metadata: name: pgo-role namespace: {{ pgo_operator_namespace }} + labels: + vendor: crunchydata roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/installers/ansible/roles/pgo-operator/templates/pgo-service-account.yaml.j2 b/installers/ansible/roles/pgo-operator/templates/pgo-service-account.yaml.j2 index b8a8de6a95..3baaa4a9f8 100644 --- a/installers/ansible/roles/pgo-operator/templates/pgo-service-account.yaml.j2 +++ b/installers/ansible/roles/pgo-operator/templates/pgo-service-account.yaml.j2 @@ -4,6 +4,8 @@ kind: ServiceAccount metadata: name: postgres-operator namespace: {{ pgo_operator_namespace }} + labels: + vendor: crunchydata imagePullSecrets: {% if ccp_image_pull_secret %} - name: {{ ccp_image_pull_secret }} diff --git a/installers/ansible/roles/pgo-operator/templates/pgouser-admin.yaml.j2 b/installers/ansible/roles/pgo-operator/templates/pgouser-admin.yaml.j2 index ca6d6eb4ed..c861fdc220 100644 --- a/installers/ansible/roles/pgo-operator/templates/pgouser-admin.yaml.j2 +++ b/installers/ansible/roles/pgo-operator/templates/pgouser-admin.yaml.j2 @@ -10,6 +10,6 @@ metadata: namespace: {{ pgo_operator_namespace }} type: Opaque data: - password: {{ pgo_admin_password | b64encode }} - username: {{ pgo_admin_username | b64encode }} - roles: {{ pgo_admin_role_name | b64encode }} + password: '{{ pgo_admin_password | b64encode }}' + username: '{{ pgo_admin_username | b64encode }}' + roles: '{{ pgo_admin_role_name | b64encode }}' diff --git a/installers/ansible/roles/pgo-operator/templates/service.json.j2 b/installers/ansible/roles/pgo-operator/templates/service.json.j2 index 766a060a72..b50985fa92 100644 --- a/installers/ansible/roles/pgo-operator/templates/service.json.j2 +++ b/installers/ansible/roles/pgo-operator/templates/service.json.j2 @@ -4,7 +4,8 @@ "metadata": { "name": "postgres-operator", "labels": { - "name": "postgres-operator" + "name": "postgres-operator", + "vendor": "crunchydata" } }, "spec": { diff --git a/installers/ansible/roles/pgo-preflight/tasks/check_vars.yml b/installers/ansible/roles/pgo-preflight/tasks/check_vars.yml index 3424c43151..e6d375affe 100644 --- a/installers/ansible/roles/pgo-preflight/tasks/check_vars.yml +++ b/installers/ansible/roles/pgo-preflight/tasks/check_vars.yml @@ -8,7 +8,6 @@ - pgo_operator_namespace - pgo_installation_name - pgo_admin_username - - pgo_admin_password - pgo_admin_role_name - pgo_admin_perms - ccp_image_prefix diff --git a/installers/ansible/values.yaml b/installers/ansible/values.yaml index 4eb672bcec..c76c35c783 100644 --- a/installers/ansible/values.yaml +++ b/installers/ansible/values.yaml @@ -17,7 +17,7 @@ badger: "false" ccp_image_prefix: "registry.developers.crunchydata.com/crunchydata" ccp_image_pull_secret: "" ccp_image_pull_secret_manifest: "" -ccp_image_tag: "centos7-12.4-4.5.0" +ccp_image_tag: "ubi8-12.13-4.5.9" create_rbac: "true" crunchy_debug: "false" db_name: "" @@ -50,14 +50,14 @@ pgo_apiserver_url: "https://postgres-operator" pgo_client_cert_secret: "pgo.tls" pgo_client_container_install: "false" pgo_client_install: "true" -pgo_client_version: "4.5.0" +pgo_client_version: "4.5.9" pgo_cluster_admin: "false" pgo_disable_eventing: "false" pgo_disable_tls: "false" pgo_image_prefix: "registry.developers.crunchydata.com/crunchydata" pgo_image_pull_secret: "" pgo_image_pull_secret_manifest: "" -pgo_image_tag: "centos7-4.5.0" +pgo_image_tag: "ubi8-4.5.9" pgo_installation_name: "devtest" pgo_noauth_routes: "" pgo_operator_namespace: "pgo" diff --git a/installers/gcp-marketplace/Dockerfile b/installers/gcp-marketplace/Dockerfile index adf85a355a..464e7d74fd 100644 --- a/installers/gcp-marketplace/Dockerfile +++ b/installers/gcp-marketplace/Dockerfile @@ -20,22 +20,24 @@ RUN apt-get update \ && apt-get install -y --no-install-recommends ansible=2.9.* openssh-client \ && rm -rf /var/lib/apt/lists/* -COPY installers/ansible/* \ +COPY ansible/* \ /opt/postgres-operator/ansible/ -COPY installers/favicon.png \ - installers/gcp-marketplace/install-job.yaml \ - installers/gcp-marketplace/install.sh \ - installers/gcp-marketplace/values.yaml \ +COPY favicon.png \ + gcp-marketplace/install-job.yaml \ + gcp-marketplace/install.sh \ + gcp-marketplace/values.yaml \ /opt/postgres-operator/ -COPY installers/gcp-marketplace/install-hook.sh \ +COPY gcp-marketplace/install-hook.sh \ /bin/create_manifests.sh -COPY installers/gcp-marketplace/schema.yaml \ +COPY gcp-marketplace/schema.yaml \ /data/ -COPY installers/gcp-marketplace/application.yaml \ +COPY gcp-marketplace/application.yaml \ /data/manifest/ -COPY installers/gcp-marketplace/test-pod.yaml \ +COPY gcp-marketplace/test-pod.yaml \ /data-test/manifest/ +COPY gcp-marketplace/test-schema.yaml \ + /data-test/schema.yaml ARG PGO_VERSION RUN for file in \ diff --git a/installers/gcp-marketplace/Makefile b/installers/gcp-marketplace/Makefile index 5f4f0c6eb1..8329eed52b 100644 --- a/installers/gcp-marketplace/Makefile +++ b/installers/gcp-marketplace/Makefile @@ -6,7 +6,7 @@ MARKETPLACE_TOOLS ?= gcr.io/cloud-marketplace-tools/k8s/dev:$(MARKETPLACE_VERSIO MARKETPLACE_VERSION ?= 0.9.4 KUBECONFIG ?= $(HOME)/.kube/config PARAMETERS ?= {} -PGO_VERSION ?= 4.5.0 +PGO_VERSION ?= 4.5.9 IMAGE_BUILD_ARGS = --build-arg MARKETPLACE_VERSION='$(MARKETPLACE_VERSION)' \ --build-arg PGO_VERSION='$(PGO_VERSION)' @@ -37,12 +37,12 @@ image: image-$(IMAGE_BUILDER) .PHONY: image-buildah image-buildah: ## Build the deployer image with Buildah - sudo buildah bud --file Dockerfile --tag '$(DEPLOYER_IMAGE)' $(IMAGE_BUILD_ARGS) --layers ../.. + sudo buildah bud --file Dockerfile --tag '$(DEPLOYER_IMAGE)' $(IMAGE_BUILD_ARGS) --layers .. sudo buildah push '$(DEPLOYER_IMAGE)' docker-daemon:'$(DEPLOYER_IMAGE)' .PHONY: image-docker image-docker: ## Build the deployer image with Docker - docker build --file Dockerfile --tag '$(DEPLOYER_IMAGE)' $(IMAGE_BUILD_ARGS) ../.. + docker build --file Dockerfile --tag '$(DEPLOYER_IMAGE)' $(IMAGE_BUILD_ARGS) .. # PARAMETERS='{"OPERATOR_NAMESPACE": "", "OPERATOR_NAME": "", "OPERATOR_ADMIN_PASSWORD": ""}' .PHONY: install diff --git a/installers/gcp-marketplace/README.md b/installers/gcp-marketplace/README.md index fd686764ad..31534e3eb4 100644 --- a/installers/gcp-marketplace/README.md +++ b/installers/gcp-marketplace/README.md @@ -1,11 +1,11 @@ - This directory contains the files that are used to install [Crunchy PostgreSQL for GKE][gcp-details], -which uses the PostgreSQL Operator, from the Google Cloud Marketplace. +which uses PGO: the PostgreSQL Operator from [Crunchy Data][crunchy-data], from the Google Cloud Marketplace. The integration centers around a container [image](./Dockerfile) that contains an installation [schema](./schema.yaml) and an [Application][k8s-app] [manifest](./application.yaml). Consult the [technical requirements][gcp-k8s-requirements] when making changes. +[crunchy-data]: https://www.crunchydata.com [k8s-app]: https://github.com/kubernetes-sigs/application/ [gcp-k8s]: https://cloud.google.com/marketplace/docs/kubernetes-apps/ [gcp-k8s-requirements]: https://cloud.google.com/marketplace/docs/partners/kubernetes-solutions/create-app-package @@ -59,7 +59,7 @@ Google Cloud Marketplace. ```shell IMAGE_REPOSITORY=gcr.io/crunchydata-public/postgres-operator - export PGO_VERSION=4.5.0 + export PGO_VERSION=4.5.9 export INSTALLER_IMAGE=${IMAGE_REPOSITORY}/deployer:${PGO_VERSION} export OPERATOR_IMAGE=${IMAGE_REPOSITORY}:${PGO_VERSION} export OPERATOR_IMAGE_API=${IMAGE_REPOSITORY}/pgo-apiserver:${PGO_VERSION} diff --git a/installers/gcp-marketplace/install.sh b/installers/gcp-marketplace/install.sh index 6dc770b993..3b65f8976d 100755 --- a/installers/gcp-marketplace/install.sh +++ b/installers/gcp-marketplace/install.sh @@ -37,16 +37,36 @@ resources=( clusterrolebinding/pgo-cluster-role configmap/pgo-config deployment/postgres-operator + role/pgo-backrest-role + role/pgo-pg-role role/pgo-role + role/pgo-target-role + rolebinding/pgo-backrest-role-binding + rolebinding/pgo-pg-role-binding rolebinding/pgo-role + rolebinding/pgo-target-role-binding secret/pgo.tls secret/pgo-backrest-repo-config secret/pgorole-pgoadmin secret/pgouser-admin service/postgres-operator + serviceaccount/pgo-backrest + serviceaccount/pgo-default + serviceaccount/pgo-pg + serviceaccount/pgo-target serviceaccount/postgres-operator ) for resource in "${resources[@]}"; do + kind="${resource%/*}" + name="${resource#*/}" + + for _ in $(seq 5); do + if [ "$( kc get "$kind" --field-selector="metadata.name=$name" --output=name )" ] + then break + else sleep 1s + fi + done + kc patch "$resource" --type=strategic --patch="$application_ownership" done diff --git a/installers/gcp-marketplace/schema.yaml b/installers/gcp-marketplace/schema.yaml index 6f0ec5320f..6b7e3df965 100644 --- a/installers/gcp-marketplace/schema.yaml +++ b/installers/gcp-marketplace/schema.yaml @@ -11,13 +11,13 @@ properties: INSTALLER_SERVICE_ACCOUNT: # This key appears in the ClusterRoleBinding name. title: Cluster Admin Service Account - description: >- - Name of a service account in the target namespace that has cluster-admin permissions. - This is used by the operator installer to create Custom Resource Definitions. type: string x-google-marketplace: type: SERVICE_ACCOUNT serviceAccount: + description: >- + Name of a service account in the target namespace that has cluster-admin permissions. + This is used by the operator installer to create Custom Resource Definitions. roles: - type: ClusterRole rulesType: PREDEFINED diff --git a/installers/gcp-marketplace/test-schema.yaml b/installers/gcp-marketplace/test-schema.yaml new file mode 100644 index 0000000000..5dae182d7e --- /dev/null +++ b/installers/gcp-marketplace/test-schema.yaml @@ -0,0 +1,6 @@ +properties: + OPERATOR_ADMIN_PASSWORD: + type: string + default: insecure + x-google-marketplace: + type: MASKED_FIELD diff --git a/installers/gcp-marketplace/values.yaml b/installers/gcp-marketplace/values.yaml index cb0840b35b..45ff49f7ec 100644 --- a/installers/gcp-marketplace/values.yaml +++ b/installers/gcp-marketplace/values.yaml @@ -10,7 +10,7 @@ badger: "false" ccp_image_prefix: "registry.developers.crunchydata.com/crunchydata" ccp_image_pull_secret: "" ccp_image_pull_secret_manifest: "" -ccp_image_tag: "centos7-12.4-4.5.0" +ccp_image_tag: "ubi8-12.13-4.5.9" create_rbac: "true" db_name: "" db_password_age_days: "0" @@ -32,9 +32,9 @@ pgo_admin_role_name: "pgoadmin" pgo_admin_username: "admin" pgo_client_container_install: "false" pgo_client_install: 'false' -pgo_client_version: "4.5.0" +pgo_client_version: "4.5.9" pgo_image_prefix: "registry.developers.crunchydata.com/crunchydata" -pgo_image_tag: "centos7-4.5.0" +pgo_image_tag: "ubi8-4.5.9" pgo_installation_name: '${OPERATOR_NAME}' pgo_operator_namespace: '${OPERATOR_NAMESPACE}' scheduler_timeout: "3600" diff --git a/installers/helm/Chart.yaml b/installers/helm/Chart.yaml index 6d7ffeaa30..58c24902d0 100644 --- a/installers/helm/Chart.yaml +++ b/installers/helm/Chart.yaml @@ -1,11 +1,11 @@ apiVersion: v2 name: postgres-operator -description: Crunchy PostgreSQL Operator Helm chart for Kubernetes +description: 'PGO: The Postgres Operator from Crunchy Data Helm Chart for Kubernetes' type: application version: 0.1.0 -appVersion: 4.5.0 +appVersion: 4.5.9 home: https://github.com/CrunchyData/postgres-operator -icon: https://github.com/CrunchyData/postgres-operator/raw/master/crunchy_logo.png +icon: https://github.com/CrunchyData/postgres-operator/raw/master/docs/static/logos/pgo.svg keywords: - PostgreSQL - Operator diff --git a/installers/helm/README.md b/installers/helm/README.md index bde966f9f9..0dbe9ac5a3 100644 --- a/installers/helm/README.md +++ b/installers/helm/README.md @@ -1,10 +1,10 @@ -# Crunchy PostgreSQL Operator +# PGO: The Postgres Operator from Crunchy Data -This Helm chart installs the Crunchy PostgreSQL Operator by using its “pgo-deployer” -container. Helm will setup the ServiceAccount, RBAC, and ConfigMap needed to run -the container as a Kubernetes Job. Then a job will be created based on `helm` -`install`, `upgrade`, or `uninstall`. After the job has completed the RBAC will -be cleaned up. +This Helm chart installs PGO: the Postgres Operator from Crunchy Data by using +its “pgo-deployer” container. Helm will setup the ServiceAccount, RBAC, and +ConfigMap needed to run the container as a Kubernetes Job. Then a job will +be created based on `helm` `install`, `upgrade`, or `uninstall`. After the +job has completed the RBAC will be cleaned up. ## Prerequisites @@ -39,10 +39,10 @@ cd postgres-operator/installers/helm helm uninstall postgres-operator -n pgo ``` -## Configuraiton +## Configuration The following shows the configurable parameters that are relevant to the Helm -Chart. A full list of all Crunchy PostgreSQL Operator configuration options can +Chart. A full list of all PGO configuration options can be found in the [documentation](https://access.crunchydata.com/documentation/postgres-operator/latest/installation/configuration/). | Name | Default | Description | diff --git a/installers/helm/templates/postgres-operator-install.yaml b/installers/helm/templates/postgres-operator-install.yaml index 43b0604c3b..8196dfb2a9 100644 --- a/installers/helm/templates/postgres-operator-install.yaml +++ b/installers/helm/templates/postgres-operator-install.yaml @@ -3,7 +3,7 @@ apiVersion: batch/v1 kind: Job metadata: - name: pgo-deploy + name: pgo-deploy-install namespace: {{ .Release.Namespace }} labels: {{ include "postgres-operator.labels" . | indent 4 }} diff --git a/installers/helm/templates/postgres-operator-uninstall.yaml b/installers/helm/templates/postgres-operator-uninstall.yaml index 0b7553b0e7..945295836b 100644 --- a/installers/helm/templates/postgres-operator-uninstall.yaml +++ b/installers/helm/templates/postgres-operator-uninstall.yaml @@ -3,7 +3,7 @@ apiVersion: batch/v1 kind: Job metadata: - name: pgo-deploy + name: pgo-deploy-uninstall namespace: {{ .Release.Namespace }} labels: {{ include "postgres-operator.labels" . | indent 4 }} diff --git a/installers/helm/templates/postgres-operator-upgrade.yaml b/installers/helm/templates/postgres-operator-upgrade.yaml index 4ba8954b14..30a450c8d4 100644 --- a/installers/helm/templates/postgres-operator-upgrade.yaml +++ b/installers/helm/templates/postgres-operator-upgrade.yaml @@ -3,7 +3,7 @@ apiVersion: batch/v1 kind: Job metadata: - name: pgo-deploy + name: pgo-deploy-upgrade namespace: {{ .Release.Namespace }} labels: {{ include "postgres-operator.labels" . | indent 4 }} diff --git a/installers/helm/templates/rbac.yaml b/installers/helm/templates/rbac.yaml index dbef140471..19d6fc06e4 100644 --- a/installers/helm/templates/rbac.yaml +++ b/installers/helm/templates/rbac.yaml @@ -73,6 +73,7 @@ rules: - extensions resources: - deployments + - replicasets verbs: - get - list @@ -145,4 +146,4 @@ subjects: - kind: ServiceAccount name: {{ include "postgres-operator.serviceAccountName" . }} namespace: {{ .Release.Namespace }} -{{ end }} \ No newline at end of file +{{ end }} diff --git a/installers/helm/values.yaml b/installers/helm/values.yaml index 649436e0af..c01b2822c3 100644 --- a/installers/helm/values.yaml +++ b/installers/helm/values.yaml @@ -37,7 +37,7 @@ badger: "false" ccp_image_prefix: "registry.developers.crunchydata.com/crunchydata" ccp_image_pull_secret: "" ccp_image_pull_secret_manifest: "" -ccp_image_tag: "centos7-12.4-4.5.0" +ccp_image_tag: "ubi8-12.13-4.5.9" create_rbac: "true" crunchy_debug: "false" db_name: "" @@ -70,14 +70,14 @@ pgo_apiserver_url: "https://postgres-operator" pgo_client_cert_secret: "pgo.tls" pgo_client_container_install: "false" pgo_client_install: "true" -pgo_client_version: "4.5.0" +pgo_client_version: "4.5.9" pgo_cluster_admin: "false" pgo_disable_eventing: "false" pgo_disable_tls: "false" pgo_image_prefix: "registry.developers.crunchydata.com/crunchydata" pgo_image_pull_secret: "" pgo_image_pull_secret_manifest: "" -pgo_image_tag: "centos7-4.5.0" +pgo_image_tag: "ubi8-4.5.9" pgo_installation_name: "devtest" pgo_noauth_routes: "" pgo_operator_namespace: "pgo" diff --git a/installers/image/bin/pgo-deploy.sh b/installers/image/bin/pgo-deploy.sh index 9a965d58be..088d37c5de 100755 --- a/installers/image/bin/pgo-deploy.sh +++ b/installers/image/bin/pgo-deploy.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2020 Crunchy Data Solutions, Inc. +# Copyright 2020 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/installers/image/conf/kubernetes.repo b/installers/image/conf/kubernetes.repo index 0a8b4cf2bf..8830e53746 100644 --- a/installers/image/conf/kubernetes.repo +++ b/installers/image/conf/kubernetes.repo @@ -3,5 +3,5 @@ name=Kubernetes baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 -repo_gpgcheck=1 +repo_gpgcheck=0 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg \ No newline at end of file diff --git a/installers/kubectl/client-setup.sh b/installers/kubectl/client-setup.sh index 6956d63f6b..4d32c82270 100755 --- a/installers/kubectl/client-setup.sh +++ b/installers/kubectl/client-setup.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2020 Crunchy Data Solutions, Inc. +# Copyright 2020 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -14,7 +14,7 @@ # This script should be run after the operator has been deployed PGO_OPERATOR_NAMESPACE="${PGO_OPERATOR_NAMESPACE:-pgo}" PGO_USER_ADMIN="${PGO_USER_ADMIN:-pgouser-admin}" -PGO_CLIENT_VERSION="${PGO_CLIENT_VERSION:-v4.5.0}" +PGO_CLIENT_VERSION="${PGO_CLIENT_VERSION:-v4.5.9}" PGO_CLIENT_URL="https://github.com/CrunchyData/postgres-operator/releases/download/${PGO_CLIENT_VERSION}" PGO_CMD="${PGO_CMD-kubectl}" diff --git a/installers/kubectl/postgres-operator-ocp311.yml b/installers/kubectl/postgres-operator-ocp311.yml index 9978d052d3..c993ec3981 100644 --- a/installers/kubectl/postgres-operator-ocp311.yml +++ b/installers/kubectl/postgres-operator-ocp311.yml @@ -3,12 +3,16 @@ kind: ServiceAccount metadata: name: pgo-deployer-sa namespace: pgo + labels: + vendor: crunchydata --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: pgo-deployer-crb namespace: pgo + labels: + vendor: crunchydata roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -23,6 +27,8 @@ kind: ConfigMap metadata: name: pgo-deployer-cm namespace: pgo + labels: + vendor: crunchydata data: values.yaml: |- # ===================== @@ -44,7 +50,7 @@ data: ccp_image_prefix: "registry.developers.crunchydata.com/crunchydata" ccp_image_pull_secret: "" ccp_image_pull_secret_manifest: "" - ccp_image_tag: "centos7-12.4-4.5.0" + ccp_image_tag: "ubi8-12.13-4.5.9" create_rbac: "true" crunchy_debug: "false" db_name: "" @@ -77,14 +83,14 @@ data: pgo_client_cert_secret: "pgo.tls" pgo_client_container_install: "false" pgo_client_install: "true" - pgo_client_version: "4.5.0" + pgo_client_version: "4.5.9" pgo_cluster_admin: "false" pgo_disable_eventing: "false" pgo_disable_tls: "false" pgo_image_prefix: "registry.developers.crunchydata.com/crunchydata" pgo_image_pull_secret: "" pgo_image_pull_secret_manifest: "" - pgo_image_tag: "centos7-4.5.0" + pgo_image_tag: "ubi8-4.5.9" pgo_installation_name: "devtest" pgo_noauth_routes: "" pgo_operator_namespace: "pgo" @@ -151,17 +157,21 @@ kind: Job metadata: name: pgo-deploy namespace: pgo + labels: + vendor: crunchydata spec: backoffLimit: 0 template: metadata: name: pgo-deploy + labels: + vendor: crunchydata spec: serviceAccountName: pgo-deployer-sa restartPolicy: Never containers: - name: pgo-deploy - image: registry.developers.crunchydata.com/crunchydata/pgo-deployer:centos7-4.5.0 + image: registry.developers.crunchydata.com/crunchydata/pgo-deployer:ubi8-4.5.9 imagePullPolicy: IfNotPresent env: - name: DEPLOY_ACTION diff --git a/installers/kubectl/postgres-operator.yml b/installers/kubectl/postgres-operator.yml index 2b516ef2ca..54b07b09f3 100644 --- a/installers/kubectl/postgres-operator.yml +++ b/installers/kubectl/postgres-operator.yml @@ -3,11 +3,15 @@ kind: ServiceAccount metadata: name: pgo-deployer-sa namespace: pgo + labels: + vendor: crunchydata --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: pgo-deployer-cr + labels: + vendor: crunchydata rules: - apiGroups: - '' @@ -60,6 +64,7 @@ rules: - extensions resources: - deployments + - replicasets verbs: - get - list @@ -117,6 +122,8 @@ kind: ConfigMap metadata: name: pgo-deployer-cm namespace: pgo + labels: + vendor: crunchydata data: values.yaml: |- # ===================== @@ -138,7 +145,7 @@ data: ccp_image_prefix: "registry.developers.crunchydata.com/crunchydata" ccp_image_pull_secret: "" ccp_image_pull_secret_manifest: "" - ccp_image_tag: "centos7-12.4-4.5.0" + ccp_image_tag: "ubi8-12.13-4.5.9" create_rbac: "true" crunchy_debug: "false" db_name: "" @@ -171,14 +178,14 @@ data: pgo_client_cert_secret: "pgo.tls" pgo_client_container_install: "false" pgo_client_install: "true" - pgo_client_version: "4.5.0" + pgo_client_version: "4.5.9" pgo_cluster_admin: "false" pgo_disable_eventing: "false" pgo_disable_tls: "false" pgo_image_prefix: "registry.developers.crunchydata.com/crunchydata" pgo_image_pull_secret: "" pgo_image_pull_secret_manifest: "" - pgo_image_tag: "centos7-4.5.0" + pgo_image_tag: "ubi8-4.5.9" pgo_installation_name: "devtest" pgo_noauth_routes: "" pgo_operator_namespace: "pgo" @@ -244,6 +251,8 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: pgo-deployer-crb + labels: + vendor: crunchydata roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -258,17 +267,21 @@ kind: Job metadata: name: pgo-deploy namespace: pgo + labels: + vendor: crunchydata spec: backoffLimit: 0 template: metadata: name: pgo-deploy + labels: + vendor: crunchydata spec: serviceAccountName: pgo-deployer-sa restartPolicy: Never containers: - name: pgo-deploy - image: registry.developers.crunchydata.com/crunchydata/pgo-deployer:centos7-4.5.0 + image: registry.developers.crunchydata.com/crunchydata/pgo-deployer:ubi8-4.5.9 imagePullPolicy: IfNotPresent env: - name: DEPLOY_ACTION diff --git a/installers/metrics/ansible/README.md b/installers/metrics/ansible/README.md index 1c047d1a85..bbfe4faf68 100644 --- a/installers/metrics/ansible/README.md +++ b/installers/metrics/ansible/README.md @@ -1,15 +1,15 @@ -# Crunchy Data PostgreSQL Operator Monitoring Playbook +# PGO: Postgres Operator Monitoring Playbook

- Crunchy Data + Crunchy Data

-Latest Release: 4.5.0 +Latest Release: 4.5.9 ## General -This repository contains Ansible Roles for deploying the metrics stack for the -Crunchy PostgreSQL Operator. +This repository contains Ansible Roles for deploying the metrics stack for PGO, +the Postgres Operator from [Crunchy Data](https://www.crunchydata.com). -See the [official Crunchy PostgreSQL Operator documentation](https://access.crunchydata.com/documentation/postgres-operator/) +See the [PGO documentation](https://access.crunchydata.com/documentation/postgres-operator/) for more information. diff --git a/installers/metrics/ansible/roles/pgo-metrics/defaults/main.yml b/installers/metrics/ansible/roles/pgo-metrics/defaults/main.yml index 600d57d6bf..08df353edf 100644 --- a/installers/metrics/ansible/roles/pgo-metrics/defaults/main.yml +++ b/installers/metrics/ansible/roles/pgo-metrics/defaults/main.yml @@ -9,7 +9,7 @@ delete_metrics_namespace: "false" metrics_namespace: "pgo" metrics_image_pull_secret: "" metrics_image_pull_secret_manifest: "" -pgmonitor_version: "v4.4-RC6" +pgmonitor_version: "v4.4-RC7" alertmanager_configmap: "alertmanager-config" alertmanager_rules_configmap: "alertmanager-rules-config" @@ -29,7 +29,7 @@ grafana_admin_password: "" grafana_install: "true" grafana_image_prefix: "grafana" grafana_image_name: "grafana" -grafana_image_tag: "6.7.4" +grafana_image_tag: "6.7.5" grafana_port: "3000" grafana_service_name: "crunchy-grafana" grafana_service_type: "ClusterIP" diff --git a/installers/metrics/ansible/roles/pgo-metrics/tasks/alertmanager.yml b/installers/metrics/ansible/roles/pgo-metrics/tasks/alertmanager.yml index dc82e92d1a..13fd013290 100644 --- a/installers/metrics/ansible/roles/pgo-metrics/tasks/alertmanager.yml +++ b/installers/metrics/ansible/roles/pgo-metrics/tasks/alertmanager.yml @@ -16,7 +16,7 @@ - name: Set pgmonitor Prometheus Directory Fact set_fact: - pgmonitor_prometheus_dir: "{{ metrics_dir }}/pgmonitor-{{ pgmonitor_version | replace('v','') }}/prometheus" + pgmonitor_prometheus_dir: "{{ metrics_dir }}/pgmonitor/prometheus" - name: Copy Alertmanger Config to Output Directory command: "cp {{ pgmonitor_prometheus_dir }}/{{ item.src }} {{ alertmanager_output_dir }}/{{ item.dst }}" diff --git a/installers/metrics/ansible/roles/pgo-metrics/tasks/grafana.yml b/installers/metrics/ansible/roles/pgo-metrics/tasks/grafana.yml index 1d528429b5..f0b88e0c65 100644 --- a/installers/metrics/ansible/roles/pgo-metrics/tasks/grafana.yml +++ b/installers/metrics/ansible/roles/pgo-metrics/tasks/grafana.yml @@ -9,7 +9,7 @@ grafana_output_dir: "{{ metrics_dir }}/output/grafana" - name: Ensure Output Directory Exists - file: + file: path: "{{ grafana_output_dir }}" state: "directory" mode: "0700" @@ -48,7 +48,7 @@ - name: Set pgmonitor Grafana Directory Fact set_fact: - pgmonitor_grafana_dir: "{{ metrics_dir }}/pgmonitor-{{ pgmonitor_version | replace('v','') }}/grafana" + pgmonitor_grafana_dir: "{{ metrics_dir }}/pgmonitor/grafana" - name: Copy Grafana Config to Output Directory command: "cp {{ pgmonitor_grafana_dir }}/{{ item }} {{ grafana_output_dir }}" @@ -111,7 +111,7 @@ src: "{{ item }}" dest: "{{ grafana_output_dir }}/{{ item | replace('.j2', '') }}" mode: "0600" - loop: + loop: - grafana-pvc.json.j2 - grafana-service.json.j2 - grafana-deployment.json.j2 diff --git a/installers/metrics/ansible/roles/pgo-metrics/tasks/main.yml b/installers/metrics/ansible/roles/pgo-metrics/tasks/main.yml index 425d3f8e1b..20232d1445 100644 --- a/installers/metrics/ansible/roles/pgo-metrics/tasks/main.yml +++ b/installers/metrics/ansible/roles/pgo-metrics/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Set Metrics Directory Fact set_fact: - metrics_dir: "{{ ansible_env.HOME }}/.pgo/metrics/{{ metrics_namespace }}" + metrics_dir: "{{ ansible_env.HOME }}/.pgo/metrics" tags: always - name: Ensure Output Directory Exists @@ -54,16 +54,23 @@ - install-metrics - update-metrics block: + - name: Check for pgmonitor + stat: + path: "{{ metrics_dir }}/pgmonitor" + register: pgmonitor_dir + - name: Download pgmonitor {{ pgmonitor_version }} get_url: url: https://github.com/CrunchyData/pgmonitor/archive/{{ pgmonitor_version }}.tar.gz dest: "{{ metrics_dir }}" mode: "0600" + when: not pgmonitor_dir.stat.exists - name: Extract pgmonitor unarchive: src: "{{ metrics_dir }}/pgmonitor-{{ pgmonitor_version | replace('v','') }}.tar.gz" - dest: "{{ metrics_dir }}" + dest: "{{ metrics_dir }}/pgmonitor" + when: not pgmonitor_dir.stat.exists - name: Create Metrics Image Pull Secret shell: > @@ -107,6 +114,8 @@ poll: 0 loop: "{{ deployments }}" register: deployment_results + vars: + ansible_async_dir: /tmp/.ansible_async - name: Check Metrics Deployment Status async_status: diff --git a/installers/metrics/ansible/roles/pgo-metrics/tasks/prometheus.yml b/installers/metrics/ansible/roles/pgo-metrics/tasks/prometheus.yml index ffcfa7c625..b9d70aad1f 100644 --- a/installers/metrics/ansible/roles/pgo-metrics/tasks/prometheus.yml +++ b/installers/metrics/ansible/roles/pgo-metrics/tasks/prometheus.yml @@ -9,7 +9,7 @@ prom_output_dir: "{{ metrics_dir }}/output/prom" - name: Ensure Output Directory Exists - file: + file: path: "{{ prom_output_dir }}" state: "directory" mode: "0700" @@ -22,7 +22,7 @@ loop: - prometheus-rbac.json.j2 when: create_rbac | bool - + - name: Create Prometheus RBAC command: "{{ kubectl_or_oc }} create -f {{ prom_output_dir }}/{{ item }} -n {{ metrics_namespace }}" loop: @@ -35,7 +35,7 @@ - name: Set pgmonitor Prometheus Directory Fact set_fact: - pgmonitor_prometheus_dir: "{{ metrics_dir }}/pgmonitor-{{ pgmonitor_version | replace('v','') }}/prometheus" + pgmonitor_prometheus_dir: "{{ metrics_dir }}/pgmonitor/prometheus" - name: Copy Prometheus Config to Output Directory command: "cp {{ pgmonitor_prometheus_dir }}/{{ item.src }} {{ prom_output_dir }}/{{ item.dst }}" @@ -88,7 +88,7 @@ src: "{{ item }}" dest: "{{ prom_output_dir }}/{{ item | replace('.j2', '') }}" mode: "0600" - loop: + loop: - prometheus-pvc.json.j2 - prometheus-service.json.j2 - prometheus-deployment.json.j2 diff --git a/installers/metrics/helm/Chart.yaml b/installers/metrics/helm/Chart.yaml index 603cab3982..81fdc2f483 100644 --- a/installers/metrics/helm/Chart.yaml +++ b/installers/metrics/helm/Chart.yaml @@ -3,6 +3,6 @@ name: postgres-operator-monitoring description: Install for Crunchy PostgreSQL Operator Monitoring type: application version: 0.1.0 -appVersion: 4.5.0 +appVersion: 4.5.9 home: https://github.com/CrunchyData/postgres-operator -icon: https://github.com/CrunchyData/postgres-operator/raw/master/crunchy_logo.png \ No newline at end of file +icon: https://github.com/CrunchyData/postgres-operator/raw/master/docs/static/logos/pgo.svg diff --git a/installers/metrics/helm/helm_template.yaml b/installers/metrics/helm/helm_template.yaml index d5e346dbc7..13ffab86a3 100644 --- a/installers/metrics/helm/helm_template.yaml +++ b/installers/metrics/helm/helm_template.yaml @@ -20,5 +20,5 @@ serviceAccount: # the image prefix and tag to use for the 'pgo-deployer' container pgo_image_prefix: "registry.developers.crunchydata.com/crunchydata" -pgo_image_tag: "centos7-4.5.0" +pgo_image_tag: "ubi8-4.5.9" diff --git a/installers/metrics/helm/values.yaml b/installers/metrics/helm/values.yaml index 9f2ecefb63..10639764e1 100644 --- a/installers/metrics/helm/values.yaml +++ b/installers/metrics/helm/values.yaml @@ -20,7 +20,7 @@ serviceAccount: # the image prefix and tag to use for the 'pgo-deployer' container pgo_image_prefix: "registry.developers.crunchydata.com/crunchydata" -pgo_image_tag: "centos7-4.5.0" +pgo_image_tag: "ubi8-4.5.9" # ===================== # Configuration Options diff --git a/installers/metrics/kubectl/postgres-operator-metrics-ocp311.yml b/installers/metrics/kubectl/postgres-operator-metrics-ocp311.yml index ca4daafd16..c26f427e0a 100644 --- a/installers/metrics/kubectl/postgres-operator-metrics-ocp311.yml +++ b/installers/metrics/kubectl/postgres-operator-metrics-ocp311.yml @@ -5,6 +5,7 @@ metadata: namespace: pgo labels: app.kubernetes.io/name: postgres-operator-monitoring + vendor: crunchydata --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -13,6 +14,7 @@ metadata: namespace: pgo labels: app.kubernetes.io/name: postgres-operator-monitoring + vendor: crunchydata roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -29,6 +31,7 @@ metadata: namespace: pgo labels: app.kubernetes.io/name: postgres-operator-monitoring + vendor: crunchydata data: values.yaml: |- # ===================== @@ -84,6 +87,7 @@ metadata: namespace: pgo labels: app.kubernetes.io/name: postgres-operator-monitoring + vendor: crunchydata spec: backoffLimit: 0 template: @@ -91,12 +95,13 @@ spec: name: pgo-metrics-deploy labels: app.kubernetes.io/name: postgres-operator-monitoring + vendor: crunchydata spec: serviceAccountName: pgo-metrics-deployer-sa restartPolicy: Never containers: - name: pgo-metrics-deploy - image: registry.developers.crunchydata.com/crunchydata/pgo-deployer:centos7-4.5.0 + image: registry.developers.crunchydata.com/crunchydata/pgo-deployer:ubi8-4.5.9 imagePullPolicy: IfNotPresent env: - name: DEPLOY_ACTION diff --git a/installers/metrics/kubectl/postgres-operator-metrics.yml b/installers/metrics/kubectl/postgres-operator-metrics.yml index e1cc94fd5a..0a0be2b2a6 100644 --- a/installers/metrics/kubectl/postgres-operator-metrics.yml +++ b/installers/metrics/kubectl/postgres-operator-metrics.yml @@ -5,6 +5,7 @@ metadata: namespace: pgo labels: app.kubernetes.io/name: postgres-operator-monitoring + vendor: crunchydata --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 @@ -12,6 +13,7 @@ metadata: name: pgo-metrics-deployer-cr labels: app.kubernetes.io/name: postgres-operator-monitoring + vendor: crunchydata rules: - apiGroups: - '' @@ -83,6 +85,7 @@ metadata: namespace: pgo labels: app.kubernetes.io/name: postgres-operator-monitoring + vendor: crunchydata data: values.yaml: |- # ===================== @@ -137,6 +140,7 @@ metadata: name: pgo-metrics-deployer-crb labels: app.kubernetes.io/name: postgres-operator-monitoring + vendor: crunchydata roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -153,6 +157,7 @@ metadata: namespace: pgo labels: app.kubernetes.io/name: postgres-operator-monitoring + vendor: crunchydata spec: backoffLimit: 0 template: @@ -160,12 +165,13 @@ spec: name: pgo-metrics-deploy labels: app.kubernetes.io/name: postgres-operator-monitoring + vendor: crunchydata spec: serviceAccountName: pgo-metrics-deployer-sa restartPolicy: Never containers: - name: pgo-metrics-deploy - image: registry.developers.crunchydata.com/crunchydata/pgo-deployer:centos7-4.5.0 + image: registry.developers.crunchydata.com/crunchydata/pgo-deployer:ubi8-4.5.9 imagePullPolicy: IfNotPresent env: - name: DEPLOY_ACTION diff --git a/installers/olm/Makefile b/installers/olm/Makefile index 3b8884bf78..990257b3ab 100644 --- a/installers/olm/Makefile +++ b/installers/olm/Makefile @@ -2,15 +2,15 @@ .SUFFIXES: CCP_IMAGE_PREFIX ?= registry.developers.crunchydata.com/crunchydata -CCP_PG_FULLVERSION ?= 12.4 +CCP_PG_FULLVERSION ?= 12.13 CCP_POSTGIS_VERSION ?= 3.0 KUBECONFIG ?= $(HOME)/.kube/config OLM_SDK_VERSION ?= 0.15.1 OLM_TOOLS ?= registry.localhost:5000/postgres-operator-olm-tools:$(OLM_SDK_VERSION) OLM_VERSION ?= 0.15.1 -PGO_BASEOS ?= centos7 +PGO_BASEOS ?= ubi8 PGO_IMAGE_PREFIX ?= registry.developers.crunchydata.com/crunchydata -PGO_VERSION ?= 4.5.0 +PGO_VERSION ?= 4.5.9 PGO_IMAGE_TAG ?= $(PGO_BASEOS)-$(PGO_VERSION) CCP_IMAGE_TAG ?= $(PGO_BASEOS)-$(CCP_PG_FULLVERSION)-$(PGO_VERSION) CCP_POSTGIS_IMAGE_TAG ?= $(PGO_BASEOS)-$(CCP_PG_FULLVERSION)-$(CCP_POSTGIS_VERSION)-$(PGO_VERSION) diff --git a/installers/olm/README.md b/installers/olm/README.md index 207f85daa8..6e31ba4d0b 100644 --- a/installers/olm/README.md +++ b/installers/olm/README.md @@ -1,11 +1,11 @@ - This directory contains the files that are used to install [Crunchy PostgreSQL for Kubernetes][hub-listing], -which uses the PostgreSQL Operator, using [Operator Lifecycle Manager][OLM]. +which includes PGO, the Postgres Operator from [Crunchy Data][crunchy-data], using [Operator Lifecycle Manager][OLM]. The integration centers around a [ClusterServiceVersion][olm-csv] [manifest](./postgresoperator.csv.yaml) that gets packaged for OperatorHub. Changes there are accepted only if they pass all the [scorecard][] tests. Consult the [technical requirements][hub-contrib] when making changes. +[crunchy-data]: https://www.crunchydata.com [hub-contrib]: https://github.com/operator-framework/community-operators/blob/master/docs/contributing.md [hub-listing]: https://operatorhub.io/operator/postgresql [olm-csv]: https://github.com/operator-framework/operator-lifecycle-manager/blob/master/doc/design/building-your-csv.md diff --git a/installers/olm/description.openshift.md b/installers/olm/description.openshift.md index ad31cbe1e5..6618ccb6f0 100644 --- a/installers/olm/description.openshift.md +++ b/installers/olm/description.openshift.md @@ -49,13 +49,6 @@ export PGO_OPERATOR_NAMESPACE=pgo oc create namespace "$PGO_OPERATOR_NAMESPACE" ``` -Next, clone the PostgreSQL Operator repository locally. - -``` -git clone -b v${PGO_VERSION} https://github.com/CrunchyData/postgres-operator.git -cd postgres-operator -``` - ### Security For the PostgreSQL Operator and PostgreSQL clusters to run in the recommended `restricted` [Security Context Constraint][], @@ -63,39 +56,22 @@ edit `conf/postgres-operator/pgo.yaml` and set `DisableFSGroup` to `true`. [Security Context Constraint]: https://docs.openshift.com/container-platform/latest/authentication/managing-security-context-constraints.html -### PostgreSQL Operator Configuration - -Edit `conf/postgres-operator/pgo.yaml` to configure the deployment. Look over all of the options and make any -changes necessary for your environment. A [full description of each option][pgo-yaml-reference] is available in the documentation. - -[pgo-yaml-reference]: https://access.crunchydata.com/documentation/postgres-operator/${PGO_VERSION}/configuration/pgo-yaml-configuration/ - -When the file is ready, upload the entire directory to the `pgo-config` ConfigMap. +### Secrets (optional) -``` -oc -n "$PGO_OPERATOR_NAMESPACE" create configmap pgo-config \ - --from-file=./conf/postgres-operator -``` - -### Secrets - -Configure pgBackRest for your environment. If you do not plan to use AWS S3 to store backups, you can omit -the `aws-s3` keys below. +If you plan to use AWS S3 to store backups, you can configure your environment to automatically provide your AWS S3 credentials to all newly created PostgreSQL clusters: ``` oc -n "$PGO_OPERATOR_NAMESPACE" create secret generic pgo-backrest-repo-config \ - --from-file=./installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/config \ - --from-file=./installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/sshd_config \ - --from-file=./installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/aws-s3-ca.crt \ --from-literal=aws-s3-key="" \ --from-literal=aws-s3-key-secret="" +oc -n "$PGO_OPERATOR_NAMESPACE" label secret pgo-backrest-repo-config vendor=crunchydata ``` ### Certificates (optional) -The PostgreSQL Operator has an API that uses TLS to communicate securely with clients. If you have -a certificate bundle validated by your organization, you can install it now. If not, the API will -automatically generate and use a self-signed certificate. +The PostgreSQL Operator has an API that uses TLS to communicate securely with clients. If one is not provided, the API will automatically generated one for you. + +If you have a certificate bundle validated by your organization, you can install it now. ``` oc -n "$PGO_OPERATOR_NAMESPACE" create secret tls pgo.tls \ @@ -116,8 +92,13 @@ to use the [PostgreSQL Operator Client][pgo-client]. Install the first set of client credentials and download the `pgo` binary and client certificates. ``` -PGO_CMD=oc ./deploy/install-bootstrap-creds.sh -PGO_CMD=oc ./installers/kubectl/client-setup.sh +curl https://raw.githubusercontent.com/CrunchyData/postgres-operator/v${PGO_VERSION}/deploy/install-bootstrap-creds.sh > install-bootstrap-creds.sh +curl https://raw.githubusercontent.com/CrunchyData/postgres-operator/v${PGO_VERSION}/installers/kubectl/client-setup.sh > client-setup.sh + +chmod +x install-bootstrap-creds.sh client-setup.sh + +PGO_CMD=oc ./install-bootstrap-creds.sh +PGO_CMD=oc ./client-setup.sh ``` The client needs to be able to reach the PostgreSQL Operator API from outside the OpenShift cluster. diff --git a/installers/olm/description.upstream.md b/installers/olm/description.upstream.md index 8838098032..8e1e3a50da 100644 --- a/installers/olm/description.upstream.md +++ b/installers/olm/description.upstream.md @@ -49,46 +49,22 @@ export PGO_OPERATOR_NAMESPACE=pgo kubectl create namespace "$PGO_OPERATOR_NAMESPACE" ``` -Next, clone the PostgreSQL Operator repository locally. +### Secrets (optional) -``` -git clone -b v${PGO_VERSION} https://github.com/CrunchyData/postgres-operator.git -cd postgres-operator -``` - -### PostgreSQL Operator Configuration - -Edit `conf/postgres-operator/pgo.yaml` to configure the deployment. Look over all of the options and make any -changes necessary for your environment. A [full description of each option][pgo-yaml-reference] is available in the documentation. - -[pgo-yaml-reference]: https://access.crunchydata.com/documentation/postgres-operator/${PGO_VERSION}/configuration/pgo-yaml-configuration/ - -When the file is ready, upload the entire directory to the `pgo-config` ConfigMap. - -``` -kubectl -n "$PGO_OPERATOR_NAMESPACE" create configmap pgo-config \ - --from-file=./conf/postgres-operator -``` - -### Secrets - -Configure pgBackRest for your environment. If you do not plan to use AWS S3 to store backups, you can omit -the `aws-s3` keys below. +If you plan to use AWS S3 to store backups, you can configure your environment to automatically provide your AWS S3 credentials to all newly created PostgreSQL clusters: ``` kubectl -n "$PGO_OPERATOR_NAMESPACE" create secret generic pgo-backrest-repo-config \ - --from-file=./installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/config \ - --from-file=./installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/sshd_config \ - --from-file=./installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/aws-s3-ca.crt \ --from-literal=aws-s3-key="" \ --from-literal=aws-s3-key-secret="" +kubectl -n "$PGO_OPERATOR_NAMESPACE" label secret pgo-backrest-repo-config vendor=crunchydata ``` ### Certificates (optional) -The PostgreSQL Operator has an API that uses TLS to communicate securely with clients. If you have -a certificate bundle validated by your organization, you can install it now. If not, the API will -automatically generate and use a self-signed certificate. +The PostgreSQL Operator has an API that uses TLS to communicate securely with clients. If one is not provided, the API will automatically generated one for you. + +If you have a certificate bundle validated by your organization, you can install it now. ``` kubectl -n "$PGO_OPERATOR_NAMESPACE" create secret tls pgo.tls \ @@ -109,8 +85,13 @@ to use the [PostgreSQL Operator Client][pgo-client]. Install the first set of client credentials and download the `pgo` binary and client certificates. ``` -PGO_CMD=kubectl ./deploy/install-bootstrap-creds.sh -PGO_CMD=kubectl ./installers/kubectl/client-setup.sh +curl https://raw.githubusercontent.com/CrunchyData/postgres-operator/v${PGO_VERSION}/deploy/install-bootstrap-creds.sh > install-bootstrap-creds.sh +curl https://raw.githubusercontent.com/CrunchyData/postgres-operator/v${PGO_VERSION}/installers/kubectl/client-setup.sh > client-setup.sh + +chmod +x install-bootstrap-creds.sh client-setup.sh + +PGO_CMD=kubectl ./install-bootstrap-creds.sh +PGO_CMD=kubectl ./client-setup.sh ``` The client needs to be able to reach the PostgreSQL Operator API from outside the Kubernetes cluster. diff --git a/installers/olm/postgresoperator.crd.yaml b/installers/olm/postgresoperator.crd.yaml index f39ac244fc..5a94377396 100644 --- a/installers/olm/postgresoperator.crd.yaml +++ b/installers/olm/postgresoperator.crd.yaml @@ -3,6 +3,8 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: pgclusters.crunchydata.com + labels: + vendor: crunchydata spec: group: crunchydata.com names: @@ -40,6 +42,8 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: pgpolicies.crunchydata.com + labels: + vendor: crunchydata spec: group: crunchydata.com names: @@ -61,6 +65,8 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: pgreplicas.crunchydata.com + labels: + vendor: crunchydata spec: group: crunchydata.com names: @@ -82,6 +88,8 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: pgtasks.crunchydata.com + labels: + vendor: crunchydata spec: group: crunchydata.com names: diff --git a/internal/apiserver/backrestservice/backrestimpl.go b/internal/apiserver/backrestservice/backrestimpl.go index 5f6d5644c5..b50b04c082 100644 --- a/internal/apiserver/backrestservice/backrestimpl.go +++ b/internal/apiserver/backrestservice/backrestimpl.go @@ -1,7 +1,7 @@ package backrestservice /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -191,9 +191,9 @@ func CreateBackup(request *msgs.CreateBackrestBackupRequest, ns, pgouser string) } - //get pod name from cluster + // get pod name from cluster var podname string - podname, err = getPrimaryPodName(cluster, ns) + podname, err = getBackrestRepoPodName(cluster, ns) if err != nil { log.Error(err) @@ -202,6 +202,13 @@ func CreateBackup(request *msgs.CreateBackrestBackupRequest, ns, pgouser string) return resp } + // check if primary is ready + if !isPrimaryReady(cluster) { + resp.Status.Code = msgs.Error + resp.Status.Msg = "primary pod is not in Ready state" + return resp + } + jobName := "backrest-" + crv1.PgtaskBackrestBackup + "-" + clusterName log.Debugf("setting jobName to %s", jobName) @@ -254,30 +261,9 @@ func getBackupParams(identifier, clusterName, taskName, action, podName, contain return newInstance } -func getDeployName(cluster *crv1.Pgcluster, ns string) (string, error) { - var depName string - - selector := config.LABEL_PG_CLUSTER + "=" + cluster.Spec.Name + "," + config.LABEL_SERVICE_NAME + "=" + cluster.Spec.Name - - deps, err := apiserver.Clientset. - AppsV1().Deployments(ns). - List(metav1.ListOptions{LabelSelector: selector}) - if err != nil { - return depName, err - } - - if len(deps.Items) != 1 { - return depName, errors.New("error: deployment count is wrong for backrest backup " + cluster.Spec.Name) - } - for _, d := range deps.Items { - return d.Name, err - } - - return depName, errors.New("unknown error in backrest backup") -} - -func getPrimaryPodName(cluster *crv1.Pgcluster, ns string) (string, error) { - +// getBackrestRepoPodName goes through the pod list to identify the +// pgBackRest repo pod and then returns the pod name. +func getBackrestRepoPodName(cluster *crv1.Pgcluster, ns string) (string, error) { //look up the backrest-repo pod name selector := "pg-cluster=" + cluster.Spec.Name + ",pgo-backrest-repo=true" @@ -298,50 +284,30 @@ func getPrimaryPodName(cluster *crv1.Pgcluster, ns string) (string, error) { repopodName := repopods.Items[0].Name - primaryReady := false - - //make sure the primary pod is in the ready state - selector = config.LABEL_SERVICE_NAME + "=" + cluster.Spec.Name - - pods, err := apiserver.Clientset.CoreV1().Pods(ns).List(metav1.ListOptions{LabelSelector: selector}) - if err != nil { - return "", err - } - for _, p := range pods.Items { - if isPrimary(&p, cluster.Spec.Name) && isReady(&p) { - primaryReady = true - } - } - - if primaryReady == false { - return "", errors.New("primary pod is not in Ready state") - } - return repopodName, err } -func isPrimary(pod *v1.Pod, clusterName string) bool { - if pod.ObjectMeta.Labels[config.LABEL_SERVICE_NAME] == clusterName { - return true +// isPrimaryReady goes through the pod list to first identify the +// Primary pod and, once identified, determine if it is in a +// ready state. If not, it returns an error, otherwise it returns +// a nil value +func isPrimaryReady(cluster *crv1.Pgcluster) bool { + options := metav1.ListOptions{ + FieldSelector: fields.OneTermEqualSelector("status.phase", string(v1.PodRunning)).String(), + LabelSelector: fields.AndSelectors( + fields.OneTermEqualSelector(config.LABEL_PG_CLUSTER, cluster.Name), + fields.OneTermEqualSelector(config.LABEL_PGHA_ROLE, config.LABEL_PGHA_ROLE_PRIMARY), + ).String(), } - return false -} + pods, err := apiserver.Clientset.CoreV1().Pods(cluster.Namespace).List(options) -func isReady(pod *v1.Pod) bool { - readyCount := 0 - containerCount := 0 - for _, stat := range pod.Status.ContainerStatuses { - containerCount++ - if stat.Ready { - readyCount++ - } - } - if readyCount != containerCount { + if err != nil { + log.Error(err) return false } - return true + return len(pods.Items) > 0 } // ShowBackrest ... @@ -372,7 +338,7 @@ func ShowBackrest(name, selector, ns string) msgs.ShowBackrestResponse { log.Debugf("clusters found len is %d\n", len(clusterList.Items)) for _, c := range clusterList.Items { - podname, err := getPrimaryPodName(&c, ns) + podname, err := getBackrestRepoPodName(&c, ns) if err != nil { log.Error(err) diff --git a/internal/apiserver/backrestservice/backrestservice.go b/internal/apiserver/backrestservice/backrestservice.go index e436afb878..c0a63a8a44 100644 --- a/internal/apiserver/backrestservice/backrestservice.go +++ b/internal/apiserver/backrestservice/backrestservice.go @@ -1,7 +1,7 @@ package backrestservice /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/backupoptions/backupoptionsutil.go b/internal/apiserver/backupoptions/backupoptionsutil.go index 196d0f1fa1..3765bd05c7 100644 --- a/internal/apiserver/backupoptions/backupoptionsutil.go +++ b/internal/apiserver/backupoptions/backupoptionsutil.go @@ -1,7 +1,7 @@ package backupoptions /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -37,7 +37,8 @@ type backupOptions interface { func ValidateBackupOpts(backupOpts string, request interface{}) error { // some quick checks to make sure backup opts string is valid and should be processed and validated - if strings.TrimSpace(backupOpts) == "" { + backupOpts = strings.TrimSpace(backupOpts) + if backupOpts == "" { return nil } else if !strings.HasPrefix(strings.TrimSpace(backupOpts), "-") && !strings.HasPrefix(strings.TrimSpace(backupOpts), "--") { @@ -114,7 +115,7 @@ func parseBackupOpts(backupOpts string) []string { var newField string for i, c := range backupOpts { // if another option is found, add current option to newFields array - if !(c == ' ' && backupOpts[i+1] == '-') { + if !(c == ' ' && i+1 < len(backupOpts) && backupOpts[i+1] == '-') { newField = newField + string(c) } @@ -167,6 +168,13 @@ func isValidCompressLevel(compressLevel int) bool { } } +// isValidCompressType checks that the compression type passed in matches one +// of the ones supported by pgBackRest. However, it presently does not support +// `zst` +func isValidCompressType(compressType string) bool { + return compressType == "gz" || compressType == "bz2" || compressType == "lz4" || compressType == "none" +} + // isValidRetentionRange validates that pgBackrest Full, Diff or Archive // retention option value is set within the allowable range. // allowed: 1-9999999 diff --git a/internal/apiserver/backupoptions/backupoptionsutil_test.go b/internal/apiserver/backupoptions/backupoptionsutil_test.go new file mode 100644 index 0000000000..8a996b4591 --- /dev/null +++ b/internal/apiserver/backupoptions/backupoptionsutil_test.go @@ -0,0 +1,40 @@ +package backupoptions + +/* +Copyright 2021 - 2022 Crunchy Data Solutions, Inc. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +import "testing" + +func TestIsValidCompressType(t *testing.T) { + tests := []struct { + compressType string + expected bool + }{ + {compressType: "bz2", expected: true}, + {compressType: "gz", expected: true}, + {compressType: "none", expected: true}, + {compressType: "lz4", expected: true}, + {compressType: "zst", expected: false}, + {compressType: "bogus", expected: false}, + } + + for _, test := range tests { + t.Run(test.compressType, func(t *testing.T) { + if isValidCompressType(test.compressType) != test.expected { + t.Fatalf("expected %q to be %t", test.compressType, test.expected) + } + }) + } +} diff --git a/internal/apiserver/backupoptions/pgbackrestoptions.go b/internal/apiserver/backupoptions/pgbackrestoptions.go index 2c7a1e356e..6fea3e45e7 100644 --- a/internal/apiserver/backupoptions/pgbackrestoptions.go +++ b/internal/apiserver/backupoptions/pgbackrestoptions.go @@ -1,7 +1,7 @@ package backupoptions /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -25,8 +25,6 @@ var pgBackRestOptsDenyList = []string{ "--config", "--config-include-path", "--config-path", - "--link-all", - "--link-map", "--lock-path", "--log-timestamp", "--neutral-umask", @@ -84,6 +82,7 @@ type pgBackRestBackupOptions struct { NoCompress bool `flag:"no-compress"` CompressLevel int `flag:"compress-level"` CompressLevelNetwork int `flag:"compress-level-network"` + CompressType string `flag:"compress-type"` DBTimeout int `flag:"db-timeout"` Delta bool `flag:"no-delta"` ProcessMax int `flag:"process-max"` @@ -148,6 +147,11 @@ func (backRestBackupOpts pgBackRestBackupOptions) validate(setFlagFieldNames []s err := errors.New("Invalid network compress level for pgBackRest backup") errstrings = append(errstrings, err.Error()) } + case "CompressType": + if !isValidCompressType(backRestBackupOpts.CompressType) { + err := errors.New("Invalid compress type for pgBackRest backup") + errstrings = append(errstrings, err.Error()) + } case "LogLevelConsole": if !isValidBackrestLogLevel(backRestBackupOpts.LogLevelConsole) { err := errors.New("Invalid log level for pgBackRest backup") diff --git a/internal/apiserver/backupoptions/pgdumpoptions.go b/internal/apiserver/backupoptions/pgdumpoptions.go index 268aa42412..9d2e30cd2a 100644 --- a/internal/apiserver/backupoptions/pgdumpoptions.go +++ b/internal/apiserver/backupoptions/pgdumpoptions.go @@ -1,7 +1,7 @@ package backupoptions /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/catservice/catimpl.go b/internal/apiserver/catservice/catimpl.go index 6d656f7e9a..42e926b153 100644 --- a/internal/apiserver/catservice/catimpl.go +++ b/internal/apiserver/catservice/catimpl.go @@ -1,7 +1,7 @@ package catservice /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/catservice/catservice.go b/internal/apiserver/catservice/catservice.go index 439274271e..c2c0e24d34 100644 --- a/internal/apiserver/catservice/catservice.go +++ b/internal/apiserver/catservice/catservice.go @@ -1,7 +1,7 @@ package catservice /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/cloneservice/cloneimpl.go b/internal/apiserver/cloneservice/cloneimpl.go index 4eeb4ac8ac..2642ce4227 100644 --- a/internal/apiserver/cloneservice/cloneimpl.go +++ b/internal/apiserver/cloneservice/cloneimpl.go @@ -1,7 +1,7 @@ package cloneservice /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/cloneservice/cloneservice.go b/internal/apiserver/cloneservice/cloneservice.go index f98a5f439d..0d04628788 100644 --- a/internal/apiserver/cloneservice/cloneservice.go +++ b/internal/apiserver/cloneservice/cloneservice.go @@ -1,7 +1,7 @@ package cloneservice /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/clusterservice/clusterimpl.go b/internal/apiserver/clusterservice/clusterimpl.go index 6163b4b45d..8a46bff132 100644 --- a/internal/apiserver/clusterservice/clusterimpl.go +++ b/internal/apiserver/clusterservice/clusterimpl.go @@ -1,7 +1,7 @@ package clusterservice /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -38,6 +38,7 @@ import ( kerrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/fields" "k8s.io/apimachinery/pkg/util/validation" "k8s.io/client-go/kubernetes" ) @@ -300,14 +301,20 @@ func getServices(cluster *crv1.Pgcluster, ns string) ([]msgs.ShowClusterService, for _, p := range services.Items { d := msgs.ShowClusterService{} d.Name = p.Name - if strings.Contains(p.Name, "-backrest-repo") { + if strings.HasSuffix(p.Name, "-backrest-repo") { d.BackrestRepo = true d.ClusterName = cluster.Name - } else if strings.Contains(p.Name, "-pgbouncer") { + } else if strings.HasSuffix(p.Name, "-pgbouncer") { d.Pgbouncer = true d.ClusterName = cluster.Name + } else if strings.HasSuffix(p.Name, "-pgadmin") { + d.PGAdmin = true + d.ClusterName = cluster.Name } d.ClusterIP = p.Spec.ClusterIP + for _, port := range p.Spec.Ports { + d.ClusterPorts = append(d.ClusterPorts, strconv.Itoa(int(port.Port))+"/"+string(port.Protocol)) + } if len(p.Spec.ExternalIPs) > 0 { d.ExternalIP = p.Spec.ExternalIPs[0] } @@ -481,8 +488,10 @@ func TestCluster(name, selector, ns, pgouser string, allFlag bool) msgs.ClusterT switch { default: endpoint.InstanceType = msgs.ClusterTestInstanceTypePrimary - case strings.Contains(service.Name, msgs.PodTypeReplica): + case (strings.HasSuffix(service.Name, "-"+msgs.PodTypeReplica) && strings.Count(service.Name, "-"+msgs.PodTypeReplica) == 1): endpoint.InstanceType = msgs.ClusterTestInstanceTypeReplica + case service.PGAdmin: + endpoint.InstanceType = msgs.ClusterTestInstanceTypePGAdmin case service.Pgbouncer: endpoint.InstanceType = msgs.ClusterTestInstanceTypePGBouncer case service.BackrestRepo: @@ -572,18 +581,12 @@ func CreateCluster(request *msgs.CreateClusterRequest, ns, pgouser string) msgs. return resp } - userLabelsMap := make(map[string]string) - if request.UserLabels != "" { - labels := strings.Split(request.UserLabels, ",") - for _, v := range labels { - p := strings.Split(v, "=") - if len(p) < 2 { - resp.Status.Code = msgs.Error - resp.Status.Msg = "invalid labels format" - return resp - } - userLabelsMap[p[0]] = p[1] - } + userLabelsMap, err := apiserver.ValidateLabel(request.UserLabels) + + if err != nil { + resp.Status.Code = msgs.Error + resp.Status.Msg = err.Error() + return resp } // validate any parameters provided to bootstrap the cluster from an existing data source @@ -967,49 +970,75 @@ func CreateCluster(request *msgs.CreateClusterRequest, ns, pgouser string) msgs. // the deployment template always tries to mount /sshd volume secretName := fmt.Sprintf("%s-%s", clusterName, config.LABEL_BACKREST_REPO_SECRET) - if _, err := apiserver.Clientset. - CoreV1().Secrets(request.Namespace). - Get(secretName, metav1.GetOptions{}); kubeapi.IsNotFound(err) { - // determine if a custom CA secret should be used - backrestS3CACert := []byte{} + // determine if a custom CA secret should be used + backrestS3CACert := []byte{} - if request.BackrestS3CASecretName != "" { - backrestSecret, err := apiserver.Clientset. - CoreV1().Secrets(request.Namespace). - Get(request.BackrestS3CASecretName, metav1.GetOptions{}) + if request.BackrestS3CASecretName != "" { + backrestSecret, err := apiserver.Clientset. + CoreV1().Secrets(request.Namespace). + Get(request.BackrestS3CASecretName, metav1.GetOptions{}) + if err != nil { + log.Error(err) + resp.Status.Code = msgs.Error + resp.Status.Msg = fmt.Sprintf("Error finding pgBackRest S3 CA secret \"%s\": %s", + request.BackrestS3CASecretName, err.Error()) + return resp + } - if err != nil { - log.Error(err) - resp.Status.Code = msgs.Error - resp.Status.Msg = fmt.Sprintf("Error finding pgBackRest S3 CA secret \"%s\": %s", - request.BackrestS3CASecretName, err.Error()) - return resp - } + // attempt to retrieves the custom CA, assuming it has the name + // "aws-s3-ca.crt" + backrestS3CACert = backrestSecret.Data[util.BackRestRepoSecretKeyAWSS3KeyAWSS3CACert] + } - // attempt to retrieves the custom CA, assuming it has the name - // "aws-s3-ca.crt" - backrestS3CACert = backrestSecret.Data[util.BackRestRepoSecretKeyAWSS3KeyAWSS3CACert] - } + // save the S3 credentials in a single map so it can be used to either create a new + // secret or update an existing one + s3Credentials := map[string][]byte{ + util.BackRestRepoSecretKeyAWSS3KeyAWSS3CACert: backrestS3CACert, + util.BackRestRepoSecretKeyAWSS3KeyAWSS3Key: []byte(request.BackrestS3Key), + util.BackRestRepoSecretKeyAWSS3KeyAWSS3KeySecret: []byte(request.BackrestS3KeySecret), + } - err := util.CreateBackrestRepoSecrets(apiserver.Clientset, - util.BackrestRepoConfig{ - BackrestS3CA: backrestS3CACert, - BackrestS3Key: request.BackrestS3Key, - BackrestS3KeySecret: request.BackrestS3KeySecret, - ClusterName: clusterName, - ClusterNamespace: request.Namespace, - OperatorNamespace: apiserver.PgoNamespace, - }) + _, err = apiserver.Clientset.CoreV1().Secrets(request.Namespace). + Get(secretName, metav1.GetOptions{}) - if err != nil { + switch { + case kubeapi.IsNotFound(err): + // The pgBackRest repo config secret was not found, create it. + // Set up the secret for the cluster that contains the pgBackRest + // information + secret := &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: secretName, + Labels: map[string]string{ + config.LABEL_VENDOR: config.LABEL_CRUNCHY, + config.LABEL_PG_CLUSTER: clusterName, + config.LABEL_PGO_BACKREST_REPO: "true", + }, + }, + Data: s3Credentials, + } + + if _, err := apiserver.Clientset.CoreV1().Secrets(ns).Create(secret); err != nil && !kubeapi.IsAlreadyExists(err) { resp.Status.Code = msgs.Error resp.Status.Msg = fmt.Sprintf("could not create backrest repo secret: %s", err) return resp } - } else if err != nil { + + case err != nil: + // An error occurred other than 'not found'. Log the error received when + // attempting to get the pgBackRest repo config secret, then return. resp.Status.Code = msgs.Error resp.Status.Msg = fmt.Sprintf("could not query if backrest repo secret exits: %s", err) return resp + default: + // the pgBackRest repo config secret already exists, update any provided + // S3 credential information + err = updateRepoSecret(apiserver.Clientset, secretName, request.Namespace, s3Credentials) + if err != nil { + resp.Status.Code = msgs.Error + resp.Status.Msg = fmt.Sprintf("could not update backrest repo secret: %s", err) + return resp + } } //create a workflow for this new cluster @@ -1042,6 +1071,28 @@ func CreateCluster(request *msgs.CreateClusterRequest, ns, pgouser string) msgs. return resp } +// updateRepoSecret updates the existing pgBackRest repo config secret with any +// provided S3/GCS connection information. +func updateRepoSecret(clientset kubernetes.Interface, secretName, + namespace string, connectionInfo map[string][]byte) error { + + // Get the secret + secret, err := clientset.CoreV1().Secrets(namespace). + Get(secretName, metav1.GetOptions{}) + // The secret should already exist at this point. If there is any error, + // return. + if err != nil { + return err + } + + // update the secret data + for k, v := range connectionInfo { + secret.Data[k] = v + } + _, err = clientset.CoreV1().Secrets(secret.Namespace).Update(secret) + return err +} + func validateConfigPolicies(clusterName, PoliciesFlag, ns string) error { var err error var configPolicies string @@ -1876,7 +1927,7 @@ func UpdateCluster(request *msgs.UpdateClusterRequest) msgs.UpdateClusterRespons for _, cluster := range clusterList.Items { - //set autofail=true or false on each pgcluster CRD + // set --enable-autofail / --disable-autofail on each pgcluster CRD // Make the change based on the value of Autofail vis-a-vis UpdateClusterAutofailStatus switch request.Autofail { case msgs.UpdateClusterAutofailEnable: @@ -2044,10 +2095,15 @@ func GetPrimaryAndReplicaPods(cluster *crv1.Pgcluster, ns string) ([]msgs.ShowCl output := make([]msgs.ShowClusterPod, 0) + // find all of the Pods that represent Postgres primary and replicas. + // only consider running Pods selector := config.LABEL_SERVICE_NAME + "=" + cluster.Spec.Name + "," + config.LABEL_DEPLOYMENT_NAME - log.Debugf("selector for GetPrimaryAndReplicaPods is %s", selector) + options := metav1.ListOptions{ + FieldSelector: fields.OneTermEqualSelector("status.phase", string(v1.PodRunning)).String(), + LabelSelector: selector, + } - pods, err := apiserver.Clientset.CoreV1().Pods(ns).List(metav1.ListOptions{LabelSelector: selector}) + pods, err := apiserver.Clientset.CoreV1().Pods(ns).List(options) if err != nil { return output, err } @@ -2067,9 +2123,12 @@ func GetPrimaryAndReplicaPods(cluster *crv1.Pgcluster, ns string) ([]msgs.ShowCl } selector = config.LABEL_SERVICE_NAME + "=" + cluster.Spec.Name + "-replica" + "," + config.LABEL_DEPLOYMENT_NAME - log.Debugf("selector for GetPrimaryAndReplicaPods is %s", selector) + options = metav1.ListOptions{ + FieldSelector: fields.OneTermEqualSelector("status.phase", string(v1.PodRunning)).String(), + LabelSelector: selector, + } - pods, err = apiserver.Clientset.CoreV1().Pods(ns).List(metav1.ListOptions{LabelSelector: selector}) + pods, err = apiserver.Clientset.CoreV1().Pods(ns).List(options) if err != nil { return output, err } diff --git a/internal/apiserver/clusterservice/clusterservice.go b/internal/apiserver/clusterservice/clusterservice.go index d0f31df636..f12d09323c 100644 --- a/internal/apiserver/clusterservice/clusterservice.go +++ b/internal/apiserver/clusterservice/clusterservice.go @@ -1,7 +1,7 @@ package clusterservice /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -306,8 +306,8 @@ func TestClusterHandler(w http.ResponseWriter, r *http.Request) { } // UpdateClusterHandler ... -// pgo update cluster mycluster --autofail=true -// pgo update cluster --selector=env=research --autofail=false +// pgo update cluster mycluster --enable-autofail +// pgo update cluster --selector=env=research --disable-autofail // returns a UpdateClusterResponse func UpdateClusterHandler(w http.ResponseWriter, r *http.Request) { // swagger:operation POST /clustersupdate clusterservice clustersupdate diff --git a/internal/apiserver/clusterservice/scaleimpl.go b/internal/apiserver/clusterservice/scaleimpl.go index 6e3c7e975b..aad9874393 100644 --- a/internal/apiserver/clusterservice/scaleimpl.go +++ b/internal/apiserver/clusterservice/scaleimpl.go @@ -1,7 +1,7 @@ package clusterservice /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/clusterservice/scaleservice.go b/internal/apiserver/clusterservice/scaleservice.go index 92db853216..2f6fd51246 100644 --- a/internal/apiserver/clusterservice/scaleservice.go +++ b/internal/apiserver/clusterservice/scaleservice.go @@ -1,7 +1,7 @@ package clusterservice /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/common.go b/internal/apiserver/common.go index b171b8ce6a..b8a88294ad 100644 --- a/internal/apiserver/common.go +++ b/internal/apiserver/common.go @@ -1,7 +1,7 @@ package apiserver /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -19,13 +19,16 @@ import ( "errors" "fmt" "strconv" + "strings" "github.com/crunchydata/postgres-operator/internal/config" + pgpassword "github.com/crunchydata/postgres-operator/internal/postgres/password" crv1 "github.com/crunchydata/postgres-operator/pkg/apis/crunchydata.com/v1" log "github.com/sirupsen/logrus" kerrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/validation" ) const ( @@ -44,6 +47,11 @@ var ( // ErrDBContainerNotFound is an error that indicates that a "database" container // could not be found in a specific pod ErrDBContainerNotFound = errors.New("\"database\" container not found in pod") + // ErrLabelInvalid indicates that a label is invalid + ErrLabelInvalid = errors.New("invalid label") + // ErrPasswordTypeInvalid is used when a string that's not included in + // PasswordTypeStrings is used + ErrPasswordTypeInvalid = errors.New("invalid password type. choices are (md5, scram-sha-256)") // ErrStandbyNotAllowed contains the error message returned when an API call is not // permitted because it involves a cluster that is in standby mode ErrStandbyNotAllowed = errors.New("Action not permitted because standby mode is enabled") @@ -54,6 +62,15 @@ var ( "Operator installation") ) +// passwordTypeStrings is a mapping of strings of password types to their +// corresponding value of the structured password type +var passwordTypeStrings = map[string]pgpassword.PasswordType{ + "": pgpassword.MD5, + "md5": pgpassword.MD5, + "scram": pgpassword.SCRAM, + "scram-sha-256": pgpassword.SCRAM, +} + func CreateRMDataTask(clusterName, replicaName, taskName string, deleteBackups, deleteData, isReplica, isBackup bool, ns, clusterPGHAScope string) error { var err error @@ -96,6 +113,18 @@ func GetBackrestStorageTypes() []string { return backrestStorageTypes } +// GetPasswordType returns the enumerated password type based on the string, and +// an error if it cannot match one +func GetPasswordType(passwordTypeStr string) (pgpassword.PasswordType, error) { + passwordType, ok := passwordTypeStrings[passwordTypeStr] + + if !ok { + return passwordType, ErrPasswordTypeInvalid + } + + return passwordType, nil +} + // IsValidPVC determines if a PVC with the name provided exits func IsValidPVC(pvcName, ns string) bool { pvc, err := Clientset.CoreV1().PersistentVolumeClaims(ns).Get(pvcName, metav1.GetOptions{}) @@ -109,6 +138,65 @@ func IsValidPVC(pvcName, ns string) bool { return pvc != nil } +// ValidateLabel is derived from a legacy method and validates if the input is a +// valid Kubernetes label. +// +// A label is composed of a key and value. +// +// The key can either be a name or have an optional prefix that i +// terminated by a "/", e.g. "prefix/name" +// +// The name must be a valid DNS 1123 value +// THe prefix must be a valid DNS 1123 subdomain +// +// The value can be validated by machinery provided by Kubenretes +// +// Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +func ValidateLabel(labelStr string) (map[string]string, error) { + labelMap := map[string]string{} + + // if this is an empty string, return + if strings.TrimSpace(labelStr) == "" { + return labelMap, nil + } + + for _, v := range strings.Split(labelStr, ",") { + pair := strings.Split(v, "=") + if len(pair) != 2 { + return labelMap, fmt.Errorf("%w: label format incorrect, requires key=value", ErrLabelInvalid) + } + + // first handle the key + keyParts := strings.Split(pair[0], "/") + + switch len(keyParts) { + default: + return labelMap, fmt.Errorf("%w: invalid key for "+v, ErrLabelInvalid) + case 2: + if errs := validation.IsDNS1123Subdomain(keyParts[0]); len(errs) > 0 { + return labelMap, fmt.Errorf("%w: invalid key for %s: %s", ErrLabelInvalid, v, strings.Join(errs, ",")) + } + + if errs := validation.IsDNS1123Label(keyParts[1]); len(errs) > 0 { + return labelMap, fmt.Errorf("%w: invalid key for %s: %s", ErrLabelInvalid, v, strings.Join(errs, ",")) + } + case 1: + if errs := validation.IsDNS1123Label(keyParts[0]); len(errs) > 0 { + return labelMap, fmt.Errorf("%w: invalid key for %s: %s", ErrLabelInvalid, v, strings.Join(errs, ",")) + } + } + + // handle the value + if errs := validation.IsValidLabelValue(pair[1]); len(errs) > 0 { + return labelMap, fmt.Errorf("%w: invalid value for %s: %s", ErrLabelInvalid, v, strings.Join(errs, ",")) + } + + labelMap[pair[0]] = pair[1] + } + + return labelMap, nil +} + // ValidateResourceRequestLimit validates that a Kubernetes Requests/Limit pair // is valid, both by validating the values are valid quantity values, and then // by checking that the limit >= request. This also needs to check against the diff --git a/internal/apiserver/common_test.go b/internal/apiserver/common_test.go index da909d2ba6..d2ab1cd3bc 100644 --- a/internal/apiserver/common_test.go +++ b/internal/apiserver/common_test.go @@ -1,7 +1,7 @@ package apiserver /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -16,11 +16,121 @@ limitations under the License. */ import ( + "errors" + "fmt" + "strings" "testing" + pgpassword "github.com/crunchydata/postgres-operator/internal/postgres/password" + "k8s.io/apimachinery/pkg/api/resource" ) +func TestGetPasswordType(t *testing.T) { + t.Run("valid", func(t *testing.T) { + tests := map[string]pgpassword.PasswordType{ + "": pgpassword.MD5, + "md5": pgpassword.MD5, + "scram": pgpassword.SCRAM, + "scram-sha-256": pgpassword.SCRAM, + } + + for passwordTypeStr, expected := range tests { + t.Run(passwordTypeStr, func(t *testing.T) { + passwordType, err := GetPasswordType(passwordTypeStr) + if err != nil { + t.Error(err) + return + } + + if passwordType != expected { + t.Errorf("password type %q should yield %d", passwordTypeStr, expected) + } + }) + } + }) + + t.Run("invalid", func(t *testing.T) { + tests := map[string]error{ + "magic": ErrPasswordTypeInvalid, + "scram-sha-512": ErrPasswordTypeInvalid, + } + + for passwordTypeStr, expected := range tests { + t.Run(passwordTypeStr, func(t *testing.T) { + if _, err := GetPasswordType(passwordTypeStr); !errors.Is(err, expected) { + t.Errorf("password type %q should yield error %q", passwordTypeStr, expected.Error()) + } + }) + } + }) +} + +func TestValidateLabel(t *testing.T) { + t.Run("valid", func(t *testing.T) { + inputs := []map[string]string{ + map[string]string{"key": "value"}, + map[string]string{"example.com/key": "value"}, + map[string]string{"key1": "value1", "key2": "value2"}, + map[string]string{"": ""}, + } + + for _, input := range inputs { + labelStr := "" + + for k, v := range input { + if k == "" && v == "" { + continue + } + + labelStr += fmt.Sprintf("%s=%s,", k, v) + } + + labelStr = strings.Trim(labelStr, ",") + + t.Run(labelStr, func(*testing.T) { + labels, err := ValidateLabel(labelStr) + + if err != nil { + t.Fatalf("expected no error, got: %s", err.Error()) + } + + for k := range labels { + if v, ok := input[k]; !(ok || v == labels[k]) { + t.Fatalf("label values do not matched (%s vs. %s)", input[k], labels[k]) + } + } + }) + } + }) + + t.Run("invalid", func(t *testing.T) { + inputs := []string{ + "key", + "key=value=value", + "key=value,", + "b@d=value", + "b@d-prefix/key=value", + "really/bad/prefix/key=value", + "key=v\\alue", + } + + for _, input := range inputs { + t.Run(input, func(t *testing.T) { + _, err := ValidateLabel(input) + + if err == nil { + t.Fatalf("expected an invalid input error.") + } + + if !errors.Is(err, ErrLabelInvalid) { + t.Fatalf("expected an ErrLabelInvalid error.") + } + }) + } + }) +} + func TestValidateResourceRequestLimit(t *testing.T) { t.Run("valid", func(t *testing.T) { resources := []struct{ request, limit, defaultRequest string }{ diff --git a/internal/apiserver/configservice/configimpl.go b/internal/apiserver/configservice/configimpl.go index 76d891d5ed..6f956479c0 100644 --- a/internal/apiserver/configservice/configimpl.go +++ b/internal/apiserver/configservice/configimpl.go @@ -1,7 +1,7 @@ package configservice /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/configservice/configservice.go b/internal/apiserver/configservice/configservice.go index 1f70934888..d8ffd774c5 100644 --- a/internal/apiserver/configservice/configservice.go +++ b/internal/apiserver/configservice/configservice.go @@ -1,7 +1,7 @@ package configservice /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/dfservice/dfimpl.go b/internal/apiserver/dfservice/dfimpl.go index 6b244836c0..7dfc4c265c 100644 --- a/internal/apiserver/dfservice/dfimpl.go +++ b/internal/apiserver/dfservice/dfimpl.go @@ -1,7 +1,7 @@ package dfservice /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -24,10 +24,12 @@ import ( "github.com/crunchydata/postgres-operator/internal/kubeapi" crv1 "github.com/crunchydata/postgres-operator/pkg/apis/crunchydata.com/v1" msgs "github.com/crunchydata/postgres-operator/pkg/apiservermsgs" + log "github.com/sirupsen/logrus" v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/fields" "k8s.io/client-go/kubernetes" ) @@ -143,9 +145,15 @@ func getClaimCapacity(clientset kubernetes.Interface, pvcName, ns string) (strin func getClusterDf(cluster *crv1.Pgcluster, clusterResultsChannel chan msgs.DfDetail, clusterProgressChannel chan bool, errorChannel chan error) { log.Debugf("pod df: %s", cluster.Spec.Name) - selector := fmt.Sprintf("%s=%s", config.LABEL_PG_CLUSTER, cluster.Spec.Name) + selector := fmt.Sprintf("%s=%s,!%s", + config.LABEL_PG_CLUSTER, cluster.Spec.Name, config.LABEL_PGHA_BOOTSTRAP) + + options := metav1.ListOptions{ + FieldSelector: fields.OneTermEqualSelector("status.phase", string(v1.PodRunning)).String(), + LabelSelector: selector, + } - pods, err := apiserver.Clientset.CoreV1().Pods(cluster.Spec.Namespace).List(metav1.ListOptions{LabelSelector: selector}) + pods, err := apiserver.Clientset.CoreV1().Pods(cluster.Spec.Namespace).List(options) // if there is an error attempting to get the pods, just return if err != nil { diff --git a/internal/apiserver/dfservice/dfservice.go b/internal/apiserver/dfservice/dfservice.go index 325e20257a..1eb34d2a77 100644 --- a/internal/apiserver/dfservice/dfservice.go +++ b/internal/apiserver/dfservice/dfservice.go @@ -1,7 +1,7 @@ package dfservice /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/failoverservice/failoverimpl.go b/internal/apiserver/failoverservice/failoverimpl.go index 0a988a3027..fce8f4554d 100644 --- a/internal/apiserver/failoverservice/failoverimpl.go +++ b/internal/apiserver/failoverservice/failoverimpl.go @@ -1,7 +1,7 @@ package failoverservice /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/failoverservice/failoverservice.go b/internal/apiserver/failoverservice/failoverservice.go index 164d7b1545..e702de9d6b 100644 --- a/internal/apiserver/failoverservice/failoverservice.go +++ b/internal/apiserver/failoverservice/failoverservice.go @@ -1,7 +1,7 @@ package failoverservice /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/labelservice/labelimpl.go b/internal/apiserver/labelservice/labelimpl.go index bd6e26da3d..c50fb9b49c 100644 --- a/internal/apiserver/labelservice/labelimpl.go +++ b/internal/apiserver/labelservice/labelimpl.go @@ -1,7 +1,7 @@ package labelservice /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -17,8 +17,6 @@ limitations under the License. import ( "encoding/json" - "errors" - "strings" "github.com/crunchydata/postgres-operator/internal/apiserver" "github.com/crunchydata/postgres-operator/internal/config" @@ -31,7 +29,6 @@ import ( "k8s.io/apimachinery/pkg/api/meta" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" - "k8s.io/apimachinery/pkg/util/validation" ) // Label ... 2 forms ... @@ -51,10 +48,10 @@ func Label(request *msgs.LabelRequest, ns, pgouser string) msgs.LabelResponse { return resp } - labelsMap, err = validateLabel(request.LabelCmdLabel, ns) + labelsMap, err = apiserver.ValidateLabel(request.LabelCmdLabel) if err != nil { resp.Status.Code = msgs.Error - resp.Status.Msg = "labels not formatted correctly" + resp.Status.Msg = err.Error() return resp } @@ -250,31 +247,6 @@ func PatchPgcluster(newLabels map[string]string, oldCRD crv1.Pgcluster, ns strin } -func validateLabel(LabelCmdLabel, ns string) (map[string]string, error) { - var err error - labelMap := make(map[string]string) - userValues := strings.Split(LabelCmdLabel, ",") - for _, v := range userValues { - pair := strings.Split(v, "=") - if len(pair) != 2 { - log.Error("label format incorrect, requires name=value") - return labelMap, errors.New("label format incorrect, requires name=value") - } - - errs := validation.IsDNS1035Label(pair[0]) - if len(errs) > 0 { - return labelMap, errors.New("label format incorrect, requires name=value " + errs[0]) - } - errs = validation.IsDNS1035Label(pair[1]) - if len(errs) > 0 { - return labelMap, errors.New("label format incorrect, requires name=value " + errs[0]) - } - - labelMap[pair[0]] = pair[1] - } - return labelMap, err -} - // DeleteLabel ... // pgo delete label mycluster yourcluster --label=env=prod // pgo delete label --label=env=prod --selector=group=somegroup @@ -292,7 +264,7 @@ func DeleteLabel(request *msgs.DeleteLabelRequest, ns string) msgs.LabelResponse return resp } - labelsMap, err = validateLabel(request.LabelCmdLabel, ns) + labelsMap, err = apiserver.ValidateLabel(request.LabelCmdLabel) if err != nil { resp.Status.Code = msgs.Error resp.Status.Msg = "labels not formatted correctly" diff --git a/internal/apiserver/labelservice/labelservice.go b/internal/apiserver/labelservice/labelservice.go index f13054fd17..7f730047ff 100644 --- a/internal/apiserver/labelservice/labelservice.go +++ b/internal/apiserver/labelservice/labelservice.go @@ -1,7 +1,7 @@ package labelservice /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/middleware.go b/internal/apiserver/middleware.go index fc7e60e8e2..3977341a34 100644 --- a/internal/apiserver/middleware.go +++ b/internal/apiserver/middleware.go @@ -1,7 +1,7 @@ package apiserver /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/namespaceservice/namespaceimpl.go b/internal/apiserver/namespaceservice/namespaceimpl.go index 04b6671f26..948ca18ae9 100644 --- a/internal/apiserver/namespaceservice/namespaceimpl.go +++ b/internal/apiserver/namespaceservice/namespaceimpl.go @@ -1,7 +1,7 @@ package namespaceservice /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/namespaceservice/namespaceservice.go b/internal/apiserver/namespaceservice/namespaceservice.go index 1e27294c96..c04e804e35 100644 --- a/internal/apiserver/namespaceservice/namespaceservice.go +++ b/internal/apiserver/namespaceservice/namespaceservice.go @@ -1,7 +1,7 @@ package namespaceservice /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/perms.go b/internal/apiserver/perms.go index d8796c8590..364effff71 100644 --- a/internal/apiserver/perms.go +++ b/internal/apiserver/perms.go @@ -1,7 +1,7 @@ package apiserver /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -41,7 +41,6 @@ const ( CREATE_CLUSTER_PERM = "CreateCluster" CREATE_DUMP_PERM = "CreateDump" CREATE_FAILOVER_PERM = "CreateFailover" - CREATE_INGEST_PERM = "CreateIngest" CREATE_NAMESPACE_PERM = "CreateNamespace" CREATE_PGADMIN_PERM = "CreatePgAdmin" CREATE_PGBOUNCER_PERM = "CreatePgbouncer" @@ -58,7 +57,6 @@ const ( // DELETE DELETE_BACKUP_PERM = "DeleteBackup" DELETE_CLUSTER_PERM = "DeleteCluster" - DELETE_INGEST_PERM = "DeleteIngest" DELETE_NAMESPACE_PERM = "DeleteNamespace" DELETE_PGADMIN_PERM = "DeletePgAdmin" DELETE_PGBOUNCER_PERM = "DeletePgbouncer" @@ -72,7 +70,6 @@ const ( SHOW_BACKUP_PERM = "ShowBackup" SHOW_CLUSTER_PERM = "ShowCluster" SHOW_CONFIG_PERM = "ShowConfig" - SHOW_INGEST_PERM = "ShowIngest" SHOW_NAMESPACE_PERM = "ShowNamespace" SHOW_PGADMIN_PERM = "ShowPgAdmin" SHOW_PGBOUNCER_PERM = "ShowPgBouncer" @@ -117,6 +114,7 @@ func initializePerms() { DF_CLUSTER_PERM: "yes", LABEL_PERM: "yes", RELOAD_PERM: "yes", + RESTART_PERM: "yes", RESTORE_PERM: "yes", STATUS_PERM: "yes", TEST_CLUSTER_PERM: "yes", @@ -127,7 +125,6 @@ func initializePerms() { CREATE_DUMP_PERM: "yes", CREATE_CLUSTER_PERM: "yes", CREATE_FAILOVER_PERM: "yes", - CREATE_INGEST_PERM: "yes", CREATE_NAMESPACE_PERM: "yes", CREATE_PGADMIN_PERM: "yes", CREATE_PGBOUNCER_PERM: "yes", @@ -144,7 +141,6 @@ func initializePerms() { // DELETE DELETE_BACKUP_PERM: "yes", DELETE_CLUSTER_PERM: "yes", - DELETE_INGEST_PERM: "yes", DELETE_NAMESPACE_PERM: "yes", DELETE_PGADMIN_PERM: "yes", DELETE_PGBOUNCER_PERM: "yes", @@ -158,7 +154,6 @@ func initializePerms() { SHOW_BACKUP_PERM: "yes", SHOW_CLUSTER_PERM: "yes", SHOW_CONFIG_PERM: "yes", - SHOW_INGEST_PERM: "yes", SHOW_NAMESPACE_PERM: "yes", SHOW_PGADMIN_PERM: "yes", SHOW_PGBOUNCER_PERM: "yes", diff --git a/internal/apiserver/pgadminservice/pgadminimpl.go b/internal/apiserver/pgadminservice/pgadminimpl.go index 5ca4aa8a1a..b10ab3d2bb 100644 --- a/internal/apiserver/pgadminservice/pgadminimpl.go +++ b/internal/apiserver/pgadminservice/pgadminimpl.go @@ -1,7 +1,7 @@ package pgadminservice /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/pgadminservice/pgadminservice.go b/internal/apiserver/pgadminservice/pgadminservice.go index 90378868ca..a0f77c57da 100644 --- a/internal/apiserver/pgadminservice/pgadminservice.go +++ b/internal/apiserver/pgadminservice/pgadminservice.go @@ -1,7 +1,7 @@ package pgadminservice /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/pgbouncerservice/pgbouncerimpl.go b/internal/apiserver/pgbouncerservice/pgbouncerimpl.go index bab470b00a..a0dd070a3f 100644 --- a/internal/apiserver/pgbouncerservice/pgbouncerimpl.go +++ b/internal/apiserver/pgbouncerservice/pgbouncerimpl.go @@ -1,7 +1,7 @@ package pgbouncerservice /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -130,6 +130,7 @@ func CreatePgbouncer(request *msgs.CreatePgbouncerRequest, ns, pgouser string) m } cluster.Spec.PgBouncer.Resources = resources + cluster.Spec.PgBouncer.Limits = limits // update the cluster CRD with these udpates. If there is an error if _, err := apiserver.Clientset.CrunchydataV1().Pgclusters(request.Namespace).Update(&cluster); err != nil { diff --git a/internal/apiserver/pgbouncerservice/pgbouncerservice.go b/internal/apiserver/pgbouncerservice/pgbouncerservice.go index 969aabd205..623484dce1 100644 --- a/internal/apiserver/pgbouncerservice/pgbouncerservice.go +++ b/internal/apiserver/pgbouncerservice/pgbouncerservice.go @@ -1,7 +1,7 @@ package pgbouncerservice /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/pgdumpservice/pgdumpimpl.go b/internal/apiserver/pgdumpservice/pgdumpimpl.go index ecad14f7fd..c5d1e468b4 100644 --- a/internal/apiserver/pgdumpservice/pgdumpimpl.go +++ b/internal/apiserver/pgdumpservice/pgdumpimpl.go @@ -1,7 +1,7 @@ package pgdumpservice /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/pgdumpservice/pgdumpservice.go b/internal/apiserver/pgdumpservice/pgdumpservice.go index 755a9bbd98..09a6f8a7e8 100644 --- a/internal/apiserver/pgdumpservice/pgdumpservice.go +++ b/internal/apiserver/pgdumpservice/pgdumpservice.go @@ -1,7 +1,7 @@ package pgdumpservice /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/pgoroleservice/pgoroleimpl.go b/internal/apiserver/pgoroleservice/pgoroleimpl.go index 633d0c3660..0d5d7e1d33 100644 --- a/internal/apiserver/pgoroleservice/pgoroleimpl.go +++ b/internal/apiserver/pgoroleservice/pgoroleimpl.go @@ -1,7 +1,7 @@ package pgoroleservice /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/pgoroleservice/pgoroleservice.go b/internal/apiserver/pgoroleservice/pgoroleservice.go index b3e3413e09..8ddbdc6612 100644 --- a/internal/apiserver/pgoroleservice/pgoroleservice.go +++ b/internal/apiserver/pgoroleservice/pgoroleservice.go @@ -1,7 +1,7 @@ package pgoroleservice /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/pgouserservice/pgouserimpl.go b/internal/apiserver/pgouserservice/pgouserimpl.go index 6e0c061467..f03a98dfbf 100644 --- a/internal/apiserver/pgouserservice/pgouserimpl.go +++ b/internal/apiserver/pgouserservice/pgouserimpl.go @@ -1,7 +1,7 @@ package pgouserservice /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/pgouserservice/pgouserservice.go b/internal/apiserver/pgouserservice/pgouserservice.go index ccf1b1ce8f..efecfe5e34 100644 --- a/internal/apiserver/pgouserservice/pgouserservice.go +++ b/internal/apiserver/pgouserservice/pgouserservice.go @@ -1,7 +1,7 @@ package pgouserservice /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/policyservice/policyimpl.go b/internal/apiserver/policyservice/policyimpl.go index aff08b0e36..faa669f78b 100644 --- a/internal/apiserver/policyservice/policyimpl.go +++ b/internal/apiserver/policyservice/policyimpl.go @@ -1,7 +1,7 @@ package policyservice /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -203,7 +203,7 @@ func ApplyPolicy(request *msgs.ApplyPolicyRequest, ns, pgouser string) msgs.Appl if request.DryRun { for _, d := range allDeployments { - log.Debugf("deployment : %s", d.ObjectMeta.Name) + log.Debugf("deployment: %s", d.ObjectMeta.Name) resp.Name = append(resp.Name, d.ObjectMeta.Name) } return resp @@ -223,7 +223,7 @@ func ApplyPolicy(request *msgs.ApplyPolicyRequest, ns, pgouser string) msgs.Appl cl, err := apiserver.Clientset. CrunchydataV1().Pgclusters(ns). - Get(d.ObjectMeta.Labels[config.LABEL_SERVICE_NAME], metav1.GetOptions{}) + Get(d.ObjectMeta.Labels[config.LABEL_PG_CLUSTER], metav1.GetOptions{}) if err != nil { resp.Status.Code = msgs.Error resp.Status.Msg = err.Error() @@ -231,7 +231,7 @@ func ApplyPolicy(request *msgs.ApplyPolicyRequest, ns, pgouser string) msgs.Appl } if err := util.ExecPolicy(apiserver.Clientset, apiserver.RESTConfig, - ns, request.Name, d.ObjectMeta.Labels[config.LABEL_SERVICE_NAME], cl.Spec.Port); err != nil { + ns, request.Name, d.ObjectMeta.Labels[config.LABEL_PG_CLUSTER], cl.Spec.Port); err != nil { log.Error(err) resp.Status.Code = msgs.Error resp.Status.Msg = err.Error() diff --git a/internal/apiserver/policyservice/policyservice.go b/internal/apiserver/policyservice/policyservice.go index d2a3d6234f..400164aa51 100644 --- a/internal/apiserver/policyservice/policyservice.go +++ b/internal/apiserver/policyservice/policyservice.go @@ -1,7 +1,7 @@ package policyservice /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/pvcservice/pvcimpl.go b/internal/apiserver/pvcservice/pvcimpl.go index 734c21fa4c..46e2514bd1 100644 --- a/internal/apiserver/pvcservice/pvcimpl.go +++ b/internal/apiserver/pvcservice/pvcimpl.go @@ -1,7 +1,7 @@ package pvcservice /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/pvcservice/pvcservice.go b/internal/apiserver/pvcservice/pvcservice.go index a12979cb3c..cb8684789b 100644 --- a/internal/apiserver/pvcservice/pvcservice.go +++ b/internal/apiserver/pvcservice/pvcservice.go @@ -1,7 +1,7 @@ package pvcservice /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/reloadservice/reloadimpl.go b/internal/apiserver/reloadservice/reloadimpl.go index 08bc21430e..000e455c83 100644 --- a/internal/apiserver/reloadservice/reloadimpl.go +++ b/internal/apiserver/reloadservice/reloadimpl.go @@ -1,7 +1,7 @@ package reloadservice /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/reloadservice/reloadservice.go b/internal/apiserver/reloadservice/reloadservice.go index 9d1096c3c9..fb8b87f7bb 100644 --- a/internal/apiserver/reloadservice/reloadservice.go +++ b/internal/apiserver/reloadservice/reloadservice.go @@ -1,7 +1,7 @@ package reloadservice /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/restartservice/restartimpl.go b/internal/apiserver/restartservice/restartimpl.go index 51c172e91f..062c413066 100644 --- a/internal/apiserver/restartservice/restartimpl.go +++ b/internal/apiserver/restartservice/restartimpl.go @@ -1,7 +1,7 @@ package restartservice /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/restartservice/restartservice.go b/internal/apiserver/restartservice/restartservice.go index a1bfb97194..45c7073a26 100644 --- a/internal/apiserver/restartservice/restartservice.go +++ b/internal/apiserver/restartservice/restartservice.go @@ -1,7 +1,7 @@ package restartservice /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/root.go b/internal/apiserver/root.go index 2ced3eaca7..a08d831dd5 100644 --- a/internal/apiserver/root.go +++ b/internal/apiserver/root.go @@ -1,7 +1,7 @@ package apiserver /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -31,6 +31,7 @@ import ( "github.com/crunchydata/postgres-operator/internal/kubeapi" "github.com/crunchydata/postgres-operator/internal/ns" "github.com/crunchydata/postgres-operator/internal/tlsutil" + "github.com/crunchydata/postgres-operator/internal/util" log "github.com/sirupsen/logrus" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -133,6 +134,11 @@ func Initialize() { initConfig() + // look through all the pgouser secrets in the Operator's + // namespace and set a generated password for any that currently + // have an empty password set + setRandomPgouserPasswords() + if err := setNamespaceOperatingMode(); err != nil { log.Error(err) os.Exit(2) @@ -160,7 +166,6 @@ func connectToKube() { } func initConfig() { - AuditFlag = Pgo.Pgo.Audit if AuditFlag { log.Info("audit flag is set to true") @@ -305,6 +310,7 @@ func Authn(perm string, w http.ResponseWriter, r *http.Request) (string, error) // this function currently encapsulates authorization as well, and this is // the call where we get the username to check the RBAC settings username, password, authOK := r.BasicAuth() + if AuditFlag { log.Infof("[audit] %s username=[%s] method=[%s] ip=[%s] ok=[%t] ", perm, username, r.Method, r.RemoteAddr, authOK) } @@ -500,6 +506,47 @@ func setNamespaceOperatingMode() error { return nil } +// setRandomPgouserPasswords looks through the pgouser secrets in the Operator's +// namespace. If any have an empty password, it generates a random password, +// Base64 encodes it, then stores it in the relevant PGO user's secret +func setRandomPgouserPasswords() { + selector := "pgo-pgouser=true,vendor=crunchydata" + secrets, err := Clientset.CoreV1().Secrets(PgoNamespace). + List(metav1.ListOptions{LabelSelector: selector}) + if err != nil { + log.Warnf("Could not get pgouser secrets in namespace: %s", PgoNamespace) + return + } + + for i, secret := range secrets.Items { + // check if password is set. if it is, continue. + if len(secret.Data["password"]) > 0 { + continue + } + + log.Infof("Password in pgouser secret %s for operator installation %s in namespace %s is empty. "+ + "Setting a generated password.", secret.Name, InstallationName, PgoNamespace) + + // generate the password using the default password length + generatedPassword, err := util.GeneratePassword(util.DefaultGeneratedPasswordLength) + + if err != nil { + log.Errorf("Could not generate password for pgouser secret %s for operator installation %s in "+ + "namespace %s", secret.Name, InstallationName, PgoNamespace) + continue + } + + // add the password to the secret + secrets.Items[i].Data["password"] = []byte(generatedPassword) + + // patch the pgouser secret with the new password + if _, err := Clientset.CoreV1().Secrets(PgoNamespace).Update(&secrets.Items[i]); err != nil { + log.Errorf("Could not patch pgouser secret %s with generated password for operator installation "+ + "%s in namespace %s", secret.Name, InstallationName, PgoNamespace) + } + } +} + // NamespaceOperatingMode returns the namespace operating mode for the current Operator // installation, which is stored in the "namespaceOperatingMode" variable func NamespaceOperatingMode() ns.NamespaceOperatingMode { diff --git a/internal/apiserver/routing/doc.go b/internal/apiserver/routing/doc.go index e985fd4280..c24eebfbe6 100644 --- a/internal/apiserver/routing/doc.go +++ b/internal/apiserver/routing/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/routing/routes.go b/internal/apiserver/routing/routes.go index 0198efaaf8..401b7150a7 100644 --- a/internal/apiserver/routing/routes.go +++ b/internal/apiserver/routing/routes.go @@ -1,7 +1,7 @@ package routing /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/scheduleservice/scheduleimpl.go b/internal/apiserver/scheduleservice/scheduleimpl.go index 96e134949c..86b38eb907 100644 --- a/internal/apiserver/scheduleservice/scheduleimpl.go +++ b/internal/apiserver/scheduleservice/scheduleimpl.go @@ -1,7 +1,7 @@ package scheduleservice /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/scheduleservice/scheduleservice.go b/internal/apiserver/scheduleservice/scheduleservice.go index b88fa16d7e..b4de3a01d4 100644 --- a/internal/apiserver/scheduleservice/scheduleservice.go +++ b/internal/apiserver/scheduleservice/scheduleservice.go @@ -1,7 +1,7 @@ package scheduleservice /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/statusservice/statusimpl.go b/internal/apiserver/statusservice/statusimpl.go index 64c55f62e7..618eee2908 100644 --- a/internal/apiserver/statusservice/statusimpl.go +++ b/internal/apiserver/statusservice/statusimpl.go @@ -1,7 +1,7 @@ package statusservice /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/statusservice/statusservice.go b/internal/apiserver/statusservice/statusservice.go index ecab0047c2..4f4305321a 100644 --- a/internal/apiserver/statusservice/statusservice.go +++ b/internal/apiserver/statusservice/statusservice.go @@ -1,7 +1,7 @@ package statusservice /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/upgradeservice/upgradeimpl.go b/internal/apiserver/upgradeservice/upgradeimpl.go index 04758d2d34..1d576dc52f 100644 --- a/internal/apiserver/upgradeservice/upgradeimpl.go +++ b/internal/apiserver/upgradeservice/upgradeimpl.go @@ -1,7 +1,7 @@ package upgradeservice /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/upgradeservice/upgradeservice.go b/internal/apiserver/upgradeservice/upgradeservice.go index dee9c68dc2..c225c4cd1c 100644 --- a/internal/apiserver/upgradeservice/upgradeservice.go +++ b/internal/apiserver/upgradeservice/upgradeservice.go @@ -1,7 +1,7 @@ package upgradeservice /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/userservice/userimpl.go b/internal/apiserver/userservice/userimpl.go index f3bad44677..369ead5566 100644 --- a/internal/apiserver/userservice/userimpl.go +++ b/internal/apiserver/userservice/userimpl.go @@ -1,7 +1,7 @@ package userservice /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -168,8 +168,7 @@ func CreateUser(request *msgs.CreateUserRequest, pgouser string) msgs.CreateUser } // determine if the user passed in a valid password type - passwordType, err := msgs.GetPasswordType(request.PasswordType) - + passwordType, err := apiserver.GetPasswordType(request.PasswordType) if err != nil { response.Status.Code = msgs.Error response.Status.Msg = err.Error() @@ -620,7 +619,7 @@ func UpdateUser(request *msgs.UpdateUserRequest, pgouser string) msgs.UpdateUser } // determine if the user passed in a valid password type - if _, err := msgs.GetPasswordType(request.PasswordType); err != nil { + if _, err := apiserver.GetPasswordType(request.PasswordType); err != nil { response.Status.Code = msgs.Error response.Status.Msg = err.Error() return response @@ -965,7 +964,7 @@ func rotateExpiredPasswords(request *msgs.UpdateUserRequest, cluster *crv1.Pgclu // get the password type. the error is already evaluated in a called // function - passwordType, _ := msgs.GetPasswordType(request.PasswordType) + passwordType, _ := apiserver.GetPasswordType(request.PasswordType) // generate a new password. Check to see if the user passed in a particular // length of the password, or passed in a password to rotate (though that @@ -1097,7 +1096,7 @@ func updateUser(request *msgs.UpdateUserRequest, cluster *crv1.Pgcluster) msgs.U // Speaking of passwords...let's first determine if the user updated their // password. See generatePassword for how precedence is given for password // updates - passwordType, _ := msgs.GetPasswordType(request.PasswordType) + passwordType, _ := apiserver.GetPasswordType(request.PasswordType) isChanged, password, hashedPassword, err := generatePassword(result.Username, request.Password, passwordType, request.RotatePassword, request.PasswordLength) diff --git a/internal/apiserver/userservice/userimpl_test.go b/internal/apiserver/userservice/userimpl_test.go index 71d3aa5fcf..ffa310924f 100644 --- a/internal/apiserver/userservice/userimpl_test.go +++ b/internal/apiserver/userservice/userimpl_test.go @@ -1,7 +1,7 @@ package userservice /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/userservice/userservice.go b/internal/apiserver/userservice/userservice.go index 83994c90fa..e5ab49cc71 100644 --- a/internal/apiserver/userservice/userservice.go +++ b/internal/apiserver/userservice/userservice.go @@ -1,7 +1,7 @@ package userservice /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/versionservice/versionimpl.go b/internal/apiserver/versionservice/versionimpl.go index d2341d4e93..fb62a4a9bb 100644 --- a/internal/apiserver/versionservice/versionimpl.go +++ b/internal/apiserver/versionservice/versionimpl.go @@ -1,7 +1,7 @@ package versionservice /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/versionservice/versionservice.go b/internal/apiserver/versionservice/versionservice.go index 49735dff1a..d88fb2f86d 100644 --- a/internal/apiserver/versionservice/versionservice.go +++ b/internal/apiserver/versionservice/versionservice.go @@ -1,7 +1,7 @@ package versionservice /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/workflowservice/workflowimpl.go b/internal/apiserver/workflowservice/workflowimpl.go index 13c5f342a8..d6deba6ded 100644 --- a/internal/apiserver/workflowservice/workflowimpl.go +++ b/internal/apiserver/workflowservice/workflowimpl.go @@ -1,7 +1,7 @@ package workflowservice /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/apiserver/workflowservice/workflowservice.go b/internal/apiserver/workflowservice/workflowservice.go index 81aea9ff98..ec5afc84a9 100644 --- a/internal/apiserver/workflowservice/workflowservice.go +++ b/internal/apiserver/workflowservice/workflowservice.go @@ -1,7 +1,7 @@ package workflowservice /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/config/annotations.go b/internal/config/annotations.go index eb474738eb..f5785048d6 100644 --- a/internal/config/annotations.go +++ b/internal/config/annotations.go @@ -1,7 +1,7 @@ package config /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/config/defaults.go b/internal/config/defaults.go index d86e404eb7..a63340f16d 100644 --- a/internal/config/defaults.go +++ b/internal/config/defaults.go @@ -1,7 +1,7 @@ package config /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/config/images.go b/internal/config/images.go index 905e46579c..359105c38a 100644 --- a/internal/config/images.go +++ b/internal/config/images.go @@ -1,7 +1,7 @@ package config /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/config/labels.go b/internal/config/labels.go index 6d20c72742..d043bffca9 100644 --- a/internal/config/labels.go +++ b/internal/config/labels.go @@ -1,7 +1,7 @@ package config /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/config/pgoconfig.go b/internal/config/pgoconfig.go index f951f77dee..232c6995f6 100644 --- a/internal/config/pgoconfig.go +++ b/internal/config/pgoconfig.go @@ -1,7 +1,7 @@ package config /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -20,6 +20,7 @@ import ( "fmt" "io/ioutil" "os" + "path/filepath" "strconv" "strings" "text/template" @@ -28,6 +29,7 @@ import ( log "github.com/sirupsen/logrus" v1 "k8s.io/api/core/v1" + kerrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/validation" @@ -36,8 +38,7 @@ import ( ) const CustomConfigMapName = "pgo-config" -const DefaultConfigsPath = "/default-pgo-config/" -const CustomConfigsPath = "/pgo-config/" +const defaultConfigPath = "/default-pgo-config/" var PgoDefaultServiceAccountTemplate *template.Template @@ -518,29 +519,22 @@ func (c *PgoConfig) GetStorageSpec(name string) (crv1.PgStorageSpec, error) { func (c *PgoConfig) GetConfig(clientset kubernetes.Interface, namespace string) error { - cMap, rootPath := getRootPath(clientset, namespace) + cMap, err := initialize(clientset, namespace) - var yamlFile []byte - var err error + if err != nil { + log.Errorf("could not get ConfigMap: %s", err.Error()) + return err + } //get the pgo.yaml config file - if cMap != nil { - str := cMap.Data[CONFIG_PATH] - if str == "" { - errMsg := fmt.Sprintf("could not get %s from ConfigMap", CONFIG_PATH) - return errors.New(errMsg) - } - yamlFile = []byte(str) - } else { - yamlFile, err = ioutil.ReadFile(rootPath + CONFIG_PATH) - if err != nil { - log.Errorf("yamlFile.Get err #%v ", err) - return err - } + str := cMap.Data[CONFIG_PATH] + if str == "" { + return fmt.Errorf("could not get %s from ConfigMap", CONFIG_PATH) } - err = yaml.Unmarshal(yamlFile, c) - if err != nil { + yamlFile := []byte(str) + + if err := yaml.Unmarshal(yamlFile, c); err != nil { log.Errorf("Unmarshal: %v", err) return err } @@ -554,183 +548,183 @@ func (c *PgoConfig) GetConfig(clientset kubernetes.Interface, namespace string) c.CheckEnv() //load up all the templates - PgoDefaultServiceAccountTemplate, err = c.LoadTemplate(cMap, rootPath, PGODefaultServiceAccountPath) + PgoDefaultServiceAccountTemplate, err = c.LoadTemplate(cMap, PGODefaultServiceAccountPath) if err != nil { return err } - PgoBackrestServiceAccountTemplate, err = c.LoadTemplate(cMap, rootPath, PGOBackrestServiceAccountPath) + PgoBackrestServiceAccountTemplate, err = c.LoadTemplate(cMap, PGOBackrestServiceAccountPath) if err != nil { return err } - PgoTargetServiceAccountTemplate, err = c.LoadTemplate(cMap, rootPath, PGOTargetServiceAccountPath) + PgoTargetServiceAccountTemplate, err = c.LoadTemplate(cMap, PGOTargetServiceAccountPath) if err != nil { return err } - PgoTargetRoleBindingTemplate, err = c.LoadTemplate(cMap, rootPath, PGOTargetRoleBindingPath) + PgoTargetRoleBindingTemplate, err = c.LoadTemplate(cMap, PGOTargetRoleBindingPath) if err != nil { return err } - PgoBackrestRoleTemplate, err = c.LoadTemplate(cMap, rootPath, PGOBackrestRolePath) + PgoBackrestRoleTemplate, err = c.LoadTemplate(cMap, PGOBackrestRolePath) if err != nil { return err } - PgoBackrestRoleBindingTemplate, err = c.LoadTemplate(cMap, rootPath, PGOBackrestRoleBindingPath) + PgoBackrestRoleBindingTemplate, err = c.LoadTemplate(cMap, PGOBackrestRoleBindingPath) if err != nil { return err } - PgoTargetRoleTemplate, err = c.LoadTemplate(cMap, rootPath, PGOTargetRolePath) + PgoTargetRoleTemplate, err = c.LoadTemplate(cMap, PGOTargetRolePath) if err != nil { return err } - PgoPgServiceAccountTemplate, err = c.LoadTemplate(cMap, rootPath, PGOPgServiceAccountPath) + PgoPgServiceAccountTemplate, err = c.LoadTemplate(cMap, PGOPgServiceAccountPath) if err != nil { return err } - PgoPgRoleTemplate, err = c.LoadTemplate(cMap, rootPath, PGOPgRolePath) + PgoPgRoleTemplate, err = c.LoadTemplate(cMap, PGOPgRolePath) if err != nil { return err } - PgoPgRoleBindingTemplate, err = c.LoadTemplate(cMap, rootPath, PGOPgRoleBindingPath) + PgoPgRoleBindingTemplate, err = c.LoadTemplate(cMap, PGOPgRoleBindingPath) if err != nil { return err } - PVCTemplate, err = c.LoadTemplate(cMap, rootPath, pvcPath) + PVCTemplate, err = c.LoadTemplate(cMap, pvcPath) if err != nil { return err } - PolicyJobTemplate, err = c.LoadTemplate(cMap, rootPath, policyJobTemplatePath) + PolicyJobTemplate, err = c.LoadTemplate(cMap, policyJobTemplatePath) if err != nil { return err } - ContainerResourcesTemplate, err = c.LoadTemplate(cMap, rootPath, containerResourcesTemplatePath) + ContainerResourcesTemplate, err = c.LoadTemplate(cMap, containerResourcesTemplatePath) if err != nil { return err } - PgoBackrestRepoServiceTemplate, err = c.LoadTemplate(cMap, rootPath, pgoBackrestRepoServiceTemplatePath) + PgoBackrestRepoServiceTemplate, err = c.LoadTemplate(cMap, pgoBackrestRepoServiceTemplatePath) if err != nil { return err } - PgoBackrestRepoTemplate, err = c.LoadTemplate(cMap, rootPath, pgoBackrestRepoTemplatePath) + PgoBackrestRepoTemplate, err = c.LoadTemplate(cMap, pgoBackrestRepoTemplatePath) if err != nil { return err } - PgmonitorEnvVarsTemplate, err = c.LoadTemplate(cMap, rootPath, pgmonitorEnvVarsPath) + PgmonitorEnvVarsTemplate, err = c.LoadTemplate(cMap, pgmonitorEnvVarsPath) if err != nil { return err } - PgbackrestEnvVarsTemplate, err = c.LoadTemplate(cMap, rootPath, pgbackrestEnvVarsPath) + PgbackrestEnvVarsTemplate, err = c.LoadTemplate(cMap, pgbackrestEnvVarsPath) if err != nil { return err } - PgbackrestS3EnvVarsTemplate, err = c.LoadTemplate(cMap, rootPath, pgbackrestS3EnvVarsPath) + PgbackrestS3EnvVarsTemplate, err = c.LoadTemplate(cMap, pgbackrestS3EnvVarsPath) if err != nil { return err } - PgAdminTemplate, err = c.LoadTemplate(cMap, rootPath, pgAdminTemplatePath) + PgAdminTemplate, err = c.LoadTemplate(cMap, pgAdminTemplatePath) if err != nil { return err } - PgAdminServiceTemplate, err = c.LoadTemplate(cMap, rootPath, pgAdminServiceTemplatePath) + PgAdminServiceTemplate, err = c.LoadTemplate(cMap, pgAdminServiceTemplatePath) if err != nil { return err } - PgbouncerTemplate, err = c.LoadTemplate(cMap, rootPath, pgbouncerTemplatePath) + PgbouncerTemplate, err = c.LoadTemplate(cMap, pgbouncerTemplatePath) if err != nil { return err } - PgbouncerConfTemplate, err = c.LoadTemplate(cMap, rootPath, pgbouncerConfTemplatePath) + PgbouncerConfTemplate, err = c.LoadTemplate(cMap, pgbouncerConfTemplatePath) if err != nil { return err } - PgbouncerUsersTemplate, err = c.LoadTemplate(cMap, rootPath, pgbouncerUsersTemplatePath) + PgbouncerUsersTemplate, err = c.LoadTemplate(cMap, pgbouncerUsersTemplatePath) if err != nil { return err } - PgbouncerHBATemplate, err = c.LoadTemplate(cMap, rootPath, pgbouncerHBATemplatePath) + PgbouncerHBATemplate, err = c.LoadTemplate(cMap, pgbouncerHBATemplatePath) if err != nil { return err } - ServiceTemplate, err = c.LoadTemplate(cMap, rootPath, serviceTemplatePath) + ServiceTemplate, err = c.LoadTemplate(cMap, serviceTemplatePath) if err != nil { return err } - RmdatajobTemplate, err = c.LoadTemplate(cMap, rootPath, rmdatajobPath) + RmdatajobTemplate, err = c.LoadTemplate(cMap, rmdatajobPath) if err != nil { return err } - BackrestjobTemplate, err = c.LoadTemplate(cMap, rootPath, backrestjobPath) + BackrestjobTemplate, err = c.LoadTemplate(cMap, backrestjobPath) if err != nil { return err } - BackrestRestorejobTemplate, err = c.LoadTemplate(cMap, rootPath, backrestRestorejobPath) + BackrestRestorejobTemplate, err = c.LoadTemplate(cMap, backrestRestorejobPath) if err != nil { return err } - PgDumpBackupJobTemplate, err = c.LoadTemplate(cMap, rootPath, pgDumpBackupJobPath) + PgDumpBackupJobTemplate, err = c.LoadTemplate(cMap, pgDumpBackupJobPath) if err != nil { return err } - PgRestoreJobTemplate, err = c.LoadTemplate(cMap, rootPath, pgRestoreJobPath) + PgRestoreJobTemplate, err = c.LoadTemplate(cMap, pgRestoreJobPath) if err != nil { return err } - PVCMatchLabelsTemplate, err = c.LoadTemplate(cMap, rootPath, pvcMatchLabelsPath) + PVCMatchLabelsTemplate, err = c.LoadTemplate(cMap, pvcMatchLabelsPath) if err != nil { return err } - PVCStorageClassTemplate, err = c.LoadTemplate(cMap, rootPath, pvcSCPath) + PVCStorageClassTemplate, err = c.LoadTemplate(cMap, pvcSCPath) if err != nil { return err } - AffinityTemplate, err = c.LoadTemplate(cMap, rootPath, affinityTemplatePath) + AffinityTemplate, err = c.LoadTemplate(cMap, affinityTemplatePath) if err != nil { return err } - PodAntiAffinityTemplate, err = c.LoadTemplate(cMap, rootPath, podAntiAffinityTemplatePath) + PodAntiAffinityTemplate, err = c.LoadTemplate(cMap, podAntiAffinityTemplatePath) if err != nil { return err } - ExporterTemplate, err = c.LoadTemplate(cMap, rootPath, exporterTemplatePath) + ExporterTemplate, err = c.LoadTemplate(cMap, exporterTemplatePath) if err != nil { return err } - BadgerTemplate, err = c.LoadTemplate(cMap, rootPath, badgerTemplatePath) + BadgerTemplate, err = c.LoadTemplate(cMap, badgerTemplatePath) if err != nil { return err } - DeploymentTemplate, err = c.LoadTemplate(cMap, rootPath, deploymentTemplatePath) + DeploymentTemplate, err = c.LoadTemplate(cMap, deploymentTemplatePath) if err != nil { return err } - BootstrapTemplate, err = c.LoadTemplate(cMap, rootPath, bootstrapTemplatePath) + BootstrapTemplate, err = c.LoadTemplate(cMap, bootstrapTemplatePath) if err != nil { return err } @@ -738,20 +732,74 @@ func (c *PgoConfig) GetConfig(clientset kubernetes.Interface, namespace string) return nil } -func getRootPath(clientset kubernetes.Interface, namespace string) (*v1.ConfigMap, string) { +// getOperatorConfigMap returns the config map that contains all of the +// configuration for the Operator +func getOperatorConfigMap(clientset kubernetes.Interface, namespace string) (*v1.ConfigMap, error) { + return clientset.CoreV1().ConfigMaps(namespace).Get(CustomConfigMapName, metav1.GetOptions{}) +} + +// initialize attemps to get the configuration ConfigMap based on a name. +// If the ConfigMap does not exist, a ConfigMap is created from the default +// configuration path +func initialize(clientset kubernetes.Interface, namespace string) (*v1.ConfigMap, error) { + // if the ConfigMap exists, exit + if cm, err := getOperatorConfigMap(clientset, namespace); err == nil { + log.Infof("Config: %q ConfigMap found, using config files from the configmap", CustomConfigMapName) + return cm, nil + } + + // otherwise, create a ConfigMap + log.Infof("Config: %q ConfigMap NOT found, creating ConfigMap from files from %q", CustomConfigMapName, defaultConfigPath) + + cm := &v1.ConfigMap{ + ObjectMeta: metav1.ObjectMeta{ + Name: CustomConfigMapName, + Labels: map[string]string{ + LABEL_VENDOR: LABEL_CRUNCHY, + }, + }, + Data: map[string]string{}, + } + + // get all of the file names that are in the default configuration directory + if err := filepath.Walk(defaultConfigPath, func(path string, info os.FileInfo, err error) error { + if err != nil { + return err + } + + // skip if a directory + if info.IsDir() { + return nil + } + + // get all of the contents of a default configuration and load it into + // a ConfigMap + if contents, err := ioutil.ReadFile(path); err != nil { + return err + } else { + cm.Data[info.Name()] = string(contents) + } + + return nil + }); err != nil { + return nil, err + } + + // create the ConfigMap. If the error is that the ConfigMap was already + // created, then grab the new ConfigMap + if _, err := clientset.CoreV1().ConfigMaps(namespace).Create(cm); err != nil { + if kerrors.IsAlreadyExists(err) { + return getOperatorConfigMap(clientset, namespace) + } - cMap, err := clientset.CoreV1().ConfigMaps(namespace).Get(CustomConfigMapName, metav1.GetOptions{}) - if err == nil { - log.Infof("Config: %s ConfigMap found, using config files from the configmap", CustomConfigMapName) - return cMap, "" + return nil, err } - log.Infof("Config: %s ConfigMap NOT found, using default baked-in config files from %s", CustomConfigMapName, DefaultConfigsPath) - return nil, DefaultConfigsPath + return cm, nil } // LoadTemplate will load a JSON template from a path -func (c *PgoConfig) LoadTemplate(cMap *v1.ConfigMap, rootPath, path string) (*template.Template, error) { +func (c *PgoConfig) LoadTemplate(cMap *v1.ConfigMap, path string) (*template.Template, error) { var value string var err error @@ -781,7 +829,7 @@ func (c *PgoConfig) LoadTemplate(cMap *v1.ConfigMap, rootPath, path string) (*te func (c *PgoConfig) DefaultTemplate(path string) (string, error) { // set the lookup value for the file path based on the default configuration // path and the template file requested to be loaded - fullPath := DefaultConfigsPath + path + fullPath := defaultConfigPath + path log.Debugf("No entry in cmap loading default path [%s]", fullPath) diff --git a/internal/config/secrets.go b/internal/config/secrets.go new file mode 100644 index 0000000000..2cc2b5ba1b --- /dev/null +++ b/internal/config/secrets.go @@ -0,0 +1,18 @@ +package config + +/* + Copyright 2020 Crunchy Data Solutions, Inc. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +const SecretOperatorBackrestRepoConfig = "pgo-backrest-repo-config" diff --git a/internal/config/volumes.go b/internal/config/volumes.go index d21c2d6a4e..80cd3b9b5d 100644 --- a/internal/config/volumes.go +++ b/internal/config/volumes.go @@ -1,7 +1,7 @@ package config /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/configmap/configmapcontroller.go b/internal/controller/configmap/configmapcontroller.go index a7145ea6bf..644e387418 100644 --- a/internal/controller/configmap/configmapcontroller.go +++ b/internal/controller/configmap/configmapcontroller.go @@ -1,7 +1,7 @@ package configmap /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/configmap/synchandler.go b/internal/controller/configmap/synchandler.go index 9309c0555c..1f0c2a0a31 100644 --- a/internal/controller/configmap/synchandler.go +++ b/internal/controller/configmap/synchandler.go @@ -1,7 +1,7 @@ package configmap /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/controllerutil.go b/internal/controller/controllerutil.go index bf54f98fce..01fbcc1cb4 100644 --- a/internal/controller/controllerutil.go +++ b/internal/controller/controllerutil.go @@ -1,7 +1,7 @@ package controller /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -20,6 +20,7 @@ import ( "errors" "github.com/crunchydata/postgres-operator/internal/config" + "github.com/crunchydata/postgres-operator/internal/kubeapi" crv1 "github.com/crunchydata/postgres-operator/pkg/apis/crunchydata.com/v1" pgo "github.com/crunchydata/postgres-operator/pkg/generated/clientset/versioned" log "github.com/sirupsen/logrus" @@ -61,17 +62,19 @@ func InitializeReplicaCreation(clientset pgo.Interface, clusterName, log.Error(err) return err } - for _, pgreplica := range pgreplicaList.Items { - if pgreplica.Annotations == nil { - pgreplica.Annotations = make(map[string]string) + for i := range pgreplicaList.Items { + patch, err := kubeapi.NewMergePatch(). + Add("metadata", "annotations")(map[string]string{ + config.ANNOTATION_PGHA_BOOTSTRAP_REPLICA: "true", + }).Bytes() + if err != nil { + log.Error(err) } - pgreplica.Annotations[config.ANNOTATION_PGHA_BOOTSTRAP_REPLICA] = "true" - - if _, err = clientset.CrunchydataV1().Pgreplicas(namespace).Update(&pgreplica); err != nil { + if _, err := clientset.CrunchydataV1().Pgreplicas(namespace). + Patch(pgreplicaList.Items[i].GetName(), types.MergePatchType, patch, ""); err != nil { log.Error(err) - return err } } return nil diff --git a/internal/controller/job/backresthandler.go b/internal/controller/job/backresthandler.go index f399cf1e3d..2be39e9040 100644 --- a/internal/controller/job/backresthandler.go +++ b/internal/controller/job/backresthandler.go @@ -1,7 +1,7 @@ package job /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -144,12 +144,18 @@ func (c *Controller) handleBackrestBackupUpdate(job *apiv1.Job) error { if labels[config.LABEL_PGHA_BACKUP_TYPE] == crv1.BackupTypeBootstrap { log.Debugf("jobController onUpdate initial backup complete") - controller.SetClusterInitializedStatus(c.Client, labels[config.LABEL_PG_CLUSTER], - job.ObjectMeta.Namespace) + if err := controller.SetClusterInitializedStatus(c.Client, labels[config.LABEL_PG_CLUSTER], + job.ObjectMeta.Namespace); err != nil { + log.Error(err) + return err + } - // now initialize the creation of any replica - controller.InitializeReplicaCreation(c.Client, labels[config.LABEL_PG_CLUSTER], - job.ObjectMeta.Namespace) + // now initialize the creation of any replicas + if err := controller.InitializeReplicaCreation(c.Client, labels[config.LABEL_PG_CLUSTER], + job.ObjectMeta.Namespace); err != nil { + log.Error(err) + return err + } } else if labels[config.LABEL_PGHA_BACKUP_TYPE] == crv1.BackupTypeFailover { err := clusteroperator.RemovePrimaryOnRoleChangeTag(c.Client, c.Client.Config, @@ -197,7 +203,18 @@ func (c *Controller) handleBackrestStanzaCreateUpdate(job *apiv1.Job) error { if cluster.Spec.Standby { log.Debugf("job Controller: standby cluster %s will now be set to an initialized "+ "status", clusterName) - controller.SetClusterInitializedStatus(c.Client, clusterName, namespace) + if err := controller.SetClusterInitializedStatus(c.Client, clusterName, + namespace); err != nil { + log.Error(err) + return err + } + + // now initialize the creation of any replica + if err := controller.InitializeReplicaCreation(c.Client, clusterName, + namespace); err != nil { + log.Error(err) + return err + } return nil } @@ -209,8 +226,19 @@ func (c *Controller) handleBackrestStanzaCreateUpdate(job *apiv1.Job) error { return err } - backrestoperator.CreateInitialBackup(c.Client, job.ObjectMeta.Namespace, - clusterName, backrestRepoPodName) + if _, err := backrestoperator.CreateInitialBackup(c.Client, job.ObjectMeta.Namespace, + clusterName, backrestRepoPodName); err != nil { + log.Error(err) + return err + } + + // now that the initial backup has been initiated, proceed with deleting the stanza-create + // pgtask and associated Job. This will ensure any subsequent updates to the stanza-create + // Job do not trigger more initial backup Jobs. + if err := backrest.CleanStanzaCreateResources(namespace, clusterName, c.Client); err != nil { + log.Error(err) + return err + } } return nil diff --git a/internal/controller/job/bootstraphandler.go b/internal/controller/job/bootstraphandler.go index 1b75d14803..133c87c16d 100644 --- a/internal/controller/job/bootstraphandler.go +++ b/internal/controller/job/bootstraphandler.go @@ -1,7 +1,7 @@ package job /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -80,7 +80,7 @@ func (c *Controller) handleBootstrapUpdate(job *apiv1.Job) error { // If the job was successful we updated the state of the pgcluster to a "bootstrapped" status. // This will then trigger full initialization of the cluster. We also cleanup any resources - // from the bootstrap job. + // from the bootstrap job and delete the job itself if cluster.Status.State == crv1.PgclusterStateBootstrapping { if err := c.cleanupBootstrapResources(job, cluster, restore); err != nil { @@ -100,6 +100,11 @@ func (c *Controller) handleBootstrapUpdate(job *apiv1.Job) error { log.Error(err) return err } + + // as it is no longer needed, delete the job + deletePropagation := metav1.DeletePropagationBackground + return c.Client.BatchV1().Jobs(namespace).Delete(job.Name, + &metav1.DeleteOptions{PropagationPolicy: &deletePropagation}) } if restore { diff --git a/internal/controller/job/jobcontroller.go b/internal/controller/job/jobcontroller.go index 13d919ed5e..cbc848623a 100644 --- a/internal/controller/job/jobcontroller.go +++ b/internal/controller/job/jobcontroller.go @@ -1,7 +1,7 @@ package job /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/job/jobevents.go b/internal/controller/job/jobevents.go index ef4f1a1760..0cb17e9f14 100644 --- a/internal/controller/job/jobevents.go +++ b/internal/controller/job/jobevents.go @@ -1,7 +1,7 @@ package job /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/job/jobutil.go b/internal/controller/job/jobutil.go index 78d6bb6e34..76135bcc32 100644 --- a/internal/controller/job/jobutil.go +++ b/internal/controller/job/jobutil.go @@ -1,7 +1,7 @@ package job /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/job/pgdumphandler.go b/internal/controller/job/pgdumphandler.go index 0fc8444f20..a30cc6a232 100644 --- a/internal/controller/job/pgdumphandler.go +++ b/internal/controller/job/pgdumphandler.go @@ -1,7 +1,7 @@ package job /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/job/reposynchandler.go b/internal/controller/job/reposynchandler.go index 136f63365a..19ca398a62 100644 --- a/internal/controller/job/reposynchandler.go +++ b/internal/controller/job/reposynchandler.go @@ -1,7 +1,7 @@ package job /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/job/rmdatahandler.go b/internal/controller/job/rmdatahandler.go index 4a6861c5c9..a1203889a8 100644 --- a/internal/controller/job/rmdatahandler.go +++ b/internal/controller/job/rmdatahandler.go @@ -1,7 +1,7 @@ package job /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/manager/controllermanager.go b/internal/controller/manager/controllermanager.go index bb2c2e1039..7655a3c1b0 100644 --- a/internal/controller/manager/controllermanager.go +++ b/internal/controller/manager/controllermanager.go @@ -1,7 +1,7 @@ package manager /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/manager/rbac.go b/internal/controller/manager/rbac.go index 21f7db9cee..c6e5ac208a 100644 --- a/internal/controller/manager/rbac.go +++ b/internal/controller/manager/rbac.go @@ -1,7 +1,7 @@ package manager /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/namespace/namespacecontroller.go b/internal/controller/namespace/namespacecontroller.go index 6fc85f644f..36249affff 100644 --- a/internal/controller/namespace/namespacecontroller.go +++ b/internal/controller/namespace/namespacecontroller.go @@ -1,7 +1,7 @@ package namespace /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/pgcluster/pgclustercontroller.go b/internal/controller/pgcluster/pgclustercontroller.go index a3d0973906..07431d2e87 100644 --- a/internal/controller/pgcluster/pgclustercontroller.go +++ b/internal/controller/pgcluster/pgclustercontroller.go @@ -1,7 +1,7 @@ package pgcluster /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -17,7 +17,6 @@ limitations under the License. import ( "encoding/json" - "fmt" "io/ioutil" "reflect" "strconv" @@ -48,22 +47,11 @@ type Controller struct { // onAdd is called when a pgcluster is added func (c *Controller) onAdd(obj interface{}) { - cluster := obj.(*crv1.Pgcluster) - log.Debugf("[pgcluster Controller] ns %s onAdd %s", cluster.ObjectMeta.Namespace, cluster.ObjectMeta.SelfLink) - - //handle the case when the operator restarts and don't - //process already processed pgclusters - if cluster.Status.State == crv1.PgclusterStateProcessed { - log.Debug("pgcluster " + cluster.ObjectMeta.Name + " already processed") - return - } - key, err := cache.MetaNamespaceKeyFunc(obj) if err == nil { log.Debugf("cluster putting key in queue %s", key) c.Queue.Add(key) } - } // RunWorker is a long-running function that will continually call the @@ -106,17 +94,6 @@ func (c *Controller) processNextItem() bool { // parallel. defer c.Queue.Done(key) - // Invoke the method containing the business logic - // in this case, the de-dupe logic is to test whether a cluster - // deployment exists , if so, then we don't create another - _, err := c.Client.AppsV1().Deployments(keyNamespace).Get(keyResourceName, metav1.GetOptions{}) - - if err == nil { - log.Debugf("cluster add - dep already found, not creating again") - c.Queue.Forget(key) - return true - } - //get the pgcluster cluster, err := c.Client.CrunchydataV1().Pgclusters(keyNamespace).Get(keyResourceName, metav1.GetOptions{}) if err != nil { @@ -124,13 +101,14 @@ func (c *Controller) processNextItem() bool { c.Queue.Forget(key) // NB(cbandy): This should probably be a retry. return true } + log.Debugf("[pgcluster Controller] ns %s onAdd %s", cluster.ObjectMeta.Namespace, cluster.ObjectMeta.SelfLink) if cluster.Spec.Status == crv1.CompletedStatus || - cluster.Status.State == crv1.PgclusterStateBootstrapping { - errorMsg := fmt.Sprintf("pgcluster Contoller: onAdd event received for cluster %s but "+ - "will not process because it either has a 'completed' status or is currently in a "+ - "'bootstrapping' state", cluster.GetName()) - log.Warn(errorMsg) + cluster.Status.State == crv1.PgclusterStateBootstrapping || + cluster.Status.State == crv1.PgclusterStateInitialized { + log.Debugf("pgcluster Contoller: onAdd event received for cluster %s but "+ + "will not process because it either has a 'completed' status or is currently in an "+ + "'initialized' or 'bootstrapping' state", cluster.GetName()) return true } @@ -206,10 +184,16 @@ func (c *Controller) onUpdate(oldObj, newObj interface{}) { // if the 'shutdown' parameter in the pgcluster update shows that the cluster should be either // shutdown or started but its current status does not properly reflect that it is, then // proceed with the logic needed to either shutdown or start the cluster + // + // we do need to check if the status has info in it. There have been cases + // where the entire status has been removed that could be external to the + // operator itself. In the case of checking that the state is in a shutdown + // phase, we also want to check if the status is completely empty. If it is, + // we will proceed with the shutdown. if newcluster.Spec.Shutdown && newcluster.Status.State != crv1.PgclusterStateShutdown { clusteroperator.ShutdownCluster(c.Client, *newcluster) } else if !newcluster.Spec.Shutdown && - newcluster.Status.State == crv1.PgclusterStateShutdown { + (newcluster.Status.State == crv1.PgclusterStateShutdown || newcluster.Status.State == "") { clusteroperator.StartupCluster(c.Client, *newcluster) } diff --git a/internal/controller/pgpolicy/pgpolicycontroller.go b/internal/controller/pgpolicy/pgpolicycontroller.go index 0f3ab76ff3..4dab8be02c 100644 --- a/internal/controller/pgpolicy/pgpolicycontroller.go +++ b/internal/controller/pgpolicy/pgpolicycontroller.go @@ -1,7 +1,7 @@ package pgpolicy /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/pgreplica/pgreplicacontroller.go b/internal/controller/pgreplica/pgreplicacontroller.go index e41babcb6f..833f2018d8 100644 --- a/internal/controller/pgreplica/pgreplicacontroller.go +++ b/internal/controller/pgreplica/pgreplicacontroller.go @@ -1,7 +1,7 @@ package pgreplica /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/pgtask/backresthandler.go b/internal/controller/pgtask/backresthandler.go index 8e8582364a..e8e8d60e71 100644 --- a/internal/controller/pgtask/backresthandler.go +++ b/internal/controller/pgtask/backresthandler.go @@ -1,7 +1,7 @@ package pgtask /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/pgtask/pgtaskcontroller.go b/internal/controller/pgtask/pgtaskcontroller.go index e1dfbcd18b..e874323a09 100644 --- a/internal/controller/pgtask/pgtaskcontroller.go +++ b/internal/controller/pgtask/pgtaskcontroller.go @@ -1,7 +1,7 @@ package pgtask /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/pod/inithandler.go b/internal/controller/pod/inithandler.go index ea19ec4e8d..92348e7699 100644 --- a/internal/controller/pod/inithandler.go +++ b/internal/controller/pod/inithandler.go @@ -1,7 +1,7 @@ package pod /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -18,6 +18,7 @@ limitations under the License. import ( "fmt" "strconv" + "time" "github.com/crunchydata/postgres-operator/internal/config" "github.com/crunchydata/postgres-operator/internal/controller" @@ -28,12 +29,14 @@ import ( taskoperator "github.com/crunchydata/postgres-operator/internal/operator/task" "github.com/crunchydata/postgres-operator/internal/util" crv1 "github.com/crunchydata/postgres-operator/pkg/apis/crunchydata.com/v1" + + log "github.com/sirupsen/logrus" apiv1 "k8s.io/api/core/v1" kerrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/fields" "k8s.io/apimachinery/pkg/types" - - log "github.com/sirupsen/logrus" + "k8s.io/apimachinery/pkg/util/wait" ) // handleClusterInit is responsible for proceeding with initialization of the PG cluster once the @@ -85,6 +88,16 @@ func (c *Controller) handleBackRestRepoInit(newPod *apiv1.Pod, cluster *crv1.Pgc return nil } + // first: a sanity check that there exists a primary deployment to scale. this + // is to attempt to avoid any silent failures in the deployment scaling + // function. + // + // If we do encounter an error, we will proceed in case the deployment becomes + // available after. + if err := c.waitForPrimaryDeployment(cluster); err != nil { + log.Warn(err) + } + clusterInfo, err := clusteroperator.ScaleClusterDeployments(c.Client, *cluster, 1, true, false, false, false) if err != nil { @@ -208,15 +221,21 @@ func (c *Controller) handleStandbyInit(cluster *crv1.Pgcluster) error { } backrestoperator.StanzaCreate(namespace, clusterName, c.Client) } else { - controller.SetClusterInitializedStatus(c.Client, clusterName, namespace) - } + if err := controller.SetClusterInitializedStatus(c.Client, clusterName, + namespace); err != nil { + log.Error(err) + } - // If a standby cluster initialize the creation of any replicas. Replicas - // can be initialized right away, i.e. there is no dependency on - // stanza-creation and/or the creation of any backups, since the replicas - // will be generated from the pgBackRest repository of an external PostgreSQL - // database (which should already exist). - controller.InitializeReplicaCreation(c.Client, clusterName, namespace) + // If a standby cluster with s3 only initialize the creation of any replicas. Replicas + // can be initialized right away, i.e. there is no dependency on + // stanza-creation and/or the creation of any backups, since the replicas + // will be generated from the pgBackRest repository of an external PostgreSQL + // database (which should already exist). + if err := controller.InitializeReplicaCreation(c.Client, clusterName, + namespace); err != nil { + log.Error(err) + } + } // if this is a pgbouncer enabled cluster, add a pgbouncer // Note: we only warn if we cannot create the pgBouncer, so eecution can @@ -282,3 +301,33 @@ func (c *Controller) labelPostgresPodAndDeployment(newpod *apiv1.Pod) { } } + +// waitForPrimaryDeployment checks to see that a primary deployment is +// available. It does not check readiness, only that the deployment exists. This +// used before scaling to ensure scaling does not fail silently +func (c *Controller) waitForPrimaryDeployment(cluster *crv1.Pgcluster) error { + primaryDeploymentName := cluster.Annotations[config.ANNOTATION_CURRENT_PRIMARY] + options := metav1.ListOptions{ + LabelSelector: fields.AndSelectors( + fields.OneTermEqualSelector(config.LABEL_PG_CLUSTER, cluster.Name), + fields.OneTermEqualSelector(config.LABEL_PG_DATABASE, config.LABEL_TRUE), + fields.OneTermEqualSelector(config.LABEL_DEPLOYMENT_NAME, primaryDeploymentName), + ).String(), + } + + // start polling to see if the primary deployment is created + if err := wait.PollImmediate(5*time.Second, 60*time.Second, func() (bool, error) { + // check to see if the deployment exists + d, err := c.Client.AppsV1().Deployments(cluster.Namespace).List(options) + + if err != nil { + log.Warnf("could not find primary deployment for scaling: %s", err) + } + + return err == nil && len(d.Items) > 0, nil + }); err != nil { + return fmt.Errorf("primary deployment lookup timeout reached for %q", primaryDeploymentName) + } + + return nil +} diff --git a/internal/controller/pod/podcontroller.go b/internal/controller/pod/podcontroller.go index cc05f84fb7..f26ac72dff 100644 --- a/internal/controller/pod/podcontroller.go +++ b/internal/controller/pod/podcontroller.go @@ -1,7 +1,7 @@ package pod /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/pod/podevents.go b/internal/controller/pod/podevents.go index dc0b53766b..f6df2ced38 100644 --- a/internal/controller/pod/podevents.go +++ b/internal/controller/pod/podevents.go @@ -1,7 +1,7 @@ package pod /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/controller/pod/promotionhandler.go b/internal/controller/pod/promotionhandler.go index c9476b6782..271fda6045 100644 --- a/internal/controller/pod/promotionhandler.go +++ b/internal/controller/pod/promotionhandler.go @@ -1,7 +1,7 @@ package pod /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -34,9 +34,14 @@ import ( "k8s.io/client-go/rest" ) +const ( + // recoverySQL is just the SQL to figure out if Postgres is in recovery mode + recoverySQL = "SELECT pg_is_in_recovery();" +) + var ( // isInRecoveryCommand is the command run to determine if postgres is in recovery - isInRecoveryCMD []string = []string{"psql", "-t", "-c", "'SELECT pg_is_in_recovery();'", "-p"} + isInRecoveryCMD []string = []string{"psql", "-t", "-c", recoverySQL, "-p"} // leaderStatusCMD is the command run to get the Patroni status for the primary leaderStatusCMD []string = []string{"curl", fmt.Sprintf("localhost:%s/master", @@ -62,7 +67,8 @@ func (c *Controller) handlePostgresPodPromotion(newPod *apiv1.Pod, cluster crv1. } } - if cluster.Status.State == crv1.PgclusterStateInitialized { + // create a post-failover backup if not a standby cluster + if !cluster.Spec.Standby && cluster.Status.State == crv1.PgclusterStateInitialized { if err := cleanAndCreatePostFailoverBackup(c.Client, cluster.Name, newPod.Namespace); err != nil { log.Error(err) diff --git a/internal/kubeapi/client_config.go b/internal/kubeapi/client_config.go index 5d070fc25e..5049cc5468 100644 --- a/internal/kubeapi/client_config.go +++ b/internal/kubeapi/client_config.go @@ -1,7 +1,7 @@ package kubeapi /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/kubeapi/deployment.go b/internal/kubeapi/deployment.go index ec13795e09..436a19e203 100644 --- a/internal/kubeapi/deployment.go +++ b/internal/kubeapi/deployment.go @@ -1,7 +1,7 @@ package kubeapi /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/kubeapi/endpoints.go b/internal/kubeapi/endpoints.go index b4cd8ece62..90ff217151 100644 --- a/internal/kubeapi/endpoints.go +++ b/internal/kubeapi/endpoints.go @@ -1,7 +1,7 @@ package kubeapi /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/kubeapi/errors.go b/internal/kubeapi/errors.go index 829ca9f097..b3f79e73ca 100644 --- a/internal/kubeapi/errors.go +++ b/internal/kubeapi/errors.go @@ -1,7 +1,7 @@ package kubeapi /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/kubeapi/exec.go b/internal/kubeapi/exec.go index b2e994d84d..d807980c31 100644 --- a/internal/kubeapi/exec.go +++ b/internal/kubeapi/exec.go @@ -1,7 +1,7 @@ package kubeapi /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/kubeapi/fake/clientset.go b/internal/kubeapi/fake/clientset.go index 7fbd74b802..7623fea9c3 100644 --- a/internal/kubeapi/fake/clientset.go +++ b/internal/kubeapi/fake/clientset.go @@ -1,7 +1,7 @@ package fake /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/kubeapi/fake/fakeclients.go b/internal/kubeapi/fake/fakeclients.go index 6a263818d4..10c0f83f20 100644 --- a/internal/kubeapi/fake/fakeclients.go +++ b/internal/kubeapi/fake/fakeclients.go @@ -1,7 +1,7 @@ package fake /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/kubeapi/patch.go b/internal/kubeapi/patch.go new file mode 100644 index 0000000000..2042127db1 --- /dev/null +++ b/internal/kubeapi/patch.go @@ -0,0 +1,171 @@ +package kubeapi + +/* + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +import ( + "encoding/json" + "strings" +) + +// escapeJSONPointer encodes '~' and '/' according to RFC 6901. +var escapeJSONPointer = strings.NewReplacer( + "~", "~0", + "/", "~1", +).Replace + +// JSON6902 represents a JSON Patch according to RFC 6902; the same as +// k8s.io/apimachinery/pkg/types.JSONPatchType. +type JSON6902 []interface{} + +// NewJSONPatch creates a new JSON Patch according to RFC 6902; the same as +// k8s.io/apimachinery/pkg/types.JSONPatchType. +func NewJSONPatch() *JSON6902 { return &JSON6902{} } + +func (*JSON6902) pointer(tokens ...string) string { + var b strings.Builder + + for _, t := range tokens { + _ = b.WriteByte('/') + _, _ = b.WriteString(escapeJSONPointer(t)) + } + + return b.String() +} + +// Add appends an "add" operation to patch. +// +// > The "add" operation performs one of the following functions, +// > depending upon what the target location references: +// > +// > o If the target location specifies an array index, a new value is +// > inserted into the array at the specified index. +// > +// > o If the target location specifies an object member that does not +// > already exist, a new member is added to the object. +// > +// > o If the target location specifies an object member that does exist, +// > that member's value is replaced. +// +func (patch *JSON6902) Add(path ...string) func(value interface{}) *JSON6902 { + i := len(*patch) + f := func(value interface{}) *JSON6902 { + (*patch)[i] = map[string]interface{}{ + "op": "add", + "path": patch.pointer(path...), + "value": value, + } + return patch + } + + *patch = append(*patch, f) + + return f +} + +// Remove appends a "remove" operation to patch. +// +// > The "remove" operation removes the value at the target location. +// > +// > The target location MUST exist for the operation to be successful. +// +func (patch *JSON6902) Remove(path ...string) *JSON6902 { + *patch = append(*patch, map[string]interface{}{ + "op": "remove", + "path": patch.pointer(path...), + }) + + return patch +} + +// Replace appends a "replace" operation to patch. +// +// > The "replace" operation replaces the value at the target location +// > with a new value. +// > +// > The target location MUST exist for the operation to be successful. +// +func (patch *JSON6902) Replace(path ...string) func(value interface{}) *JSON6902 { + i := len(*patch) + f := func(value interface{}) *JSON6902 { + (*patch)[i] = map[string]interface{}{ + "op": "replace", + "path": patch.pointer(path...), + "value": value, + } + return patch + } + + *patch = append(*patch, f) + + return f +} + +// Bytes returns the JSON representation of patch. +func (patch JSON6902) Bytes() ([]byte, error) { return json.Marshal(patch) } + +// Merge7386 represents a JSON Merge Patch according to RFC 7386; the same as +// k8s.io/apimachinery/pkg/types.MergePatchType. +type Merge7386 map[string]interface{} + +// NewMergePatch creates a new JSON Merge Patch according to RFC 7386; the same +// as k8s.io/apimachinery/pkg/types.MergePatchType. +func NewMergePatch() *Merge7386 { return &Merge7386{} } + +// Add modifies patch to indicate that the member at path should be added or +// replaced with value. +// +// > If the provided merge patch contains members that do not appear +// > within the target, those members are added. If the target does +// > contain the member, the value is replaced. Null values in the merge +// > patch are given special meaning to indicate the removal of existing +// > values in the target. +// +func (patch *Merge7386) Add(path ...string) func(value interface{}) *Merge7386 { + position := *patch + + for len(path) > 1 { + p, ok := position[path[0]].(Merge7386) + if !ok { + p = Merge7386{} + position[path[0]] = p + } + + position = p + path = path[1:] + } + + if len(path) < 1 { + return func(interface{}) *Merge7386 { return patch } + } + + f := func(value interface{}) *Merge7386 { + position[path[0]] = value + return patch + } + + position[path[0]] = f + + return f +} + +// Remove modifies patch to indicate that the member at path should be removed +// if it exists. +func (patch *Merge7386) Remove(path ...string) *Merge7386 { + return patch.Add(path...)(nil) +} + +// Bytes returns the JSON representation of patch. +func (patch Merge7386) Bytes() ([]byte, error) { return json.Marshal(patch) } diff --git a/internal/kubeapi/patch_test.go b/internal/kubeapi/patch_test.go new file mode 100644 index 0000000000..a751f5f04b --- /dev/null +++ b/internal/kubeapi/patch_test.go @@ -0,0 +1,259 @@ +package kubeapi + +/* + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +import ( + "encoding/json" + "reflect" + "testing" + + "k8s.io/apimachinery/pkg/labels" +) + +func assertJSON(t testing.TB, expected interface{}, actual []byte) { + t.Helper() + + var e, a interface{} + var err error + + if b, ok := expected.([]byte); ok { + err = json.Unmarshal(b, &e) + } else if s, ok := expected.(string); ok { + err = json.Unmarshal([]byte(s), &e) + } else { + t.Fatalf("bug in test: unexpected type %T", expected) + } + + if err != nil { + t.Fatalf("bug in test: %v", err) + } + + if err = json.Unmarshal(actual, &a); err != nil { + t.Fatal(err) + } + + if !reflect.DeepEqual(e, a) { + t.Errorf("\n--- Expected\n+++ Actual\n- %#v\n+ %#v", e, a) + } +} + +func TestEscapeJSONPointer(t *testing.T) { + t.Parallel() + + for _, tt := range []struct{ input, expected string }{ + {"~1", "~01"}, + {"~~", "~0~0"}, + {"/1", "~11"}, + {"//", "~1~1"}, + {"~/", "~0~1"}, + {"some/label", "some~1label"}, + } { + actual := escapeJSONPointer(tt.input) + if actual != tt.expected { + t.Errorf("expected %q, got %q", tt.expected, actual) + } + } +} + +func TestJSON6902(t *testing.T) { + t.Parallel() + + // An empty patch is valid. + { + b, err := NewJSONPatch().Bytes() + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + assertJSON(t, `[]`, b) + } + + // Calling Add without its value is an error. + { + patch := NewJSONPatch() + patch.Add("a") + _, err := patch.Bytes() + if err == nil { + t.Fatal("expected an error, got none") + } + } + { + b, err := NewJSONPatch().Add("a", "x/y", "0")(9).Bytes() + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + assertJSON(t, `[{"op":"add","path":"/a/x~1y/0","value":9}]`, b) + } + + // Remove takes no value. + { + b, err := NewJSONPatch().Remove("b", "m/n/o").Bytes() + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + assertJSON(t, `[{"op":"remove","path":"/b/m~1n~1o"}]`, b) + } + + // Calling Replace without its value is an error. + { + patch := NewJSONPatch() + patch.Replace("a") + _, err := patch.Bytes() + if err == nil { + t.Fatal("expected an error, got none") + } + } + { + b, err := NewJSONPatch().Replace("metadata", "labels", "some/thing")("5").Bytes() + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + assertJSON(t, `[{"op":"replace","path":"/metadata/labels/some~1thing","value":"5"}]`, b) + } + + // Calls are chainable. + { + b, err := NewJSONPatch(). + Add("a", "b", "c")(1). + Remove("x", "y", "z"). + Replace("1", "2", "3")(nil). + Bytes() + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + assertJSON(t, `[ + {"op":"add","path":"/a/b/c","value":1}, + {"op":"remove","path":"/x/y/z"}, + {"op":"replace","path":"/1/2/3","value":null} + ]`, b) + } +} + +func TestMerge7386(t *testing.T) { + t.Parallel() + + // An empty patch is valid. + { + b, err := NewMergePatch().Bytes() + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + assertJSON(t, `{}`, b) + } + + // Calling Add without a path does nothing. + { + b, err := NewMergePatch().Add()("anything").Bytes() + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + assertJSON(t, `{}`, b) + } + + // Calling Add without its value is an error. + { + patch := NewMergePatch() + patch.Add("a") + _, err := patch.Bytes() + if err == nil { + t.Fatal("expected an error, got none") + } + } + { + b, err := NewMergePatch().Add("a", "x/y", "0")(9).Bytes() + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + assertJSON(t, `{"a":{"x/y":{"0":9}}}`, b) + } + + // Remove takes no value. + { + b, err := NewMergePatch().Remove("b", "m/n/o").Bytes() + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + assertJSON(t, `{"b":{"m/n/o":null}}`, b) + } + + // Calls are chainable. + { + b, err := NewMergePatch(). + Add("a", "b", "c")(1). + Remove("x", "y", "z"). + Bytes() + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + assertJSON(t, `{ + "a":{"b":{"c":1}}, + "x":{"y":{"z":null}} + }`, b) + } +} + +// TestMerge7386Equivalence demonstrates that the same effect can be spelled +// different ways with Merge7386. +func TestMerge7386Equivalence(t *testing.T) { + t.Parallel() + + expected := `{ + "metadata": { + "labels": {"lk":"lv"}, + "annotations": {"ak1":"av1", "ak2":"av2"} + } + }` + + patches := []*Merge7386{ + // multiple calls to Add + NewMergePatch(). + Add("metadata", "labels", "lk")("lv"). + Add("metadata", "annotations", "ak1")("av1"). + Add("metadata", "annotations", "ak2")("av2"), + + // fewer calls using the patch type + NewMergePatch(). + Add("metadata", "labels")(Merge7386{"lk": "lv"}). + Add("metadata", "annotations")(Merge7386{"ak1": "av1", "ak2": "av2"}), + + // fewer calls using other types + NewMergePatch(). + Add("metadata", "labels")(labels.Set{"lk": "lv"}). + Add("metadata", "annotations")(map[string]string{"ak1": "av1", "ak2": "av2"}), + + // one call using the patch type + NewMergePatch(). + Add("metadata")(Merge7386{ + "labels": Merge7386{"lk": "lv"}, + "annotations": Merge7386{"ak1": "av1", "ak2": "av2"}, + }), + + // one call using other types + NewMergePatch(). + Add("metadata")(map[string]interface{}{ + "labels": labels.Set{"lk": "lv"}, + "annotations": map[string]string{"ak1": "av1", "ak2": "av2"}, + }), + } + + for i, patch := range patches { + b, err := patch.Bytes() + if err != nil { + t.Fatalf("expected no error for %v, got %v", i, err) + } + + assertJSON(t, expected, b) + } +} diff --git a/internal/kubeapi/pod.go b/internal/kubeapi/pod.go index 1dc5539089..4997e24e28 100644 --- a/internal/kubeapi/pod.go +++ b/internal/kubeapi/pod.go @@ -1,7 +1,7 @@ package kubeapi /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/kubeapi/volumes.go b/internal/kubeapi/volumes.go index 05412672ac..26e1b2dd63 100644 --- a/internal/kubeapi/volumes.go +++ b/internal/kubeapi/volumes.go @@ -1,7 +1,7 @@ package kubeapi /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/kubeapi/volumes_test.go b/internal/kubeapi/volumes_test.go index b793ac5269..f980f5bfe3 100644 --- a/internal/kubeapi/volumes_test.go +++ b/internal/kubeapi/volumes_test.go @@ -1,7 +1,7 @@ package kubeapi /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/logging/loglib.go b/internal/logging/loglib.go index c109d435f5..830c45043c 100644 --- a/internal/logging/loglib.go +++ b/internal/logging/loglib.go @@ -2,7 +2,7 @@ package logging /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -88,7 +88,4 @@ func CrunchyLogger(logDetails LogValues) { // Output to stdout instead of the default stderr // Can be any io.Writer, see below for File example log.SetOutput(os.Stdout) - - // Only log the debug severity or above. - log.SetLevel(log.DebugLevel) } diff --git a/internal/ns/nslogic.go b/internal/ns/nslogic.go index e579b6d47b..1410653c23 100644 --- a/internal/ns/nslogic.go +++ b/internal/ns/nslogic.go @@ -1,7 +1,7 @@ package ns /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/backrest/backup.go b/internal/operator/backrest/backup.go index 690d7e5e78..a7cb6785cd 100644 --- a/internal/operator/backrest/backup.go +++ b/internal/operator/backrest/backup.go @@ -1,7 +1,7 @@ package backrest /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/backrest/repo.go b/internal/operator/backrest/repo.go index ea2e5100b0..be61e23f2f 100644 --- a/internal/operator/backrest/repo.go +++ b/internal/operator/backrest/repo.go @@ -1,7 +1,7 @@ package backrest /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -157,6 +157,19 @@ func CreateRepoDeployment(clientset kubernetes.Interface, cluster *crv1.Pgcluste return nil } +// CreateRepoSecret allows for the creation of the Secret used to populate +// some (mostly) sensitive fields for managing the pgBackRest repository. +// +// If the Secret already exists, then missing fields will be overwritten. +func CreateRepoSecret(clientset kubernetes.Interface, cluster *crv1.Pgcluster) error { + return util.CreateBackrestRepoSecrets(clientset, + util.BackrestRepoConfig{ + ClusterName: cluster.Name, + ClusterNamespace: cluster.Namespace, + OperatorNamespace: operator.PgoNamespace, + }) +} + // setBootstrapRepoOverrides overrides certain fields used to populate the pgBackRest repository template // as needed to support the creation of a bootstrap repository need to bootstrap a new cluster from an // existing data source. diff --git a/internal/operator/backrest/restore.go b/internal/operator/backrest/restore.go index 9cb0ebae1c..51120a2ffd 100644 --- a/internal/operator/backrest/restore.go +++ b/internal/operator/backrest/restore.go @@ -1,7 +1,7 @@ package backrest /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -36,6 +36,13 @@ import ( "k8s.io/apimachinery/pkg/util/wait" ) +const ( + // tablespacePVCSuffixPattern represents the pattern of the suffix for a tablespace PVC name + tablespacePVCSuffixPattern = "%s-tablespace-" + // walPVCPattern represents the pattern of a WAL PVC name + walPVCPattern = "%s-wal" +) + // restoreTargetRegex defines a regex to detect if a restore target has been specified // for pgBackRest using the '--target' option var restoreTargetRegex = regexp.MustCompile("--target(=| +)") @@ -168,24 +175,31 @@ func PrepareClusterForRestore(clientset kubeapi.Interface, cluster *crv1.Pgclust } log.Debugf("restore workflow: deleted all existing jobs for cluster %s", clusterName) + // find all database PVCs for the entire PostgreSQL cluster. Includes the PVCs for all PGDATA + // volumes, as well as the PVCs for any WAL and/or tablespace volumes + databasePVCList, err := getPGDatabasePVCNames(clientset, replicas, clusterName, namespace) + if err != nil { + return nil, err + } + log.Debugf("restore workflow: found PVCs %v for cluster %s", databasePVCList, clusterName) + // delete all PostgreSQL PVCs (the primary and all replica PVCs) - for _, deployment := range pgInstances.Items { - err := clientset. - CoreV1().PersistentVolumeClaims(namespace). - Delete(deployment.GetName(), &metav1.DeleteOptions{}) - if err != nil && !kerrors.IsNotFound(err) { + for _, pvcName := range databasePVCList { + err := clientset.CoreV1().PersistentVolumeClaims(namespace). + Delete(pvcName, &metav1.DeleteOptions{}) + if err != nil { return nil, err } - log.Debugf("restore workflow: deleted primary or replica PVC %s", deployment.GetName()) + log.Debugf("restore workflow: deleted primary or replica PVC %s", pvcName) } // Wait for all PG PVCs to be removed. If unable to verify that all PVCs have been - // removed, then the restore cannot proceed the function returns. + // removed, then the restore cannot proceed and the function returns. if err := wait.Poll(time.Second/2, time.Minute*3, func() (bool, error) { notFound := true - for _, deployment := range pgInstances.Items { + for _, pvcName := range databasePVCList { if _, err := clientset.CoreV1().PersistentVolumeClaims(namespace). - Get(deployment.GetName(), metav1.GetOptions{}); err == nil { + Get(pvcName, metav1.GetOptions{}); err == nil { notFound = false } } @@ -267,3 +281,42 @@ func PublishRestore(id, clusterName, username, namespace string) { } } + +// getPGDatabasePVCNames returns the names of all PostgreSQL database PVCs for a specific +// PostgreSQL cluster. This includes the PVCs for the PGDATA volumes for all database +// instances comprising the cluster, in addition to any additional volumes used by those +// instances, e.g. PVCs for external WAL and/or tablespace volumes. +func getPGDatabasePVCNames(clientset kubeapi.Interface, replicas *crv1.PgreplicaList, + clusterName, namespace string) ([]string, error) { + + // create a slice with the names of all database instances in the cluster. Even though the + // original primary database (with a name matching the cluster name) might no longer exist, + // add the cluster name to this list in the event that it does, along with the names of any + // pgreplica's. + instances := []string{clusterName} + for _, replica := range replicas.Items { + instances = append(instances, replica.GetName()) + } + + // find all current PVCs for the cluster + clusterPVCList, err := clientset.CoreV1().PersistentVolumeClaims(namespace). + List(metav1.ListOptions{ + LabelSelector: fmt.Sprintf("%s=%s", config.LABEL_PG_CLUSTER, clusterName), + }) + if err != nil { + return nil, err + } + + var databasePVCList []string + for _, instance := range instances { + for _, clusterPVC := range clusterPVCList.Items { + pvcName := clusterPVC.GetName() + if pvcName == instance || pvcName == fmt.Sprintf(walPVCPattern, instance) || + strings.HasPrefix(pvcName, fmt.Sprintf(tablespacePVCSuffixPattern, instance)) { + databasePVCList = append(databasePVCList, pvcName) + } + } + } + + return databasePVCList, nil +} diff --git a/internal/operator/backrest/stanza.go b/internal/operator/backrest/stanza.go index d7d55615dd..185a6247c0 100644 --- a/internal/operator/backrest/stanza.go +++ b/internal/operator/backrest/stanza.go @@ -1,7 +1,7 @@ package backrest /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/cluster/clone.go b/internal/operator/cluster/clone.go index ae33ffd0cb..7e1d41e126 100644 --- a/internal/operator/cluster/clone.go +++ b/internal/operator/cluster/clone.go @@ -1,7 +1,7 @@ package cluster /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/cluster/cluster.go b/internal/operator/cluster/cluster.go index eef521107f..9de8c59717 100644 --- a/internal/operator/cluster/cluster.go +++ b/internal/operator/cluster/cluster.go @@ -4,7 +4,7 @@ package cluster /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -87,6 +87,14 @@ func AddClusterBase(clientset kubeapi.Interface, cl *crv1.Pgcluster, namespace s return } + // ensure the the pgBackRest Secret is created. If this fails, we have to + // abort + if err := backrest.CreateRepoSecret(clientset, cl); err != nil { + log.Error(err) + publishClusterCreateFailure(cl, err.Error()) + return + } + if err := annotateBackrestSecret(clientset, cl); err != nil { log.Error(err) publishClusterCreateFailure(cl, err.Error()) diff --git a/internal/operator/cluster/clusterlogic.go b/internal/operator/cluster/clusterlogic.go index a953e07213..a33c48cf46 100644 --- a/internal/operator/cluster/clusterlogic.go +++ b/internal/operator/cluster/clusterlogic.go @@ -4,7 +4,7 @@ package cluster /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -97,15 +97,16 @@ func addClusterBootstrapJob(clientset kubeapi.Interface, return err } + if operator.CRUNCHY_DEBUG { + _ = config.BootstrapTemplate.Execute(os.Stdout, bootstrapFields) + } + var bootstrapSpec bytes.Buffer + if err := config.BootstrapTemplate.Execute(&bootstrapSpec, bootstrapFields); err != nil { return err } - if operator.CRUNCHY_DEBUG { - config.DeploymentTemplate.Execute(os.Stdout, bootstrapFields) - } - job := &batchv1.Job{} if err := json.Unmarshal(bootstrapSpec.Bytes(), job); err != nil { return err @@ -140,15 +141,15 @@ func addClusterDeployments(clientset kubeapi.Interface, deploymentFields := getClusterDeploymentFields(clientset, cl, dataVolume, walVolume, tablespaceVolumes) + if operator.CRUNCHY_DEBUG { + _ = config.DeploymentTemplate.Execute(os.Stdout, deploymentFields) + } + var primaryDoc bytes.Buffer if err := config.DeploymentTemplate.Execute(&primaryDoc, deploymentFields); err != nil { return err } - if operator.CRUNCHY_DEBUG { - config.DeploymentTemplate.Execute(os.Stdout, deploymentFields) - } - deployment := &appsv1.Deployment{} if err := json.Unmarshal(primaryDoc.Bytes(), deployment); err != nil { return err @@ -620,7 +621,10 @@ func ShutdownCluster(clientset kubeapi.Interface, cluster crv1.Pgcluster) error return err } - if len(pods.Items) > 1 { + if len(pods.Items) == 0 { + return fmt.Errorf("Cluster Operator: Could not find primary pod for shutdown of "+ + "cluster %s", cluster.Name) + } else if len(pods.Items) > 1 { return fmt.Errorf("Cluster Operator: Invalid number of primary pods (%d) found when "+ "shutting down cluster %s", len(pods.Items), cluster.Name) } diff --git a/internal/operator/cluster/failover.go b/internal/operator/cluster/failover.go index 45870d9a75..d0e99157f9 100644 --- a/internal/operator/cluster/failover.go +++ b/internal/operator/cluster/failover.go @@ -4,7 +4,7 @@ package cluster /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/cluster/failoverlogic.go b/internal/operator/cluster/failoverlogic.go index 3dee469682..be0e39a462 100644 --- a/internal/operator/cluster/failoverlogic.go +++ b/internal/operator/cluster/failoverlogic.go @@ -4,7 +4,7 @@ package cluster /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/cluster/pgadmin.go b/internal/operator/cluster/pgadmin.go index 86ea0129cc..ad0a06c5e2 100644 --- a/internal/operator/cluster/pgadmin.go +++ b/internal/operator/cluster/pgadmin.go @@ -1,7 +1,7 @@ package cluster /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -348,7 +348,7 @@ func createPgAdminDeployment(clientset kubernetes.Interface, cluster *crv1.Pgclu Name: pgAdminDeploymentName, ClusterName: cluster.Name, CCPImagePrefix: operator.Pgo.Cluster.CCPImagePrefix, - CCPImageTag: cluster.Spec.CCPImageTag, + CCPImageTag: util.GetStandardImageTag(cluster.Spec.CCPImage, cluster.Spec.CCPImageTag), DisableFSGroup: operator.Pgo.Cluster.DisableFSGroup, Port: defPgAdminPort, InitUser: defSetupUsername, diff --git a/internal/operator/cluster/pgbouncer.go b/internal/operator/cluster/pgbouncer.go index 7737198480..b5c550b09d 100644 --- a/internal/operator/cluster/pgbouncer.go +++ b/internal/operator/cluster/pgbouncer.go @@ -1,7 +1,7 @@ package cluster /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -156,20 +156,41 @@ func AddPgbouncer(clientset kubernetes.Interface, restconfig *rest.Config, clust } } - // set the password that will be used for the "pgbouncer" PostgreSQL account - pgBouncerPassword, err := generatePassword() - - if err != nil { - return err - } - // only attempt to set the password if the cluster is not in standby mode + // and the secret does not already exist. If GetPasswordFromSecret returns + // no errors, then we can assume that the Secret does not exist if !cluster.Spec.Standby { + secretName := util.GeneratePgBouncerSecretName(cluster.Name) + pgBouncerPassword, err := util.GetPasswordFromSecret(clientset, cluster.Namespace, secretName) + + if err != nil { + // set the password that will be used for the "pgbouncer" PostgreSQL account + newPassword, err := generatePassword() + + if err != nil { + return err + } + + pgBouncerPassword = newPassword + + // create the secret that pgbouncer will include the pgBouncer + // credentials + if err := createPgbouncerSecret(clientset, cluster, pgBouncerPassword); err != nil { + return err + } + } + // attempt to update the password in PostgreSQL, as this is how pgBouncer // will properly interface with PostgreSQL if err := setPostgreSQLPassword(clientset, restconfig, pod, cluster.Spec.Port, pgBouncerPassword); err != nil { return err } + } else { + // if this is a standby cluster, we still need to create a pgBouncer Secret, + // but no credentials are available + if err := createPgbouncerSecret(clientset, cluster, ""); err != nil { + return err + } } // next, create the pgBouncer config map that will allow pgBouncer to be @@ -178,12 +199,6 @@ func AddPgbouncer(clientset kubernetes.Interface, restconfig *rest.Config, clust return err } - // next, create the secret that pgbouncer will include the pgBouncer - // credentials - if err := createPgbouncerSecret(clientset, cluster, pgBouncerPassword); err != nil { - return err - } - // next, create the pgBouncer deployment if err := createPgBouncerDeployment(clientset, cluster); err != nil { return err @@ -227,7 +242,8 @@ func DeletePgbouncer(clientset kubernetes.Interface, restconfig *rest.Config, cl } // next, delete the various Kubernetes objects associated with the pgbouncer - // these include the Service, Deployment, and the pgBouncer secret + // these include the Service, Deployment, Secret and ConfigMap associated with + // pgbouncer // If these fail, we'll just pass through // // First, delete the Service and Deployment, which share the same naem @@ -554,7 +570,7 @@ func createPgBouncerDeployment(clientset kubernetes.Interface, cluster *crv1.Pgc Name: pgbouncerDeploymentName, ClusterName: cluster.Name, CCPImagePrefix: util.GetValueOrDefault(cluster.Spec.CCPImagePrefix, operator.Pgo.Cluster.CCPImagePrefix), - CCPImageTag: cluster.Spec.CCPImageTag, + CCPImageTag: util.GetStandardImageTag(cluster.Spec.CCPImage, cluster.Spec.CCPImageTag), Port: cluster.Spec.Port, PGBouncerConfigMap: util.GeneratePgBouncerConfigMapName(cluster.Name), PGBouncerSecret: util.GeneratePgBouncerSecretName(cluster.Name), diff --git a/internal/operator/cluster/pgbouncer_test.go b/internal/operator/cluster/pgbouncer_test.go index 06ff30d8b6..f3807dc2a6 100644 --- a/internal/operator/cluster/pgbouncer_test.go +++ b/internal/operator/cluster/pgbouncer_test.go @@ -1,7 +1,7 @@ package cluster /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/cluster/rmdata.go b/internal/operator/cluster/rmdata.go index b25d260ca4..785815a4c5 100644 --- a/internal/operator/cluster/rmdata.go +++ b/internal/operator/cluster/rmdata.go @@ -4,7 +4,7 @@ package cluster /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/cluster/service.go b/internal/operator/cluster/service.go index 2812a88389..e24be777f1 100644 --- a/internal/operator/cluster/service.go +++ b/internal/operator/cluster/service.go @@ -4,7 +4,7 @@ package cluster /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/cluster/standby.go b/internal/operator/cluster/standby.go index 154a2dd3f6..692f005695 100644 --- a/internal/operator/cluster/standby.go +++ b/internal/operator/cluster/standby.go @@ -1,7 +1,7 @@ package cluster /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/cluster/upgrade.go b/internal/operator/cluster/upgrade.go index e2d58e7dc4..520097c51f 100644 --- a/internal/operator/cluster/upgrade.go +++ b/internal/operator/cluster/upgrade.go @@ -1,7 +1,7 @@ package cluster /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -16,9 +16,11 @@ package cluster */ import ( + "crypto/sha256" "errors" "fmt" "io/ioutil" + "path" "strconv" "time" @@ -50,6 +52,10 @@ const ( // store the replica postfix string const replicaServicePostfix = "-replica" +// legacyS3CASHA256Digest informs us if we should override the S3 CA with the +// new bundle +const legacyS3CASHA256Digest = "d1c290ea1e4544dec1934931fbfa1fb2060eb3a0f2239ba191f444ecbce35cbb" + // AddUpgrade implements the upgrade workflow in accordance with the received pgtask // the general process is outlined below: // 1) get the existing pgcluster CRD instance that matches the name provided in the pgtask @@ -433,6 +439,19 @@ func recreateBackrestRepoSecret(clientset kubernetes.Interface, clustername, nam if err == nil { if b, ok := secret.Data["aws-s3-ca.crt"]; ok { config.BackrestS3CA = b + + // if this matches the old AWS S3 CA bundle, update to the new one. + if fmt.Sprintf("%x", sha256.Sum256(config.BackrestS3CA)) == legacyS3CASHA256Digest { + file := path.Join("/default-pgo-backrest-repo/aws-s3-ca.crt") + + // if we can't read the contents of the file for whatever reason, warn, + // otherwise, update the entry in the Secret + if contents, err := ioutil.ReadFile(file); err != nil { + log.Warn(err) + } else { + config.BackrestS3CA = contents + } + } } if b, ok := secret.Data["aws-s3-key"]; ok { config.BackrestS3Key = string(b) diff --git a/internal/operator/clusterutilities.go b/internal/operator/clusterutilities.go index 42d97e336d..8513071c13 100644 --- a/internal/operator/clusterutilities.go +++ b/internal/operator/clusterutilities.go @@ -1,7 +1,7 @@ package operator /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -335,7 +335,7 @@ func GetBadgerAddon(clientset kubernetes.Interface, namespace string, cluster *c if cluster.Labels[config.LABEL_BADGER] == "true" { log.Debug("crunchy_badger was found as a label on cluster create") badgerTemplateFields := badgerTemplateFields{} - badgerTemplateFields.CCPImageTag = spec.CCPImageTag + badgerTemplateFields.CCPImageTag = util.GetStandardImageTag(spec.CCPImage, spec.CCPImageTag) badgerTemplateFields.BadgerTarget = pgbadger_target badgerTemplateFields.PGBadgerPort = spec.PGBadgerPort badgerTemplateFields.CCPImagePrefix = util.GetValueOrDefault(spec.CCPImagePrefix, Pgo.Cluster.CCPImagePrefix) diff --git a/internal/operator/clusterutilities_test.go b/internal/operator/clusterutilities_test.go index 72de4844ff..976b05b8d9 100644 --- a/internal/operator/clusterutilities_test.go +++ b/internal/operator/clusterutilities_test.go @@ -1,7 +1,7 @@ package operator /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/common.go b/internal/operator/common.go index 2d4360deb7..32ae3b3cb3 100644 --- a/internal/operator/common.go +++ b/internal/operator/common.go @@ -1,7 +1,7 @@ package operator /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -17,8 +17,12 @@ package operator import ( "bytes" + "crypto/sha256" "encoding/json" + "fmt" + "io/ioutil" "os" + "path" "strings" "github.com/crunchydata/postgres-operator/internal/config" @@ -27,12 +31,20 @@ import ( log "github.com/sirupsen/logrus" v1 "k8s.io/api/core/v1" + kerrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes" ) const ( + // defaultBackrestRepoConfigPath contains the default configuration that are used + // to set up a pgBackRest repository + defaultBackrestRepoConfigPath = "/default-pgo-backrest-repo/" // defaultRegistry is the default registry to pull the container images from defaultRegistry = "registry.developers.crunchydata.com/crunchydata" + // legacyS3CASHA256Digest informs us if we should override the S3 CA with the + // new bundle + legacyS3CASHA256Digest = "d1c290ea1e4544dec1934931fbfa1fb2060eb3a0f2239ba191f444ecbce35cbb" ) var CRUNCHY_DEBUG bool @@ -62,6 +74,10 @@ type containerResourcesTemplateFields struct { RequestsMemory, RequestsCPU string } +// defaultBackrestRepoConfigKeys are the default keys expected to be in the +// pgBackRest repo config secret +var defaultBackrestRepoConfigKeys = []string{"config", "sshd_config", "aws-s3-ca.crt"} + func Initialize(clientset kubernetes.Interface) { tmp := os.Getenv("CRUNCHY_DEBUG") @@ -89,16 +105,15 @@ func Initialize(clientset kubernetes.Interface) { os.Exit(2) } - var err error - - err = Pgo.GetConfig(clientset, PgoNamespace) - if err != nil { + if err := Pgo.GetConfig(clientset, PgoNamespace); err != nil { log.Error(err) - log.Error("pgo-config files and templates did not load") - os.Exit(2) + log.Fatal("pgo-config files and templates did not load") } - log.Printf("PrimaryStorage=%v\n", Pgo.Storage["storage1"]) + // initialize the general pgBackRest secret + if err := initializeOperatorBackrestSecret(clientset, PgoNamespace); err != nil { + log.Fatal(err) + } if Pgo.Cluster.CCPImagePrefix == "" { log.Debugf("pgo.yaml CCPImagePrefix not set, using default %q", defaultRegistry) @@ -360,6 +375,78 @@ func initializeControllerWorkerCounts() { } } +// initializeOperatorBackrestSecret ensures the generic pgBackRest configuration +// is available +func initializeOperatorBackrestSecret(clientset kubernetes.Interface, namespace string) error { + var isNew, isModified bool + + // determine if the Secret already exists + secret, err := clientset. + CoreV1().Secrets(namespace). + Get(config.SecretOperatorBackrestRepoConfig, metav1.GetOptions{}) + + // if there is a true error, return. Otherwise, initialize a new Secret + if err != nil { + if !kerrors.IsNotFound(err) { + return err + } + + secret = &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: config.SecretOperatorBackrestRepoConfig, + }, + Data: map[string][]byte{}, + } + isNew = true + } + + // set any missing defaults + for _, filename := range defaultBackrestRepoConfigKeys { + // skip if there is already content, unless this is aws-s3-ca.crt due to + // the change in the CA bundle + if len(secret.Data[filename]) != 0 { + if filename != "aws-s3-ca.crt" { + continue + } + + // in the case of aws-s3-ca.crt, check that this is the default + // certificate. if it is, override it + if fmt.Sprintf("%x", sha256.Sum256(secret.Data[filename])) != legacyS3CASHA256Digest { + continue + } + } + + file := path.Join(defaultBackrestRepoConfigPath, filename) + + // if we can't read the contents of the file for whatever reason, warn, + // but continue + // otherwise, update the entry in the Secret + if contents, err := ioutil.ReadFile(file); err != nil { + log.Warn(err) + continue + } else { + secret.Data[filename] = contents + } + + isModified = true + } + + // do not make any updates if the secret is not modified at all + if !isModified { + return nil + } + + // make the API calls based on if we are creating or updating + if isNew { + _, err := clientset.CoreV1().Secrets(namespace).Create(secret) + return err + } + + _, err = clientset.CoreV1().Secrets(namespace).Update(secret) + + return err +} + // SetupNamespaces is responsible for the initial namespace configuration for the Operator // install. This includes setting the proper namespace operating mode, creating and/or updating // namespaces as needed (or as permitted by the current operator mode), and returning a valid list diff --git a/internal/operator/config/configutil.go b/internal/operator/config/configutil.go index af6bc62f35..4bd84dec41 100644 --- a/internal/operator/config/configutil.go +++ b/internal/operator/config/configutil.go @@ -1,7 +1,7 @@ package config /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/config/dcs.go b/internal/operator/config/dcs.go index 7b5c721c5f..d74cc1fae9 100644 --- a/internal/operator/config/dcs.go +++ b/internal/operator/config/dcs.go @@ -1,7 +1,7 @@ package config /* - Copyright 2020 Crunchy Data Solutions, Ind. + Copyright 2020 - 2022 Crunchy Data Solutions, Ind. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/config/localdb.go b/internal/operator/config/localdb.go index 0e3c182e17..208de465c5 100644 --- a/internal/operator/config/localdb.go +++ b/internal/operator/config/localdb.go @@ -1,7 +1,7 @@ package config /* - Copyright 2020 Crunchy Data Solutions, Inl. + Copyright 2020 - 2022 Crunchy Data Solutions, Inl. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/operatorupgrade/version-check.go b/internal/operator/operatorupgrade/version-check.go index 81461417cb..1e306b9a07 100644 --- a/internal/operator/operatorupgrade/version-check.go +++ b/internal/operator/operatorupgrade/version-check.go @@ -1,7 +1,7 @@ package operatorupgrade /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/pgbackrest.go b/internal/operator/pgbackrest.go index 42a8f645d1..98bd6c8e38 100644 --- a/internal/operator/pgbackrest.go +++ b/internal/operator/pgbackrest.go @@ -1,7 +1,7 @@ package operator /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/pgbackrest_test.go b/internal/operator/pgbackrest_test.go index 046d2be770..f853e0e363 100644 --- a/internal/operator/pgbackrest_test.go +++ b/internal/operator/pgbackrest_test.go @@ -1,7 +1,7 @@ package operator /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/pgdump/dump.go b/internal/operator/pgdump/dump.go index 78d51a0a38..33a0ad7b3c 100644 --- a/internal/operator/pgdump/dump.go +++ b/internal/operator/pgdump/dump.go @@ -1,7 +1,7 @@ package pgdump /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/pgdump/restore.go b/internal/operator/pgdump/restore.go index d813331dd5..31a427a8e5 100644 --- a/internal/operator/pgdump/restore.go +++ b/internal/operator/pgdump/restore.go @@ -1,7 +1,7 @@ package pgdump /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/pvc/pvc.go b/internal/operator/pvc/pvc.go index 0c37e8d27c..6db0fea08e 100644 --- a/internal/operator/pvc/pvc.go +++ b/internal/operator/pvc/pvc.go @@ -1,7 +1,7 @@ package pvc /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/storage.go b/internal/operator/storage.go index da06087deb..0341587c52 100644 --- a/internal/operator/storage.go +++ b/internal/operator/storage.go @@ -1,7 +1,7 @@ package operator /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/storage_test.go b/internal/operator/storage_test.go index 280b1c6cd0..8ed5237743 100644 --- a/internal/operator/storage_test.go +++ b/internal/operator/storage_test.go @@ -1,7 +1,7 @@ package operator /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/task/applypolicies.go b/internal/operator/task/applypolicies.go index 8d3b540927..45852bca8c 100644 --- a/internal/operator/task/applypolicies.go +++ b/internal/operator/task/applypolicies.go @@ -1,7 +1,7 @@ package task /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/task/rmbackups.go b/internal/operator/task/rmbackups.go index 928a8cb977..b55424b620 100644 --- a/internal/operator/task/rmbackups.go +++ b/internal/operator/task/rmbackups.go @@ -1,7 +1,7 @@ package task /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/task/rmdata.go b/internal/operator/task/rmdata.go index d4e62a5775..6c7adcbd06 100644 --- a/internal/operator/task/rmdata.go +++ b/internal/operator/task/rmdata.go @@ -1,7 +1,7 @@ package task /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/task/workflow.go b/internal/operator/task/workflow.go index 2f55b0f481..0a1983df64 100644 --- a/internal/operator/task/workflow.go +++ b/internal/operator/task/workflow.go @@ -1,7 +1,7 @@ package task /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/operator/wal.go b/internal/operator/wal.go index 1b679755fb..ca0889ca50 100644 --- a/internal/operator/wal.go +++ b/internal/operator/wal.go @@ -1,7 +1,7 @@ package operator /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/patroni/doc.go b/internal/patroni/doc.go index 63a42c84d3..62c153097e 100644 --- a/internal/patroni/doc.go +++ b/internal/patroni/doc.go @@ -4,7 +4,7 @@ package patroni /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/patroni/patroni.go b/internal/patroni/patroni.go index e1bc58a01a..58bff584af 100644 --- a/internal/patroni/patroni.go +++ b/internal/patroni/patroni.go @@ -1,7 +1,7 @@ package patroni /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/pgadmin/backoff.go b/internal/pgadmin/backoff.go index d1df68c80d..b37a76fe33 100644 --- a/internal/pgadmin/backoff.go +++ b/internal/pgadmin/backoff.go @@ -1,7 +1,7 @@ package pgadmin /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/pgadmin/backoff_test.go b/internal/pgadmin/backoff_test.go index aeae16f7a5..35101dbf80 100644 --- a/internal/pgadmin/backoff_test.go +++ b/internal/pgadmin/backoff_test.go @@ -1,7 +1,7 @@ package pgadmin /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/pgadmin/crypto.go b/internal/pgadmin/crypto.go index 55ebc8b771..6b116a6b0d 100644 --- a/internal/pgadmin/crypto.go +++ b/internal/pgadmin/crypto.go @@ -1,7 +1,7 @@ package pgadmin /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/pgadmin/crypto_test.go b/internal/pgadmin/crypto_test.go index 36f8468379..547478d4d3 100644 --- a/internal/pgadmin/crypto_test.go +++ b/internal/pgadmin/crypto_test.go @@ -1,7 +1,7 @@ package pgadmin /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/pgadmin/doc.go b/internal/pgadmin/doc.go index 97900b0227..d02d6feb3c 100644 --- a/internal/pgadmin/doc.go +++ b/internal/pgadmin/doc.go @@ -4,7 +4,7 @@ database which powers pgadmin */ package pgadmin /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/pgadmin/hash.go b/internal/pgadmin/hash.go index b73222fb8b..df6b0d4cc2 100644 --- a/internal/pgadmin/hash.go +++ b/internal/pgadmin/hash.go @@ -1,7 +1,7 @@ package pgadmin /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/pgadmin/logic.go b/internal/pgadmin/logic.go index 2a3fdf0c30..508d836066 100644 --- a/internal/pgadmin/logic.go +++ b/internal/pgadmin/logic.go @@ -1,7 +1,7 @@ package pgadmin /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/pgadmin/runner.go b/internal/pgadmin/runner.go index 233dc092be..a7d6df3b0e 100644 --- a/internal/pgadmin/runner.go +++ b/internal/pgadmin/runner.go @@ -1,7 +1,7 @@ package pgadmin /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/pgadmin/server.go b/internal/pgadmin/server.go index 26568e8806..dcc68dd26c 100644 --- a/internal/pgadmin/server.go +++ b/internal/pgadmin/server.go @@ -1,7 +1,7 @@ package pgadmin /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/postgres/doc.go b/internal/postgres/doc.go index 974cb7c8df..8010931373 100644 --- a/internal/postgres/doc.go +++ b/internal/postgres/doc.go @@ -5,7 +5,7 @@ package postgres /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/postgres/password/doc.go b/internal/postgres/password/doc.go index 6ea6563873..8950878ee2 100644 --- a/internal/postgres/password/doc.go +++ b/internal/postgres/password/doc.go @@ -4,7 +4,7 @@ package password /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/postgres/password/md5.go b/internal/postgres/password/md5.go index ae93d2cc56..65cea2c081 100644 --- a/internal/postgres/password/md5.go +++ b/internal/postgres/password/md5.go @@ -1,7 +1,7 @@ package password /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/postgres/password/md5_test.go b/internal/postgres/password/md5_test.go index c77c8abf43..7bc2b1b6b8 100644 --- a/internal/postgres/password/md5_test.go +++ b/internal/postgres/password/md5_test.go @@ -1,7 +1,7 @@ package password /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/postgres/password/password.go b/internal/postgres/password/password.go index b70112a4c3..fc3966c9a7 100644 --- a/internal/postgres/password/password.go +++ b/internal/postgres/password/password.go @@ -1,7 +1,7 @@ package password /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/postgres/password/password_test.go b/internal/postgres/password/password_test.go index b9b7094dbc..41e54be000 100644 --- a/internal/postgres/password/password_test.go +++ b/internal/postgres/password/password_test.go @@ -1,7 +1,7 @@ package password /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/postgres/password/scram.go b/internal/postgres/password/scram.go index aa6eee3df8..b4e7bf1d3c 100644 --- a/internal/postgres/password/scram.go +++ b/internal/postgres/password/scram.go @@ -1,7 +1,7 @@ package password /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/postgres/password/scram_test.go b/internal/postgres/password/scram_test.go index 6de92bb17c..9bdde312ab 100644 --- a/internal/postgres/password/scram_test.go +++ b/internal/postgres/password/scram_test.go @@ -1,7 +1,7 @@ package password /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/tlsutil/primitives.go b/internal/tlsutil/primitives.go index 03fb73f744..3146ff7eea 100644 --- a/internal/tlsutil/primitives.go +++ b/internal/tlsutil/primitives.go @@ -1,7 +1,7 @@ package tlsutil /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/tlsutil/primitives_test.go b/internal/tlsutil/primitives_test.go index 22676e9fbc..507b3ddfe3 100644 --- a/internal/tlsutil/primitives_test.go +++ b/internal/tlsutil/primitives_test.go @@ -1,7 +1,7 @@ package tlsutil /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/util/backrest.go b/internal/util/backrest.go index 66e3a2dec6..7b881bc8a5 100644 --- a/internal/util/backrest.go +++ b/internal/util/backrest.go @@ -1,7 +1,7 @@ package util /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/util/clone.go b/internal/util/clone.go index a1d563262c..cb69ec2055 100644 --- a/internal/util/clone.go +++ b/internal/util/clone.go @@ -1,7 +1,7 @@ package util /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/util/cluster.go b/internal/util/cluster.go index 91c7cfec95..bb38be3fa9 100644 --- a/internal/util/cluster.go +++ b/internal/util/cluster.go @@ -1,7 +1,7 @@ package util /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -27,6 +27,7 @@ import ( log "github.com/sirupsen/logrus" v1 "k8s.io/api/core/v1" + kerrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes" "k8s.io/client-go/rest" @@ -115,70 +116,112 @@ var ( func CreateBackrestRepoSecrets(clientset kubernetes.Interface, backrestRepoConfig BackrestRepoConfig) error { - keys, err := NewPrivatePublicKeyPair() - if err != nil { - return err + // first: determine if a Secret already exists. If it does, we are going to + // work on modifying that Secret. + secretName := fmt.Sprintf("%s-%s", backrestRepoConfig.ClusterName, + config.LABEL_BACKREST_REPO_SECRET) + secret, secretErr := clientset.CoreV1().Secrets(backrestRepoConfig.ClusterNamespace).Get( + secretName, metav1.GetOptions{}) + + // only return an error if this is a **not** a not found error + if secretErr != nil && !kerrors.IsNotFound(secretErr) { + log.Error(secretErr) + return secretErr + } + + // determine if we need to create a new secret, i.e. this is a not found error + newSecret := secretErr != nil + if newSecret { + // set up the secret for the cluster that contains the pgBackRest information + secret = &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: secretName, + Labels: map[string]string{ + config.LABEL_VENDOR: config.LABEL_CRUNCHY, + config.LABEL_PG_CLUSTER: backrestRepoConfig.ClusterName, + config.LABEL_PGO_BACKREST_REPO: "true", + }, + }, + Data: map[string][]byte{}, + } } - // Retrieve the S3/SSHD configuration files from secret - configs, err := clientset. + // next, load the Operator level pgBackRest secret templates, which contain + // SSHD(...?) and possible S3 credentials + configs, configErr := clientset. CoreV1().Secrets(backrestRepoConfig.OperatorNamespace). - Get("pgo-backrest-repo-config", metav1.GetOptions{}) + Get(config.SecretOperatorBackrestRepoConfig, metav1.GetOptions{}) - if err != nil { - log.Error(err) - return err + if configErr != nil { + log.Error(configErr) + return configErr + } + + // set the SSH/SSHD configuration, if it is not presently set + for _, key := range []string{backRestRepoSecretKeySSHConfig, backRestRepoSecretKeySSHDConfig} { + if len(secret.Data[key]) == 0 { + secret.Data[key] = configs.Data[key] + } } - // if an S3 key has been provided via the request, then use key and key secret - // included in the request instead of the default credentials that are - // available in the Operator pgBackRest secret - backrestS3Key := []byte(backrestRepoConfig.BackrestS3Key) + // set the SSH keys if any appear to be unset + if len(secret.Data[backRestRepoSecretKeyAuthorizedKeys]) == 0 || + len(secret.Data[backRestRepoSecretKeySSHPrivateKey]) == 0 || + len(secret.Data[backRestRepoSecretKeySSHHostPrivateKey]) == 0 { + // generate the keypair and then assign it to the values in the Secret + keys, keyErr := NewPrivatePublicKeyPair() + + if keyErr != nil { + log.Error(keyErr) + return keyErr + } + + secret.Data[backRestRepoSecretKeyAuthorizedKeys] = keys.Public + secret.Data[backRestRepoSecretKeySSHPrivateKey] = keys.Private + secret.Data[backRestRepoSecretKeySSHHostPrivateKey] = keys.Private + } - if backrestRepoConfig.BackrestS3Key == "" { - backrestS3Key = configs.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3Key] + // Set the S3 credentials + // If explicit S3 credentials are passed in, use those. + // If the Secret already has S3 credentials, use those. + // Otherwise, try to load in the default credentials from the Operator Secret. + if len(backrestRepoConfig.BackrestS3CA) != 0 { + secret.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3CACert] = backrestRepoConfig.BackrestS3CA } - backrestS3KeySecret := []byte(backrestRepoConfig.BackrestS3KeySecret) + if len(secret.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3CACert]) == 0 && + len(configs.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3CACert]) != 0 { + secret.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3CACert] = configs.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3CACert] + } - if backrestRepoConfig.BackrestS3KeySecret == "" { - backrestS3KeySecret = configs.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3KeySecret] + if backrestRepoConfig.BackrestS3Key != "" { + secret.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3Key] = []byte(backrestRepoConfig.BackrestS3Key) } - // determine if there is a CA override provided, and if not, use the default - // from the configuration - caCert := backrestRepoConfig.BackrestS3CA - if len(caCert) == 0 { - caCert = configs.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3CACert] + if len(secret.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3Key]) == 0 && + len(configs.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3Key]) != 0 { + secret.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3Key] = configs.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3Key] } - // set up the secret for the cluster that contains the pgBackRest information - secret := v1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: fmt.Sprintf("%s-%s", backrestRepoConfig.ClusterName, - config.LABEL_BACKREST_REPO_SECRET), - Labels: map[string]string{ - config.LABEL_VENDOR: config.LABEL_CRUNCHY, - config.LABEL_PG_CLUSTER: backrestRepoConfig.ClusterName, - config.LABEL_PGO_BACKREST_REPO: "true", - }, - }, - Data: map[string][]byte{ - BackRestRepoSecretKeyAWSS3KeyAWSS3CACert: caCert, - BackRestRepoSecretKeyAWSS3KeyAWSS3Key: backrestS3Key, - BackRestRepoSecretKeyAWSS3KeyAWSS3KeySecret: backrestS3KeySecret, - backRestRepoSecretKeyAuthorizedKeys: keys.Public, - backRestRepoSecretKeySSHConfig: configs.Data[backRestRepoSecretKeySSHConfig], - backRestRepoSecretKeySSHDConfig: configs.Data[backRestRepoSecretKeySSHDConfig], - backRestRepoSecretKeySSHPrivateKey: keys.Private, - backRestRepoSecretKeySSHHostPrivateKey: keys.Private, - }, + if backrestRepoConfig.BackrestS3KeySecret != "" { + secret.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3KeySecret] = []byte(backrestRepoConfig.BackrestS3KeySecret) } - _, err = clientset.CoreV1().Secrets(backrestRepoConfig.ClusterNamespace).Create(&secret) - if kubeapi.IsAlreadyExists(err) { - _, err = clientset.CoreV1().Secrets(backrestRepoConfig.ClusterNamespace).Update(&secret) + if len(secret.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3KeySecret]) == 0 && + len(configs.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3KeySecret]) != 0 { + secret.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3KeySecret] = configs.Data[BackRestRepoSecretKeyAWSS3KeyAWSS3KeySecret] } + + // time to create or update the secret! + if newSecret { + _, err := clientset.CoreV1().Secrets(backrestRepoConfig.ClusterNamespace).Create( + secret) + return err + } + + _, err := clientset.CoreV1().Secrets(backrestRepoConfig.ClusterNamespace).Update( + secret) + return err } diff --git a/internal/util/failover.go b/internal/util/failover.go index 87dadf51cf..ac711b644b 100644 --- a/internal/util/failover.go +++ b/internal/util/failover.go @@ -1,7 +1,7 @@ package util /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/util/pgbouncer.go b/internal/util/pgbouncer.go index 2fdd645126..219e771031 100644 --- a/internal/util/pgbouncer.go +++ b/internal/util/pgbouncer.go @@ -1,7 +1,7 @@ package util /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/util/policy.go b/internal/util/policy.go index 11f5a1563e..931e2b73cb 100644 --- a/internal/util/policy.go +++ b/internal/util/policy.go @@ -1,7 +1,7 @@ package util /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -40,8 +40,8 @@ import ( ) // ExecPolicy execute a sql policy against a cluster -func ExecPolicy(clientset kubeapi.Interface, restconfig *rest.Config, namespace, policyName, serviceName, port string) error { - //fetch the policy sql +func ExecPolicy(clientset kubeapi.Interface, restconfig *rest.Config, namespace, policyName, clusterName, port string) error { + // fetch the policy sql sql, err := GetPolicySQL(clientset, namespace, policyName) if err != nil { @@ -53,11 +53,10 @@ func ExecPolicy(clientset kubeapi.Interface, restconfig *rest.Config, namespace, stdin := strings.NewReader(sql) // now, we need to ensure we can get the Pod name of the primary PostgreSQL - // instance. Thname being passed in is actually the "serviceName" of the Pod - // We can isolate the exact Pod we want by using this (LABEL_SERVICE_NAME) and - // the LABEL_PGHA_ROLE labels + // instance. We can isolate the exact Pod we want by using the + // LABEL_PG_CLUSTER and LABEL_PGHA_ROLE labels selector := fmt.Sprintf("%s=%s,%s=%s", - config.LABEL_SERVICE_NAME, serviceName, + config.LABEL_PG_CLUSTER, clusterName, config.LABEL_PGHA_ROLE, config.LABEL_PGHA_ROLE_PRIMARY) podList, err := clientset.CoreV1().Pods(namespace).List(metav1.ListOptions{LabelSelector: selector}) diff --git a/internal/util/secrets.go b/internal/util/secrets.go index 1ef90e7bd6..e15d9e31c3 100644 --- a/internal/util/secrets.go +++ b/internal/util/secrets.go @@ -1,7 +1,7 @@ package util /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -45,6 +45,10 @@ const ( // passwordCharUpper is the highest ASCII character to use for generating a // password, which is 126 passwordCharUpper = 126 + // passwordCharExclude is a map of characters that we choose to exclude from + // the password to simplify usage in the shell. There is still enough entropy + // that exclusion of these characters is OK. + passwordCharExclude = "`\\" ) // passwordCharSelector is a "big int" that we need to select the random ASCII @@ -77,16 +81,24 @@ func CreateSecret(clientset kubernetes.Interface, db, secretName, username, pass // ASCII characters suitable for a password func GeneratePassword(length int) (string, error) { password := make([]byte, length) + i := 0 - for i := 0; i < length; i++ { - char, err := rand.Int(rand.Reader, passwordCharSelector) - + for i < length { + val, err := rand.Int(rand.Reader, passwordCharSelector) // if there is an error generating the random integer, return if err != nil { return "", err } - password[i] = byte(passwordCharLower + char.Int64()) + char := byte(passwordCharLower + val.Int64()) + + // if the character is in the exclusion list, continue + if idx := strings.IndexAny(string(char), passwordCharExclude); idx > -1 { + continue + } + + password[i] = char + i++ } return string(password), nil diff --git a/internal/util/secrets_test.go b/internal/util/secrets_test.go index 89cbcebac9..2754541d20 100644 --- a/internal/util/secrets_test.go +++ b/internal/util/secrets_test.go @@ -1,7 +1,7 @@ package util /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -23,7 +23,7 @@ import ( func TestGeneratePassword(t *testing.T) { // different lengths - for _, length := range []int{1, 2, 3, 5, 20} { + for _, length := range []int{1, 2, 3, 5, 20, 200} { password, err := GeneratePassword(length) if err != nil { t.Fatalf("expected no error, got %v", err) @@ -31,9 +31,12 @@ func TestGeneratePassword(t *testing.T) { if expected, actual := length, len(password); expected != actual { t.Fatalf("expected length %v, got %v", expected, actual) } - if i := strings.IndexFunc(password, unicode.IsPrint); i > 0 { + if i := strings.IndexFunc(password, func(r rune) bool { return !unicode.IsPrint(r) }); i > -1 { t.Fatalf("expected only printable characters, got %q in %q", password[i], password) } + if i := strings.IndexAny(password, passwordCharExclude); i > -1 { + t.Fatalf("expected no exclude characters, got %q in %q", password[i], password) + } } // random contents @@ -44,9 +47,12 @@ func TestGeneratePassword(t *testing.T) { if err != nil { t.Fatalf("expected no error, got %v", err) } - if i := strings.IndexFunc(password, unicode.IsPrint); i > 0 { + if i := strings.IndexFunc(password, func(r rune) bool { return !unicode.IsPrint(r) }); i > -1 { t.Fatalf("expected only printable characters, got %q in %q", password[i], password) } + if i := strings.IndexAny(password, passwordCharExclude); i > -1 { + t.Fatalf("expected no exclude characters, got %q in %q", password[i], password) + } for i := range previous { if password == previous[i] { diff --git a/internal/util/ssh.go b/internal/util/ssh.go index aa886bbca7..f811d970a3 100644 --- a/internal/util/ssh.go +++ b/internal/util/ssh.go @@ -1,7 +1,7 @@ package util /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/internal/util/util.go b/internal/util/util.go index bff3802c63..b0b2f4831c 100644 --- a/internal/util/util.go +++ b/internal/util/util.go @@ -1,7 +1,7 @@ package util /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -20,6 +20,7 @@ import ( "errors" "fmt" "math/rand" + "regexp" "strings" "time" @@ -45,6 +46,10 @@ type JSONPatchOperation struct { Value interface{} `json:"value"` } +// gisImageTagRegex is a regular expression designed to match the standard image tag for +// the crunchy-postgres-gis-ha container +var gisImageTagRegex = regexp.MustCompile(`(.+-[\d|\.]+)-[\d|\.]+?(-[\d|\.]+.*)`) + func init() { rand.Seed(time.Now().UnixNano()) @@ -203,6 +208,20 @@ func GetSecretPassword(clientset kubernetes.Interface, db, suffix, Namespace str } +// GetStandardImageTag takes the current image name and the image tag value +// stored in the pgcluster CRD and, if the image being used is the +// crunchy-postgres-gis-ha container with the corresponding tag, it returns +// the tag without the addition of the GIS version. This tag value can then +// be used when provisioning containers using the standard containers tag. +func GetStandardImageTag(imageName, imageTag string) string { + + if imageName == "crunchy-postgres-gis-ha" && strings.Count(imageTag, "-") > 2 { + return gisImageTagRegex.ReplaceAllString(imageTag, "$1$2") + } + + return imageTag +} + // RandStringBytesRmndr ... func RandStringBytesRmndr(n int) string { b := make([]byte, n) diff --git a/internal/util/util_test.go b/internal/util/util_test.go new file mode 100644 index 0000000000..ba02d48987 --- /dev/null +++ b/internal/util/util_test.go @@ -0,0 +1,75 @@ +package util + +import "testing" + +func TestGetStandardImageTag(t *testing.T) { + + assertCorrectMessage := func(t testing.TB, got, want string) { + t.Helper() + if got != want { + t.Errorf("got %q want %q", got, want) + } + } + + imageTagTests := []struct { + description string + imageName string + imageTag string + expected string + }{ + { + "image: crunchy-postgres-ha, tag: ubi8-12.4-4.5.0", + "crunchy-postgres-ha", + "ubi8-12.4-4.5.0", + "ubi8-12.4-4.5.0", + }, { + "image: crunchy-postgres-gis-ha, tag: ubi8-12.4-3.0-4.5.0", + "crunchy-postgres-gis-ha", + "ubi8-12.4-3.0-4.5.0", + "ubi8-12.4-4.5.0", + }, { + "image: crunchy-postgres-ha, tag: ubi8-12.4-4.5.0-beta.1", + "crunchy-postgres-ha", + "ubi8-12.4-4.5.0-beta.1", + "ubi8-12.4-4.5.0-beta.1", + }, { + "image: crunchy-postgres-gis-ha, tag: ubi8-12.4-3.0-4.5.0-beta.2", + "crunchy-postgres-gis-ha", + "ubi8-12.4-3.0-4.5.0-beta.2", + "ubi8-12.4-4.5.0-beta.2", + }, { + "image: crunchy-postgres-ha, tag: ubi8-9.5.23-4.5.0-rc.1", + "crunchy-postgres-ha", + "ubi8-9.5.23-4.5.0-rc.1", + "ubi8-9.5.23-4.5.0-rc.1", + }, { + "image: crunchy-postgres-gis-ha, tag: ubi8-9.5.23-2.4-4.5.0-rc.1", + "crunchy-postgres-gis-ha", + "ubi8-9.5.23-2.4-4.5.0-rc.1", + "ubi8-9.5.23-4.5.0-rc.1", + }, { + "image: crunchy-postgres-gis-ha, tag: ubi8-13.0-3.0-4.5.0-rc.1", + "crunchy-postgres-gis-ha", + "ubi8-13.0-3.0-4.5.0-rc.1", + "ubi8-13.0-4.5.0-rc.1", + }, { + "image: crunchy-postgres-gis-ha, tag: ubi8-custom123", + "crunchy-postgres-gis-ha", + "ubi8-custom123", + "ubi8-custom123", + }, { + "image: crunchy-postgres-gis-ha, tag: ubi8-custom123-moreinfo-789", + "crunchy-postgres-gis-ha", + "ubi8-custom123-moreinfo-789", + "ubi8-custom123-moreinfo-789", + }, + } + + for _, itt := range imageTagTests { + t.Run(itt.description, func(t *testing.T) { + got := GetStandardImageTag(itt.imageName, itt.imageTag) + want := itt.expected + assertCorrectMessage(t, got, want) + }) + } +} diff --git a/redhat/licenses/LICENSE.txt b/licenses/LICENSE.txt similarity index 100% rename from redhat/licenses/LICENSE.txt rename to licenses/LICENSE.txt diff --git a/licenses/github.com/PuerkitoBio/purell/LICENSE b/licenses/github.com/PuerkitoBio/purell/LICENSE deleted file mode 100644 index 4b9986dea7..0000000000 --- a/licenses/github.com/PuerkitoBio/purell/LICENSE +++ /dev/null @@ -1,12 +0,0 @@ -Copyright (c) 2012, Martin Angers -All rights reserved. - -Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - -* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - -* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - -* Neither the name of the author nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/licenses/github.com/PuerkitoBio/urlesc/LICENSE b/licenses/github.com/PuerkitoBio/urlesc/LICENSE deleted file mode 100644 index 7448756763..0000000000 --- a/licenses/github.com/PuerkitoBio/urlesc/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2012 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/licenses/github.com/cpuguy83/go-md2man/LICENSE.md b/licenses/github.com/cpuguy83/go-md2man/LICENSE.md deleted file mode 100644 index 1cade6cef6..0000000000 --- a/licenses/github.com/cpuguy83/go-md2man/LICENSE.md +++ /dev/null @@ -1,21 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2014 Brian Goff - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/licenses/github.com/davecgh/go-spew/LICENSE b/licenses/github.com/davecgh/go-spew/LICENSE deleted file mode 100644 index bc52e96f2b..0000000000 --- a/licenses/github.com/davecgh/go-spew/LICENSE +++ /dev/null @@ -1,15 +0,0 @@ -ISC License - -Copyright (c) 2012-2016 Dave Collins - -Permission to use, copy, modify, and/or distribute this software for any -purpose with or without fee is hereby granted, provided that the above -copyright notice and this permission notice appear in all copies. - -THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/licenses/github.com/docker/spdystream/LICENSE b/licenses/github.com/docker/spdystream/LICENSE deleted file mode 100644 index 9e4bd4dbee..0000000000 --- a/licenses/github.com/docker/spdystream/LICENSE +++ /dev/null @@ -1,191 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - Copyright 2014-2015 Docker, Inc. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/licenses/github.com/emicklei/go-restful/LICENSE b/licenses/github.com/emicklei/go-restful/LICENSE deleted file mode 100644 index ece7ec61ef..0000000000 --- a/licenses/github.com/emicklei/go-restful/LICENSE +++ /dev/null @@ -1,22 +0,0 @@ -Copyright (c) 2012,2013 Ernest Micklei - -MIT License - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND -NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE -LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION -WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. \ No newline at end of file diff --git a/licenses/github.com/evanphx/json-patch/LICENSE b/licenses/github.com/evanphx/json-patch/LICENSE deleted file mode 100644 index 0eb9b72d84..0000000000 --- a/licenses/github.com/evanphx/json-patch/LICENSE +++ /dev/null @@ -1,25 +0,0 @@ -Copyright (c) 2014, Evan Phoenix -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - -* Redistributions of source code must retain the above copyright notice, this - list of conditions and the following disclaimer. -* Redistributions in binary form must reproduce the above copyright notice - this list of conditions and the following disclaimer in the documentation - and/or other materials provided with the distribution. -* Neither the name of the Evan Phoenix nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/licenses/github.com/fatih/color/LICENSE.md b/licenses/github.com/fatih/color/LICENSE.md deleted file mode 100644 index 25fdaf639d..0000000000 --- a/licenses/github.com/fatih/color/LICENSE.md +++ /dev/null @@ -1,20 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2013 Fatih Arslan - -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software is furnished to do so, -subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/licenses/github.com/ghodss/yaml/LICENSE b/licenses/github.com/ghodss/yaml/LICENSE deleted file mode 100644 index 7805d36de7..0000000000 --- a/licenses/github.com/ghodss/yaml/LICENSE +++ /dev/null @@ -1,50 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2014 Sam Ghods - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. - - -Copyright (c) 2012 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/licenses/github.com/go-openapi/jsonpointer/LICENSE b/licenses/github.com/go-openapi/jsonpointer/LICENSE deleted file mode 100644 index d645695673..0000000000 --- a/licenses/github.com/go-openapi/jsonpointer/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/licenses/github.com/go-openapi/jsonreference/LICENSE b/licenses/github.com/go-openapi/jsonreference/LICENSE deleted file mode 100644 index d645695673..0000000000 --- a/licenses/github.com/go-openapi/jsonreference/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/licenses/github.com/go-openapi/spec/LICENSE b/licenses/github.com/go-openapi/spec/LICENSE deleted file mode 100644 index d645695673..0000000000 --- a/licenses/github.com/go-openapi/spec/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/licenses/github.com/go-openapi/swag/LICENSE b/licenses/github.com/go-openapi/swag/LICENSE deleted file mode 100644 index d645695673..0000000000 --- a/licenses/github.com/go-openapi/swag/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/licenses/github.com/gogo/protobuf/LICENSE b/licenses/github.com/gogo/protobuf/LICENSE deleted file mode 100644 index 7be0cc7b62..0000000000 --- a/licenses/github.com/gogo/protobuf/LICENSE +++ /dev/null @@ -1,36 +0,0 @@ -Protocol Buffers for Go with Gadgets - -Copyright (c) 2013, The GoGo Authors. All rights reserved. -http://github.com/gogo/protobuf - -Go support for Protocol Buffers - Google's data interchange format - -Copyright 2010 The Go Authors. All rights reserved. -https://github.com/golang/protobuf - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - diff --git a/licenses/github.com/golang/glog/LICENSE b/licenses/github.com/golang/glog/LICENSE deleted file mode 100644 index 37ec93a14f..0000000000 --- a/licenses/github.com/golang/glog/LICENSE +++ /dev/null @@ -1,191 +0,0 @@ -Apache License -Version 2.0, January 2004 -http://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - -"License" shall mean the terms and conditions for use, reproduction, and -distribution as defined by Sections 1 through 9 of this document. - -"Licensor" shall mean the copyright owner or entity authorized by the copyright -owner that is granting the License. - -"Legal Entity" shall mean the union of the acting entity and all other entities -that control, are controlled by, or are under common control with that entity. -For the purposes of this definition, "control" means (i) the power, direct or -indirect, to cause the direction or management of such entity, whether by -contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the -outstanding shares, or (iii) beneficial ownership of such entity. - -"You" (or "Your") shall mean an individual or Legal Entity exercising -permissions granted by this License. - -"Source" form shall mean the preferred form for making modifications, including -but not limited to software source code, documentation source, and configuration -files. - -"Object" form shall mean any form resulting from mechanical transformation or -translation of a Source form, including but not limited to compiled object code, -generated documentation, and conversions to other media types. - -"Work" shall mean the work of authorship, whether in Source or Object form, made -available under the License, as indicated by a copyright notice that is included -in or attached to the work (an example is provided in the Appendix below). - -"Derivative Works" shall mean any work, whether in Source or Object form, that -is based on (or derived from) the Work and for which the editorial revisions, -annotations, elaborations, or other modifications represent, as a whole, an -original work of authorship. For the purposes of this License, Derivative Works -shall not include works that remain separable from, or merely link (or bind by -name) to the interfaces of, the Work and Derivative Works thereof. - -"Contribution" shall mean any work of authorship, including the original version -of the Work and any modifications or additions to that Work or Derivative Works -thereof, that is intentionally submitted to Licensor for inclusion in the Work -by the copyright owner or by an individual or Legal Entity authorized to submit -on behalf of the copyright owner. For the purposes of this definition, -"submitted" means any form of electronic, verbal, or written communication sent -to the Licensor or its representatives, including but not limited to -communication on electronic mailing lists, source code control systems, and -issue tracking systems that are managed by, or on behalf of, the Licensor for -the purpose of discussing and improving the Work, but excluding communication -that is conspicuously marked or otherwise designated in writing by the copyright -owner as "Not a Contribution." - -"Contributor" shall mean Licensor and any individual or Legal Entity on behalf -of whom a Contribution has been received by Licensor and subsequently -incorporated within the Work. - -2. Grant of Copyright License. - -Subject to the terms and conditions of this License, each Contributor hereby -grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, -irrevocable copyright license to reproduce, prepare Derivative Works of, -publicly display, publicly perform, sublicense, and distribute the Work and such -Derivative Works in Source or Object form. - -3. Grant of Patent License. - -Subject to the terms and conditions of this License, each Contributor hereby -grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, -irrevocable (except as stated in this section) patent license to make, have -made, use, offer to sell, sell, import, and otherwise transfer the Work, where -such license applies only to those patent claims licensable by such Contributor -that are necessarily infringed by their Contribution(s) alone or by combination -of their Contribution(s) with the Work to which such Contribution(s) was -submitted. If You institute patent litigation against any entity (including a -cross-claim or counterclaim in a lawsuit) alleging that the Work or a -Contribution incorporated within the Work constitutes direct or contributory -patent infringement, then any patent licenses granted to You under this License -for that Work shall terminate as of the date such litigation is filed. - -4. Redistribution. - -You may reproduce and distribute copies of the Work or Derivative Works thereof -in any medium, with or without modifications, and in Source or Object form, -provided that You meet the following conditions: - -You must give any other recipients of the Work or Derivative Works a copy of -this License; and -You must cause any modified files to carry prominent notices stating that You -changed the files; and -You must retain, in the Source form of any Derivative Works that You distribute, -all copyright, patent, trademark, and attribution notices from the Source form -of the Work, excluding those notices that do not pertain to any part of the -Derivative Works; and -If the Work includes a "NOTICE" text file as part of its distribution, then any -Derivative Works that You distribute must include a readable copy of the -attribution notices contained within such NOTICE file, excluding those notices -that do not pertain to any part of the Derivative Works, in at least one of the -following places: within a NOTICE text file distributed as part of the -Derivative Works; within the Source form or documentation, if provided along -with the Derivative Works; or, within a display generated by the Derivative -Works, if and wherever such third-party notices normally appear. The contents of -the NOTICE file are for informational purposes only and do not modify the -License. You may add Your own attribution notices within Derivative Works that -You distribute, alongside or as an addendum to the NOTICE text from the Work, -provided that such additional attribution notices cannot be construed as -modifying the License. -You may add Your own copyright statement to Your modifications and may provide -additional or different license terms and conditions for use, reproduction, or -distribution of Your modifications, or for any such Derivative Works as a whole, -provided Your use, reproduction, and distribution of the Work otherwise complies -with the conditions stated in this License. - -5. Submission of Contributions. - -Unless You explicitly state otherwise, any Contribution intentionally submitted -for inclusion in the Work by You to the Licensor shall be under the terms and -conditions of this License, without any additional terms or conditions. -Notwithstanding the above, nothing herein shall supersede or modify the terms of -any separate license agreement you may have executed with Licensor regarding -such Contributions. - -6. Trademarks. - -This License does not grant permission to use the trade names, trademarks, -service marks, or product names of the Licensor, except as required for -reasonable and customary use in describing the origin of the Work and -reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. - -Unless required by applicable law or agreed to in writing, Licensor provides the -Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, -including, without limitation, any warranties or conditions of TITLE, -NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are -solely responsible for determining the appropriateness of using or -redistributing the Work and assume any risks associated with Your exercise of -permissions under this License. - -8. Limitation of Liability. - -In no event and under no legal theory, whether in tort (including negligence), -contract, or otherwise, unless required by applicable law (such as deliberate -and grossly negligent acts) or agreed to in writing, shall any Contributor be -liable to You for damages, including any direct, indirect, special, incidental, -or consequential damages of any character arising as a result of this License or -out of the use or inability to use the Work (including but not limited to -damages for loss of goodwill, work stoppage, computer failure or malfunction, or -any and all other commercial damages or losses), even if such Contributor has -been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. - -While redistributing the Work or Derivative Works thereof, You may choose to -offer, and charge a fee for, acceptance of support, warranty, indemnity, or -other liability obligations and/or rights consistent with this License. However, -in accepting such obligations, You may act only on Your own behalf and on Your -sole responsibility, not on behalf of any other Contributor, and only if You -agree to indemnify, defend, and hold each Contributor harmless for any liability -incurred by, or claims asserted against, such Contributor by reason of your -accepting any such warranty or additional liability. - -END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work - -To apply the Apache License to your work, attach the following boilerplate -notice, with the fields enclosed by brackets "[]" replaced with your own -identifying information. (Don't include the brackets!) The text should be -enclosed in the appropriate comment syntax for the file format. We also -recommend that a file or class name and description of purpose be included on -the same "printed page" as the copyright notice for easier identification within -third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/licenses/github.com/golang/protobuf/LICENSE b/licenses/github.com/golang/protobuf/LICENSE deleted file mode 100644 index 0f646931a4..0000000000 --- a/licenses/github.com/golang/protobuf/LICENSE +++ /dev/null @@ -1,28 +0,0 @@ -Copyright 2010 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - diff --git a/licenses/github.com/google/btree/LICENSE b/licenses/github.com/google/btree/LICENSE deleted file mode 100644 index d645695673..0000000000 --- a/licenses/github.com/google/btree/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/licenses/github.com/google/gofuzz/LICENSE b/licenses/github.com/google/gofuzz/LICENSE deleted file mode 100644 index d645695673..0000000000 --- a/licenses/github.com/google/gofuzz/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/licenses/github.com/googleapis/gnostic/LICENSE b/licenses/github.com/googleapis/gnostic/LICENSE deleted file mode 100644 index 6b0b1270ff..0000000000 --- a/licenses/github.com/googleapis/gnostic/LICENSE +++ /dev/null @@ -1,203 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - diff --git a/licenses/github.com/gorilla/context/LICENSE b/licenses/github.com/gorilla/context/LICENSE deleted file mode 100644 index 0e5fb87280..0000000000 --- a/licenses/github.com/gorilla/context/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2012 Rodrigo Moraes. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/licenses/github.com/gorilla/mux/LICENSE b/licenses/github.com/gorilla/mux/LICENSE deleted file mode 100644 index 0e5fb87280..0000000000 --- a/licenses/github.com/gorilla/mux/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2012 Rodrigo Moraes. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/licenses/github.com/gregjones/httpcache/LICENSE.txt b/licenses/github.com/gregjones/httpcache/LICENSE.txt deleted file mode 100644 index 81316beb0c..0000000000 --- a/licenses/github.com/gregjones/httpcache/LICENSE.txt +++ /dev/null @@ -1,7 +0,0 @@ -Copyright © 2012 Greg Jones (greg.jones@gmail.com) - -Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. \ No newline at end of file diff --git a/licenses/github.com/hashicorp/golang-lru/LICENSE b/licenses/github.com/hashicorp/golang-lru/LICENSE deleted file mode 100644 index be2cc4dfb6..0000000000 --- a/licenses/github.com/hashicorp/golang-lru/LICENSE +++ /dev/null @@ -1,362 +0,0 @@ -Mozilla Public License, version 2.0 - -1. Definitions - -1.1. "Contributor" - - means each individual or legal entity that creates, contributes to the - creation of, or owns Covered Software. - -1.2. "Contributor Version" - - means the combination of the Contributions of others (if any) used by a - Contributor and that particular Contributor's Contribution. - -1.3. "Contribution" - - means Covered Software of a particular Contributor. - -1.4. "Covered Software" - - means Source Code Form to which the initial Contributor has attached the - notice in Exhibit A, the Executable Form of such Source Code Form, and - Modifications of such Source Code Form, in each case including portions - thereof. - -1.5. "Incompatible With Secondary Licenses" - means - - a. that the initial Contributor has attached the notice described in - Exhibit B to the Covered Software; or - - b. that the Covered Software was made available under the terms of - version 1.1 or earlier of the License, but not also under the terms of - a Secondary License. - -1.6. "Executable Form" - - means any form of the work other than Source Code Form. - -1.7. "Larger Work" - - means a work that combines Covered Software with other material, in a - separate file or files, that is not Covered Software. - -1.8. "License" - - means this document. - -1.9. "Licensable" - - means having the right to grant, to the maximum extent possible, whether - at the time of the initial grant or subsequently, any and all of the - rights conveyed by this License. - -1.10. "Modifications" - - means any of the following: - - a. any file in Source Code Form that results from an addition to, - deletion from, or modification of the contents of Covered Software; or - - b. any new file in Source Code Form that contains any Covered Software. - -1.11. "Patent Claims" of a Contributor - - means any patent claim(s), including without limitation, method, - process, and apparatus claims, in any patent Licensable by such - Contributor that would be infringed, but for the grant of the License, - by the making, using, selling, offering for sale, having made, import, - or transfer of either its Contributions or its Contributor Version. - -1.12. "Secondary License" - - means either the GNU General Public License, Version 2.0, the GNU Lesser - General Public License, Version 2.1, the GNU Affero General Public - License, Version 3.0, or any later versions of those licenses. - -1.13. "Source Code Form" - - means the form of the work preferred for making modifications. - -1.14. "You" (or "Your") - - means an individual or a legal entity exercising rights under this - License. For legal entities, "You" includes any entity that controls, is - controlled by, or is under common control with You. For purposes of this - definition, "control" means (a) the power, direct or indirect, to cause - the direction or management of such entity, whether by contract or - otherwise, or (b) ownership of more than fifty percent (50%) of the - outstanding shares or beneficial ownership of such entity. - - -2. License Grants and Conditions - -2.1. Grants - - Each Contributor hereby grants You a world-wide, royalty-free, - non-exclusive license: - - a. under intellectual property rights (other than patent or trademark) - Licensable by such Contributor to use, reproduce, make available, - modify, display, perform, distribute, and otherwise exploit its - Contributions, either on an unmodified basis, with Modifications, or - as part of a Larger Work; and - - b. under Patent Claims of such Contributor to make, use, sell, offer for - sale, have made, import, and otherwise transfer either its - Contributions or its Contributor Version. - -2.2. Effective Date - - The licenses granted in Section 2.1 with respect to any Contribution - become effective for each Contribution on the date the Contributor first - distributes such Contribution. - -2.3. Limitations on Grant Scope - - The licenses granted in this Section 2 are the only rights granted under - this License. No additional rights or licenses will be implied from the - distribution or licensing of Covered Software under this License. - Notwithstanding Section 2.1(b) above, no patent license is granted by a - Contributor: - - a. for any code that a Contributor has removed from Covered Software; or - - b. for infringements caused by: (i) Your and any other third party's - modifications of Covered Software, or (ii) the combination of its - Contributions with other software (except as part of its Contributor - Version); or - - c. under Patent Claims infringed by Covered Software in the absence of - its Contributions. - - This License does not grant any rights in the trademarks, service marks, - or logos of any Contributor (except as may be necessary to comply with - the notice requirements in Section 3.4). - -2.4. Subsequent Licenses - - No Contributor makes additional grants as a result of Your choice to - distribute the Covered Software under a subsequent version of this - License (see Section 10.2) or under the terms of a Secondary License (if - permitted under the terms of Section 3.3). - -2.5. Representation - - Each Contributor represents that the Contributor believes its - Contributions are its original creation(s) or it has sufficient rights to - grant the rights to its Contributions conveyed by this License. - -2.6. Fair Use - - This License is not intended to limit any rights You have under - applicable copyright doctrines of fair use, fair dealing, or other - equivalents. - -2.7. Conditions - - Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in - Section 2.1. - - -3. Responsibilities - -3.1. Distribution of Source Form - - All distribution of Covered Software in Source Code Form, including any - Modifications that You create or to which You contribute, must be under - the terms of this License. You must inform recipients that the Source - Code Form of the Covered Software is governed by the terms of this - License, and how they can obtain a copy of this License. You may not - attempt to alter or restrict the recipients' rights in the Source Code - Form. - -3.2. Distribution of Executable Form - - If You distribute Covered Software in Executable Form then: - - a. such Covered Software must also be made available in Source Code Form, - as described in Section 3.1, and You must inform recipients of the - Executable Form how they can obtain a copy of such Source Code Form by - reasonable means in a timely manner, at a charge no more than the cost - of distribution to the recipient; and - - b. You may distribute such Executable Form under the terms of this - License, or sublicense it under different terms, provided that the - license for the Executable Form does not attempt to limit or alter the - recipients' rights in the Source Code Form under this License. - -3.3. Distribution of a Larger Work - - You may create and distribute a Larger Work under terms of Your choice, - provided that You also comply with the requirements of this License for - the Covered Software. If the Larger Work is a combination of Covered - Software with a work governed by one or more Secondary Licenses, and the - Covered Software is not Incompatible With Secondary Licenses, this - License permits You to additionally distribute such Covered Software - under the terms of such Secondary License(s), so that the recipient of - the Larger Work may, at their option, further distribute the Covered - Software under the terms of either this License or such Secondary - License(s). - -3.4. Notices - - You may not remove or alter the substance of any license notices - (including copyright notices, patent notices, disclaimers of warranty, or - limitations of liability) contained within the Source Code Form of the - Covered Software, except that You may alter any license notices to the - extent required to remedy known factual inaccuracies. - -3.5. Application of Additional Terms - - You may choose to offer, and to charge a fee for, warranty, support, - indemnity or liability obligations to one or more recipients of Covered - Software. However, You may do so only on Your own behalf, and not on - behalf of any Contributor. You must make it absolutely clear that any - such warranty, support, indemnity, or liability obligation is offered by - You alone, and You hereby agree to indemnify every Contributor for any - liability incurred by such Contributor as a result of warranty, support, - indemnity or liability terms You offer. You may include additional - disclaimers of warranty and limitations of liability specific to any - jurisdiction. - -4. Inability to Comply Due to Statute or Regulation - - If it is impossible for You to comply with any of the terms of this License - with respect to some or all of the Covered Software due to statute, - judicial order, or regulation then You must: (a) comply with the terms of - this License to the maximum extent possible; and (b) describe the - limitations and the code they affect. Such description must be placed in a - text file included with all distributions of the Covered Software under - this License. Except to the extent prohibited by statute or regulation, - such description must be sufficiently detailed for a recipient of ordinary - skill to be able to understand it. - -5. Termination - -5.1. The rights granted under this License will terminate automatically if You - fail to comply with any of its terms. However, if You become compliant, - then the rights granted under this License from a particular Contributor - are reinstated (a) provisionally, unless and until such Contributor - explicitly and finally terminates Your grants, and (b) on an ongoing - basis, if such Contributor fails to notify You of the non-compliance by - some reasonable means prior to 60 days after You have come back into - compliance. Moreover, Your grants from a particular Contributor are - reinstated on an ongoing basis if such Contributor notifies You of the - non-compliance by some reasonable means, this is the first time You have - received notice of non-compliance with this License from such - Contributor, and You become compliant prior to 30 days after Your receipt - of the notice. - -5.2. If You initiate litigation against any entity by asserting a patent - infringement claim (excluding declaratory judgment actions, - counter-claims, and cross-claims) alleging that a Contributor Version - directly or indirectly infringes any patent, then the rights granted to - You by any and all Contributors for the Covered Software under Section - 2.1 of this License shall terminate. - -5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user - license agreements (excluding distributors and resellers) which have been - validly granted by You or Your distributors under this License prior to - termination shall survive termination. - -6. Disclaimer of Warranty - - Covered Software is provided under this License on an "as is" basis, - without warranty of any kind, either expressed, implied, or statutory, - including, without limitation, warranties that the Covered Software is free - of defects, merchantable, fit for a particular purpose or non-infringing. - The entire risk as to the quality and performance of the Covered Software - is with You. Should any Covered Software prove defective in any respect, - You (not any Contributor) assume the cost of any necessary servicing, - repair, or correction. This disclaimer of warranty constitutes an essential - part of this License. No use of any Covered Software is authorized under - this License except under this disclaimer. - -7. Limitation of Liability - - Under no circumstances and under no legal theory, whether tort (including - negligence), contract, or otherwise, shall any Contributor, or anyone who - distributes Covered Software as permitted above, be liable to You for any - direct, indirect, special, incidental, or consequential damages of any - character including, without limitation, damages for lost profits, loss of - goodwill, work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses, even if such party shall have been - informed of the possibility of such damages. This limitation of liability - shall not apply to liability for death or personal injury resulting from - such party's negligence to the extent applicable law prohibits such - limitation. Some jurisdictions do not allow the exclusion or limitation of - incidental or consequential damages, so this exclusion and limitation may - not apply to You. - -8. Litigation - - Any litigation relating to this License may be brought only in the courts - of a jurisdiction where the defendant maintains its principal place of - business and such litigation shall be governed by laws of that - jurisdiction, without reference to its conflict-of-law provisions. Nothing - in this Section shall prevent a party's ability to bring cross-claims or - counter-claims. - -9. Miscellaneous - - This License represents the complete agreement concerning the subject - matter hereof. If any provision of this License is held to be - unenforceable, such provision shall be reformed only to the extent - necessary to make it enforceable. Any law or regulation which provides that - the language of a contract shall be construed against the drafter shall not - be used to construe this License against a Contributor. - - -10. Versions of the License - -10.1. New Versions - - Mozilla Foundation is the license steward. Except as provided in Section - 10.3, no one other than the license steward has the right to modify or - publish new versions of this License. Each version will be given a - distinguishing version number. - -10.2. Effect of New Versions - - You may distribute the Covered Software under the terms of the version - of the License under which You originally received the Covered Software, - or under the terms of any subsequent version published by the license - steward. - -10.3. Modified Versions - - If you create software not governed by this License, and you want to - create a new license for such software, you may create and use a - modified version of this License if you rename the license and remove - any references to the name of the license steward (except to note that - such modified license differs from this License). - -10.4. Distributing Source Code Form that is Incompatible With Secondary - Licenses If You choose to distribute Source Code Form that is - Incompatible With Secondary Licenses under the terms of this version of - the License, the notice described in Exhibit B of this License must be - attached. - -Exhibit A - Source Code Form License Notice - - This Source Code Form is subject to the - terms of the Mozilla Public License, v. - 2.0. If a copy of the MPL was not - distributed with this file, You can - obtain one at - http://mozilla.org/MPL/2.0/. - -If it is not possible or desirable to put the notice in a particular file, -then You may include the notice in a location (such as a LICENSE file in a -relevant directory) where a recipient would be likely to look for such a -notice. - -You may add additional accurate notices of copyright ownership. - -Exhibit B - "Incompatible With Secondary Licenses" Notice - - This Source Code Form is "Incompatible - With Secondary Licenses", as defined by - the Mozilla Public License, v. 2.0. diff --git a/licenses/github.com/howeyc/gopass/LICENSE.txt b/licenses/github.com/howeyc/gopass/LICENSE.txt deleted file mode 100644 index 14f74708a4..0000000000 --- a/licenses/github.com/howeyc/gopass/LICENSE.txt +++ /dev/null @@ -1,15 +0,0 @@ -ISC License - -Copyright (c) 2012 Chris Howey - -Permission to use, copy, modify, and distribute this software for any -purpose with or without fee is hereby granted, provided that the above -copyright notice and this permission notice appear in all copies. - -THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/licenses/github.com/howeyc/gopass/OPENSOLARIS.LICENSE b/licenses/github.com/howeyc/gopass/OPENSOLARIS.LICENSE deleted file mode 100644 index da23621dc8..0000000000 --- a/licenses/github.com/howeyc/gopass/OPENSOLARIS.LICENSE +++ /dev/null @@ -1,384 +0,0 @@ -Unless otherwise noted, all files in this distribution are released -under the Common Development and Distribution License (CDDL). -Exceptions are noted within the associated source files. - --------------------------------------------------------------------- - - -COMMON DEVELOPMENT AND DISTRIBUTION LICENSE Version 1.0 - -1. Definitions. - - 1.1. "Contributor" means each individual or entity that creates - or contributes to the creation of Modifications. - - 1.2. "Contributor Version" means the combination of the Original - Software, prior Modifications used by a Contributor (if any), - and the Modifications made by that particular Contributor. - - 1.3. "Covered Software" means (a) the Original Software, or (b) - Modifications, or (c) the combination of files containing - Original Software with files containing Modifications, in - each case including portions thereof. - - 1.4. "Executable" means the Covered Software in any form other - than Source Code. - - 1.5. "Initial Developer" means the individual or entity that first - makes Original Software available under this License. - - 1.6. "Larger Work" means a work which combines Covered Software or - portions thereof with code not governed by the terms of this - License. - - 1.7. "License" means this document. - - 1.8. "Licensable" means having the right to grant, to the maximum - extent possible, whether at the time of the initial grant or - subsequently acquired, any and all of the rights conveyed - herein. - - 1.9. "Modifications" means the Source Code and Executable form of - any of the following: - - A. Any file that results from an addition to, deletion from or - modification of the contents of a file containing Original - Software or previous Modifications; - - B. Any new file that contains any part of the Original - Software or previous Modifications; or - - C. Any new file that is contributed or otherwise made - available under the terms of this License. - - 1.10. "Original Software" means the Source Code and Executable - form of computer software code that is originally released - under this License. - - 1.11. "Patent Claims" means any patent claim(s), now owned or - hereafter acquired, including without limitation, method, - process, and apparatus claims, in any patent Licensable by - grantor. - - 1.12. "Source Code" means (a) the common form of computer software - code in which modifications are made and (b) associated - documentation included in or with such code. - - 1.13. "You" (or "Your") means an individual or a legal entity - exercising rights under, and complying with all of the terms - of, this License. For legal entities, "You" includes any - entity which controls, is controlled by, or is under common - control with You. For purposes of this definition, - "control" means (a) the power, direct or indirect, to cause - the direction or management of such entity, whether by - contract or otherwise, or (b) ownership of more than fifty - percent (50%) of the outstanding shares or beneficial - ownership of such entity. - -2. License Grants. - - 2.1. The Initial Developer Grant. - - Conditioned upon Your compliance with Section 3.1 below and - subject to third party intellectual property claims, the Initial - Developer hereby grants You a world-wide, royalty-free, - non-exclusive license: - - (a) under intellectual property rights (other than patent or - trademark) Licensable by Initial Developer, to use, - reproduce, modify, display, perform, sublicense and - distribute the Original Software (or portions thereof), - with or without Modifications, and/or as part of a Larger - Work; and - - (b) under Patent Claims infringed by the making, using or - selling of Original Software, to make, have made, use, - practice, sell, and offer for sale, and/or otherwise - dispose of the Original Software (or portions thereof). - - (c) The licenses granted in Sections 2.1(a) and (b) are - effective on the date Initial Developer first distributes - or otherwise makes the Original Software available to a - third party under the terms of this License. - - (d) Notwithstanding Section 2.1(b) above, no patent license is - granted: (1) for code that You delete from the Original - Software, or (2) for infringements caused by: (i) the - modification of the Original Software, or (ii) the - combination of the Original Software with other software - or devices. - - 2.2. Contributor Grant. - - Conditioned upon Your compliance with Section 3.1 below and - subject to third party intellectual property claims, each - Contributor hereby grants You a world-wide, royalty-free, - non-exclusive license: - - (a) under intellectual property rights (other than patent or - trademark) Licensable by Contributor to use, reproduce, - modify, display, perform, sublicense and distribute the - Modifications created by such Contributor (or portions - thereof), either on an unmodified basis, with other - Modifications, as Covered Software and/or as part of a - Larger Work; and - - (b) under Patent Claims infringed by the making, using, or - selling of Modifications made by that Contributor either - alone and/or in combination with its Contributor Version - (or portions of such combination), to make, use, sell, - offer for sale, have made, and/or otherwise dispose of: - (1) Modifications made by that Contributor (or portions - thereof); and (2) the combination of Modifications made by - that Contributor with its Contributor Version (or portions - of such combination). - - (c) The licenses granted in Sections 2.2(a) and 2.2(b) are - effective on the date Contributor first distributes or - otherwise makes the Modifications available to a third - party. - - (d) Notwithstanding Section 2.2(b) above, no patent license is - granted: (1) for any code that Contributor has deleted - from the Contributor Version; (2) for infringements caused - by: (i) third party modifications of Contributor Version, - or (ii) the combination of Modifications made by that - Contributor with other software (except as part of the - Contributor Version) or other devices; or (3) under Patent - Claims infringed by Covered Software in the absence of - Modifications made by that Contributor. - -3. Distribution Obligations. - - 3.1. Availability of Source Code. - - Any Covered Software that You distribute or otherwise make - available in Executable form must also be made available in Source - Code form and that Source Code form must be distributed only under - the terms of this License. You must include a copy of this - License with every copy of the Source Code form of the Covered - Software You distribute or otherwise make available. You must - inform recipients of any such Covered Software in Executable form - as to how they can obtain such Covered Software in Source Code - form in a reasonable manner on or through a medium customarily - used for software exchange. - - 3.2. Modifications. - - The Modifications that You create or to which You contribute are - governed by the terms of this License. You represent that You - believe Your Modifications are Your original creation(s) and/or - You have sufficient rights to grant the rights conveyed by this - License. - - 3.3. Required Notices. - - You must include a notice in each of Your Modifications that - identifies You as the Contributor of the Modification. You may - not remove or alter any copyright, patent or trademark notices - contained within the Covered Software, or any notices of licensing - or any descriptive text giving attribution to any Contributor or - the Initial Developer. - - 3.4. Application of Additional Terms. - - You may not offer or impose any terms on any Covered Software in - Source Code form that alters or restricts the applicable version - of this License or the recipients' rights hereunder. You may - choose to offer, and to charge a fee for, warranty, support, - indemnity or liability obligations to one or more recipients of - Covered Software. However, you may do so only on Your own behalf, - and not on behalf of the Initial Developer or any Contributor. - You must make it absolutely clear that any such warranty, support, - indemnity or liability obligation is offered by You alone, and You - hereby agree to indemnify the Initial Developer and every - Contributor for any liability incurred by the Initial Developer or - such Contributor as a result of warranty, support, indemnity or - liability terms You offer. - - 3.5. Distribution of Executable Versions. - - You may distribute the Executable form of the Covered Software - under the terms of this License or under the terms of a license of - Your choice, which may contain terms different from this License, - provided that You are in compliance with the terms of this License - and that the license for the Executable form does not attempt to - limit or alter the recipient's rights in the Source Code form from - the rights set forth in this License. If You distribute the - Covered Software in Executable form under a different license, You - must make it absolutely clear that any terms which differ from - this License are offered by You alone, not by the Initial - Developer or Contributor. You hereby agree to indemnify the - Initial Developer and every Contributor for any liability incurred - by the Initial Developer or such Contributor as a result of any - such terms You offer. - - 3.6. Larger Works. - - You may create a Larger Work by combining Covered Software with - other code not governed by the terms of this License and - distribute the Larger Work as a single product. In such a case, - You must make sure the requirements of this License are fulfilled - for the Covered Software. - -4. Versions of the License. - - 4.1. New Versions. - - Sun Microsystems, Inc. is the initial license steward and may - publish revised and/or new versions of this License from time to - time. Each version will be given a distinguishing version number. - Except as provided in Section 4.3, no one other than the license - steward has the right to modify this License. - - 4.2. Effect of New Versions. - - You may always continue to use, distribute or otherwise make the - Covered Software available under the terms of the version of the - License under which You originally received the Covered Software. - If the Initial Developer includes a notice in the Original - Software prohibiting it from being distributed or otherwise made - available under any subsequent version of the License, You must - distribute and make the Covered Software available under the terms - of the version of the License under which You originally received - the Covered Software. Otherwise, You may also choose to use, - distribute or otherwise make the Covered Software available under - the terms of any subsequent version of the License published by - the license steward. - - 4.3. Modified Versions. - - When You are an Initial Developer and You want to create a new - license for Your Original Software, You may create and use a - modified version of this License if You: (a) rename the license - and remove any references to the name of the license steward - (except to note that the license differs from this License); and - (b) otherwise make it clear that the license contains terms which - differ from this License. - -5. DISCLAIMER OF WARRANTY. - - COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" - BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, - INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED - SOFTWARE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR - PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND - PERFORMANCE OF THE COVERED SOFTWARE IS WITH YOU. SHOULD ANY - COVERED SOFTWARE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE - INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY - NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF - WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF - ANY COVERED SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS - DISCLAIMER. - -6. TERMINATION. - - 6.1. This License and the rights granted hereunder will terminate - automatically if You fail to comply with terms herein and fail to - cure such breach within 30 days of becoming aware of the breach. - Provisions which, by their nature, must remain in effect beyond - the termination of this License shall survive. - - 6.2. If You assert a patent infringement claim (excluding - declaratory judgment actions) against Initial Developer or a - Contributor (the Initial Developer or Contributor against whom You - assert such claim is referred to as "Participant") alleging that - the Participant Software (meaning the Contributor Version where - the Participant is a Contributor or the Original Software where - the Participant is the Initial Developer) directly or indirectly - infringes any patent, then any and all rights granted directly or - indirectly to You by such Participant, the Initial Developer (if - the Initial Developer is not the Participant) and all Contributors - under Sections 2.1 and/or 2.2 of this License shall, upon 60 days - notice from Participant terminate prospectively and automatically - at the expiration of such 60 day notice period, unless if within - such 60 day period You withdraw Your claim with respect to the - Participant Software against such Participant either unilaterally - or pursuant to a written agreement with Participant. - - 6.3. In the event of termination under Sections 6.1 or 6.2 above, - all end user licenses that have been validly granted by You or any - distributor hereunder prior to termination (excluding licenses - granted to You by any distributor) shall survive termination. - -7. LIMITATION OF LIABILITY. - - UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT - (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE - INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF - COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE - LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR - CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT - LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK - STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER - COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN - INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF - LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL - INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT - APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO - NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR - CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT - APPLY TO YOU. - -8. U.S. GOVERNMENT END USERS. - - The Covered Software is a "commercial item," as that term is - defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial - computer software" (as that term is defined at 48 - C.F.R. 252.227-7014(a)(1)) and "commercial computer software - documentation" as such terms are used in 48 C.F.R. 12.212 - (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 - C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all - U.S. Government End Users acquire Covered Software with only those - rights set forth herein. This U.S. Government Rights clause is in - lieu of, and supersedes, any other FAR, DFAR, or other clause or - provision that addresses Government rights in computer software - under this License. - -9. MISCELLANEOUS. - - This License represents the complete agreement concerning subject - matter hereof. If any provision of this License is held to be - unenforceable, such provision shall be reformed only to the extent - necessary to make it enforceable. This License shall be governed - by the law of the jurisdiction specified in a notice contained - within the Original Software (except to the extent applicable law, - if any, provides otherwise), excluding such jurisdiction's - conflict-of-law provisions. Any litigation relating to this - License shall be subject to the jurisdiction of the courts located - in the jurisdiction and venue specified in a notice contained - within the Original Software, with the losing party responsible - for costs, including, without limitation, court costs and - reasonable attorneys' fees and expenses. The application of the - United Nations Convention on Contracts for the International Sale - of Goods is expressly excluded. Any law or regulation which - provides that the language of a contract shall be construed - against the drafter shall not apply to this License. You agree - that You alone are responsible for compliance with the United - States export administration regulations (and the export control - laws and regulation of any other countries) when You use, - distribute or otherwise make available any Covered Software. - -10. RESPONSIBILITY FOR CLAIMS. - - As between Initial Developer and the Contributors, each party is - responsible for claims and damages arising, directly or - indirectly, out of its utilization of rights under this License - and You agree to work with Initial Developer and Contributors to - distribute such responsibility on an equitable basis. Nothing - herein is intended or shall be deemed to constitute any admission - of liability. - --------------------------------------------------------------------- - -NOTICE PURSUANT TO SECTION 9 OF THE COMMON DEVELOPMENT AND -DISTRIBUTION LICENSE (CDDL) - -For Covered Software in this distribution, this License shall -be governed by the laws of the State of California (excluding -conflict-of-law provisions). - -Any litigation relating to this License shall be subject to the -jurisdiction of the Federal Courts of the Northern District of -California and the state courts of the State of California, with -venue lying in Santa Clara County, California. diff --git a/licenses/github.com/imdario/mergo/LICENSE b/licenses/github.com/imdario/mergo/LICENSE deleted file mode 100644 index 686680298d..0000000000 --- a/licenses/github.com/imdario/mergo/LICENSE +++ /dev/null @@ -1,28 +0,0 @@ -Copyright (c) 2013 Dario Castañé. All rights reserved. -Copyright (c) 2012 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/licenses/github.com/inconshreveable/mousetrap/LICENSE b/licenses/github.com/inconshreveable/mousetrap/LICENSE deleted file mode 100644 index 5f0d1fb6a7..0000000000 --- a/licenses/github.com/inconshreveable/mousetrap/LICENSE +++ /dev/null @@ -1,13 +0,0 @@ -Copyright 2014 Alan Shreve - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/licenses/github.com/json-iterator/go/LICENSE b/licenses/github.com/json-iterator/go/LICENSE deleted file mode 100644 index 2cf4f5ab28..0000000000 --- a/licenses/github.com/json-iterator/go/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -MIT License - -Copyright (c) 2016 json-iterator - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/licenses/github.com/juju/ratelimit/LICENSE b/licenses/github.com/juju/ratelimit/LICENSE deleted file mode 100644 index ade9307b39..0000000000 --- a/licenses/github.com/juju/ratelimit/LICENSE +++ /dev/null @@ -1,191 +0,0 @@ -All files in this repository are licensed as follows. If you contribute -to this repository, it is assumed that you license your contribution -under the same license unless you state otherwise. - -All files Copyright (C) 2015 Canonical Ltd. unless otherwise specified in the file. - -This software is licensed under the LGPLv3, included below. - -As a special exception to the GNU Lesser General Public License version 3 -("LGPL3"), the copyright holders of this Library give you permission to -convey to a third party a Combined Work that links statically or dynamically -to this Library without providing any Minimal Corresponding Source or -Minimal Application Code as set out in 4d or providing the installation -information set out in section 4e, provided that you comply with the other -provisions of LGPL3 and provided that you meet, for the Application the -terms and conditions of the license(s) which apply to the Application. - -Except as stated in this special exception, the provisions of LGPL3 will -continue to comply in full to this Library. If you modify this Library, you -may apply this exception to your version of this Library, but you are not -obliged to do so. If you do not wish to do so, delete this exception -statement from your version. This exception does not (and cannot) modify any -license terms which apply to the Application, with which you must still -comply. - - - GNU LESSER GENERAL PUBLIC LICENSE - Version 3, 29 June 2007 - - Copyright (C) 2007 Free Software Foundation, Inc. - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - - This version of the GNU Lesser General Public License incorporates -the terms and conditions of version 3 of the GNU General Public -License, supplemented by the additional permissions listed below. - - 0. Additional Definitions. - - As used herein, "this License" refers to version 3 of the GNU Lesser -General Public License, and the "GNU GPL" refers to version 3 of the GNU -General Public License. - - "The Library" refers to a covered work governed by this License, -other than an Application or a Combined Work as defined below. - - An "Application" is any work that makes use of an interface provided -by the Library, but which is not otherwise based on the Library. -Defining a subclass of a class defined by the Library is deemed a mode -of using an interface provided by the Library. - - A "Combined Work" is a work produced by combining or linking an -Application with the Library. The particular version of the Library -with which the Combined Work was made is also called the "Linked -Version". - - The "Minimal Corresponding Source" for a Combined Work means the -Corresponding Source for the Combined Work, excluding any source code -for portions of the Combined Work that, considered in isolation, are -based on the Application, and not on the Linked Version. - - The "Corresponding Application Code" for a Combined Work means the -object code and/or source code for the Application, including any data -and utility programs needed for reproducing the Combined Work from the -Application, but excluding the System Libraries of the Combined Work. - - 1. Exception to Section 3 of the GNU GPL. - - You may convey a covered work under sections 3 and 4 of this License -without being bound by section 3 of the GNU GPL. - - 2. Conveying Modified Versions. - - If you modify a copy of the Library, and, in your modifications, a -facility refers to a function or data to be supplied by an Application -that uses the facility (other than as an argument passed when the -facility is invoked), then you may convey a copy of the modified -version: - - a) under this License, provided that you make a good faith effort to - ensure that, in the event an Application does not supply the - function or data, the facility still operates, and performs - whatever part of its purpose remains meaningful, or - - b) under the GNU GPL, with none of the additional permissions of - this License applicable to that copy. - - 3. Object Code Incorporating Material from Library Header Files. - - The object code form of an Application may incorporate material from -a header file that is part of the Library. You may convey such object -code under terms of your choice, provided that, if the incorporated -material is not limited to numerical parameters, data structure -layouts and accessors, or small macros, inline functions and templates -(ten or fewer lines in length), you do both of the following: - - a) Give prominent notice with each copy of the object code that the - Library is used in it and that the Library and its use are - covered by this License. - - b) Accompany the object code with a copy of the GNU GPL and this license - document. - - 4. Combined Works. - - You may convey a Combined Work under terms of your choice that, -taken together, effectively do not restrict modification of the -portions of the Library contained in the Combined Work and reverse -engineering for debugging such modifications, if you also do each of -the following: - - a) Give prominent notice with each copy of the Combined Work that - the Library is used in it and that the Library and its use are - covered by this License. - - b) Accompany the Combined Work with a copy of the GNU GPL and this license - document. - - c) For a Combined Work that displays copyright notices during - execution, include the copyright notice for the Library among - these notices, as well as a reference directing the user to the - copies of the GNU GPL and this license document. - - d) Do one of the following: - - 0) Convey the Minimal Corresponding Source under the terms of this - License, and the Corresponding Application Code in a form - suitable for, and under terms that permit, the user to - recombine or relink the Application with a modified version of - the Linked Version to produce a modified Combined Work, in the - manner specified by section 6 of the GNU GPL for conveying - Corresponding Source. - - 1) Use a suitable shared library mechanism for linking with the - Library. A suitable mechanism is one that (a) uses at run time - a copy of the Library already present on the user's computer - system, and (b) will operate properly with a modified version - of the Library that is interface-compatible with the Linked - Version. - - e) Provide Installation Information, but only if you would otherwise - be required to provide such information under section 6 of the - GNU GPL, and only to the extent that such information is - necessary to install and execute a modified version of the - Combined Work produced by recombining or relinking the - Application with a modified version of the Linked Version. (If - you use option 4d0, the Installation Information must accompany - the Minimal Corresponding Source and Corresponding Application - Code. If you use option 4d1, you must provide the Installation - Information in the manner specified by section 6 of the GNU GPL - for conveying Corresponding Source.) - - 5. Combined Libraries. - - You may place library facilities that are a work based on the -Library side by side in a single library together with other library -facilities that are not Applications and are not covered by this -License, and convey such a combined library under terms of your -choice, if you do both of the following: - - a) Accompany the combined library with a copy of the same work based - on the Library, uncombined with any other library facilities, - conveyed under the terms of this License. - - b) Give prominent notice with the combined library that part of it - is a work based on the Library, and explaining where to find the - accompanying uncombined form of the same work. - - 6. Revised Versions of the GNU Lesser General Public License. - - The Free Software Foundation may publish revised and/or new versions -of the GNU Lesser General Public License from time to time. Such new -versions will be similar in spirit to the present version, but may -differ in detail to address new problems or concerns. - - Each version is given a distinguishing version number. If the -Library as you received it specifies that a certain numbered version -of the GNU Lesser General Public License "or any later version" -applies to it, you have the option of following the terms and -conditions either of that published version or of any later version -published by the Free Software Foundation. If the Library as you -received it does not specify a version number of the GNU Lesser -General Public License, you may choose any version of the GNU Lesser -General Public License ever published by the Free Software Foundation. - - If the Library as you received it specifies that a proxy can decide -whether future versions of the GNU Lesser General Public License shall -apply, that proxy's public statement of acceptance of any version is -permanent authorization for you to choose that version for the -Library. diff --git a/licenses/github.com/lib/pq/LICENSE.md b/licenses/github.com/lib/pq/LICENSE.md deleted file mode 100644 index 5773904a30..0000000000 --- a/licenses/github.com/lib/pq/LICENSE.md +++ /dev/null @@ -1,8 +0,0 @@ -Copyright (c) 2011-2013, 'pq' Contributors -Portions Copyright (C) 2011 Blake Mizerany - -Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/licenses/github.com/mailru/easyjson/LICENSE b/licenses/github.com/mailru/easyjson/LICENSE deleted file mode 100644 index fbff658f70..0000000000 --- a/licenses/github.com/mailru/easyjson/LICENSE +++ /dev/null @@ -1,7 +0,0 @@ -Copyright (c) 2016 Mail.Ru Group - -Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/licenses/github.com/mattn/go-colorable/LICENSE b/licenses/github.com/mattn/go-colorable/LICENSE deleted file mode 100644 index 91b5cef30e..0000000000 --- a/licenses/github.com/mattn/go-colorable/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2016 Yasuhiro Matsumoto - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/licenses/github.com/mattn/go-isatty/LICENSE b/licenses/github.com/mattn/go-isatty/LICENSE deleted file mode 100644 index 65dc692b6b..0000000000 --- a/licenses/github.com/mattn/go-isatty/LICENSE +++ /dev/null @@ -1,9 +0,0 @@ -Copyright (c) Yasuhiro MATSUMOTO - -MIT License (Expat) - -Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/licenses/github.com/modern-go/concurrent/LICENSE b/licenses/github.com/modern-go/concurrent/LICENSE deleted file mode 100644 index 261eeb9e9f..0000000000 --- a/licenses/github.com/modern-go/concurrent/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/licenses/github.com/modern-go/reflect2/LICENSE b/licenses/github.com/modern-go/reflect2/LICENSE deleted file mode 100644 index 261eeb9e9f..0000000000 --- a/licenses/github.com/modern-go/reflect2/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/licenses/github.com/petar/GoLLRB/LICENSE b/licenses/github.com/petar/GoLLRB/LICENSE deleted file mode 100644 index b75312c787..0000000000 --- a/licenses/github.com/petar/GoLLRB/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2010, Petar Maymounkov -All rights reserved. - -Redistribution and use in source and binary forms, with or without modification, -are permitted provided that the following conditions are met: - -(*) Redistributions of source code must retain the above copyright notice, this list -of conditions and the following disclaimer. - -(*) Redistributions in binary form must reproduce the above copyright notice, this -list of conditions and the following disclaimer in the documentation and/or -other materials provided with the distribution. - -(*) Neither the name of Petar Maymounkov nor the names of its contributors may be -used to endorse or promote products derived from this software without specific -prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR -ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON -ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/licenses/github.com/peterbourgon/diskv/LICENSE b/licenses/github.com/peterbourgon/diskv/LICENSE deleted file mode 100644 index 41ce7f16e1..0000000000 --- a/licenses/github.com/peterbourgon/diskv/LICENSE +++ /dev/null @@ -1,19 +0,0 @@ -Copyright (c) 2011-2012 Peter Bourgon - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/licenses/github.com/russross/blackfriday/LICENSE.txt b/licenses/github.com/russross/blackfriday/LICENSE.txt deleted file mode 100644 index 2885af3602..0000000000 --- a/licenses/github.com/russross/blackfriday/LICENSE.txt +++ /dev/null @@ -1,29 +0,0 @@ -Blackfriday is distributed under the Simplified BSD License: - -> Copyright © 2011 Russ Ross -> All rights reserved. -> -> Redistribution and use in source and binary forms, with or without -> modification, are permitted provided that the following conditions -> are met: -> -> 1. Redistributions of source code must retain the above copyright -> notice, this list of conditions and the following disclaimer. -> -> 2. Redistributions in binary form must reproduce the above -> copyright notice, this list of conditions and the following -> disclaimer in the documentation and/or other materials provided with -> the distribution. -> -> THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -> "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -> LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -> FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -> COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -> INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -> BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -> LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -> CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -> LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN -> ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -> POSSIBILITY OF SUCH DAMAGE. diff --git a/licenses/github.com/sirupsen/logrus/LICENSE b/licenses/github.com/sirupsen/logrus/LICENSE deleted file mode 100644 index f090cb42f3..0000000000 --- a/licenses/github.com/sirupsen/logrus/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2014 Simon Eskildsen - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/licenses/github.com/spf13/cobra/LICENSE.txt b/licenses/github.com/spf13/cobra/LICENSE.txt deleted file mode 100644 index 298f0e2665..0000000000 --- a/licenses/github.com/spf13/cobra/LICENSE.txt +++ /dev/null @@ -1,174 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. diff --git a/licenses/github.com/spf13/pflag/LICENSE b/licenses/github.com/spf13/pflag/LICENSE deleted file mode 100644 index 63ed1cfea1..0000000000 --- a/licenses/github.com/spf13/pflag/LICENSE +++ /dev/null @@ -1,28 +0,0 @@ -Copyright (c) 2012 Alex Ogier. All rights reserved. -Copyright (c) 2012 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/licenses/golang.org/x/crypto/LICENSE b/licenses/golang.org/x/crypto/LICENSE deleted file mode 100644 index 6a66aea5ea..0000000000 --- a/licenses/golang.org/x/crypto/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2009 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/licenses/golang.org/x/net/LICENSE b/licenses/golang.org/x/net/LICENSE deleted file mode 100644 index 6a66aea5ea..0000000000 --- a/licenses/golang.org/x/net/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2009 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/licenses/golang.org/x/sys/LICENSE b/licenses/golang.org/x/sys/LICENSE deleted file mode 100644 index 6a66aea5ea..0000000000 --- a/licenses/golang.org/x/sys/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2009 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/licenses/golang.org/x/text/LICENSE b/licenses/golang.org/x/text/LICENSE deleted file mode 100644 index 6a66aea5ea..0000000000 --- a/licenses/golang.org/x/text/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2009 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/licenses/gopkg.in/inf.v0/LICENSE b/licenses/gopkg.in/inf.v0/LICENSE deleted file mode 100644 index 87a5cede33..0000000000 --- a/licenses/gopkg.in/inf.v0/LICENSE +++ /dev/null @@ -1,28 +0,0 @@ -Copyright (c) 2012 Péter Surányi. Portions Copyright (c) 2009 The Go -Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/licenses/gopkg.in/robfig/cron.v2/LICENSE b/licenses/gopkg.in/robfig/cron.v2/LICENSE deleted file mode 100644 index 3a0f627ffe..0000000000 --- a/licenses/gopkg.in/robfig/cron.v2/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -Copyright (C) 2012 Rob Figueiredo -All Rights Reserved. - -MIT LICENSE - -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software is furnished to do so, -subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/licenses/gopkg.in/yaml.v2/LICENSE b/licenses/gopkg.in/yaml.v2/LICENSE deleted file mode 100644 index 8dada3edaf..0000000000 --- a/licenses/gopkg.in/yaml.v2/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright {yyyy} {name of copyright owner} - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/licenses/k8s.io/api/LICENSE b/licenses/k8s.io/api/LICENSE deleted file mode 100644 index d645695673..0000000000 --- a/licenses/k8s.io/api/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/licenses/k8s.io/apimachinery/LICENSE b/licenses/k8s.io/apimachinery/LICENSE deleted file mode 100644 index d645695673..0000000000 --- a/licenses/k8s.io/apimachinery/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/licenses/k8s.io/client-go/LICENSE b/licenses/k8s.io/client-go/LICENSE deleted file mode 100644 index d645695673..0000000000 --- a/licenses/k8s.io/client-go/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/licenses/k8s.io/kube-openapi/LICENSE b/licenses/k8s.io/kube-openapi/LICENSE deleted file mode 100644 index d645695673..0000000000 --- a/licenses/k8s.io/kube-openapi/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/pgo-backrest/pgo-backrest.go b/pgo-backrest/pgo-backrest.go index ee75dd743d..8744cb097f 100644 --- a/pgo-backrest/pgo-backrest.go +++ b/pgo-backrest/pgo-backrest.go @@ -1,7 +1,7 @@ package main /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo-rmdata/pgo-rmdata.go b/pgo-rmdata/pgo-rmdata.go index 40a3bf32fd..6236125d5f 100644 --- a/pgo-rmdata/pgo-rmdata.go +++ b/pgo-rmdata/pgo-rmdata.go @@ -1,7 +1,7 @@ package main /* -Copyright 2019 - 2020 Crunchy Data +Copyright 2019 - 2022 Crunchy Data Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo-rmdata/rmdata/process.go b/pgo-rmdata/rmdata/process.go index 90d135a59a..c1566d7820 100644 --- a/pgo-rmdata/rmdata/process.go +++ b/pgo-rmdata/rmdata/process.go @@ -1,7 +1,7 @@ package rmdata /* -Copyright 2019 - 2020 Crunchy Data +Copyright 2019 - 2022 Crunchy Data Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -45,20 +45,12 @@ const ( configConfigMapSuffix = "config" leaderConfigMapSuffix = "leader" failoverConfigMapSuffix = "failover" + syncConfigMapSuffix = "sync" ) func Delete(request Request) { log.Infof("rmdata.Process %v", request) - // if, check to see if this is a full cluster removal...i.e. "IsReplica" - // and "IsBackup" is set to false - // - // if this is a full cluster removal, first disable autofailover - if !(request.IsReplica || request.IsBackup) { - log.Debug("disabling autofailover for cluster removal") - util.ToggleAutoFailover(request.Clientset, false, request.ClusterPGHAScope, request.Namespace) - } - //the case of 'pgo scaledown' if request.IsReplica { log.Info("rmdata.Process scaledown replica use case") @@ -71,17 +63,13 @@ func Delete(request Request) { if err := request.Clientset. CrunchydataV1().Pgreplicas(request.Namespace). Delete(request.ReplicaName, &metav1.DeleteOptions{}); err != nil { - // If the name of the replica being deleted matches the scope for the cluster, then - // we assume it was the original primary and the pgreplica deletion will fail with - // a not found error. In this case we allow the rmdata process to continue despite - // the error. This allows for the original primary to be scaled down once it is - // is no longer a primary, and has become a replica. - if !(request.ReplicaName == request.ClusterPGHAScope && kerror.IsNotFound(err)) { + // if the pgreplica is not found, assume we're scaling down the original primary and + // continue with removing the replica + if !kerror.IsNotFound(err) { log.Error(err) - return + } else { + log.Debug("pgreplica not found, assuming scale down of original primary") } - log.Debug("replica name matches PGHA scope, assuming scale down of original primary" + - "and therefore ignoring error attempting to delete nonexistent pgreplica") } err = removeReplica(request) @@ -245,6 +233,8 @@ func removeClusterConfigmaps(request Request) { // next, the name of the failover configmap, which is // "`clusterName`-failover" fmt.Sprintf("%s-%s", request.ClusterName, failoverConfigMapSuffix), + // next, if there is a synchronous replication configmap, clean that up + fmt.Sprintf("%s-%s", request.ClusterName, syncConfigMapSuffix), // finally, if there is a pgbouncer, remove the pgbouncer configmap util.GeneratePgBouncerConfigMapName(request.ClusterName), } diff --git a/pgo-rmdata/rmdata/types.go b/pgo-rmdata/rmdata/types.go index 1044e85ee9..54273fb230 100644 --- a/pgo-rmdata/rmdata/types.go +++ b/pgo-rmdata/rmdata/types.go @@ -1,7 +1,7 @@ package rmdata /* -Copyright 2019 - 2020 Crunchy Data +Copyright 2019 - 2022 Crunchy Data Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo-scheduler/pgo-scheduler.go b/pgo-scheduler/pgo-scheduler.go index 68b17c1218..9ac87d43bb 100644 --- a/pgo-scheduler/pgo-scheduler.go +++ b/pgo-scheduler/pgo-scheduler.go @@ -1,7 +1,7 @@ package main /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo-scheduler/scheduler/configmapcontroller.go b/pgo-scheduler/scheduler/configmapcontroller.go index 41372f96b5..46840b5295 100644 --- a/pgo-scheduler/scheduler/configmapcontroller.go +++ b/pgo-scheduler/scheduler/configmapcontroller.go @@ -1,7 +1,7 @@ package scheduler /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo-scheduler/scheduler/controllermanager.go b/pgo-scheduler/scheduler/controllermanager.go index 843f6ac060..b688a2f31c 100644 --- a/pgo-scheduler/scheduler/controllermanager.go +++ b/pgo-scheduler/scheduler/controllermanager.go @@ -1,7 +1,7 @@ package scheduler /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo-scheduler/scheduler/pgbackrest.go b/pgo-scheduler/scheduler/pgbackrest.go index 1ce1fb3166..d265595b23 100644 --- a/pgo-scheduler/scheduler/pgbackrest.go +++ b/pgo-scheduler/scheduler/pgbackrest.go @@ -1,7 +1,7 @@ package scheduler /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -21,8 +21,10 @@ import ( "github.com/crunchydata/postgres-operator/internal/config" log "github.com/sirupsen/logrus" + v1 "k8s.io/api/core/v1" kerrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/fields" "k8s.io/apimachinery/pkg/util/wait" ) @@ -113,17 +115,20 @@ func (b BackRestBackupJob) Run() { return } - selector := fmt.Sprintf("%s=%s,pgo-backrest-repo=true", config.LABEL_PG_CLUSTER, b.cluster) - pods, err := clientset.CoreV1().Pods(b.namespace).List(metav1.ListOptions{LabelSelector: selector}) + selector := fmt.Sprintf("%s=%s,%s", config.LABEL_PG_CLUSTER, b.cluster, config.LABEL_PGO_BACKREST_REPO) + options := metav1.ListOptions{ + FieldSelector: fields.OneTermEqualSelector("status.phase", string(v1.PodRunning)).String(), + LabelSelector: selector, + } + + pods, err := clientset.CoreV1().Pods(b.namespace).List(options) if err != nil { contextLogger.WithFields(log.Fields{ "selector": selector, "error": err, }).Error("error getting pods from selector") return - } - - if len(pods.Items) != 1 { + } else if len(pods.Items) != 1 { contextLogger.WithFields(log.Fields{ "selector": selector, "error": err, diff --git a/pgo-scheduler/scheduler/policy.go b/pgo-scheduler/scheduler/policy.go index acf5c6a489..a1ecfc319f 100644 --- a/pgo-scheduler/scheduler/policy.go +++ b/pgo-scheduler/scheduler/policy.go @@ -1,7 +1,7 @@ package scheduler /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo-scheduler/scheduler/scheduler.go b/pgo-scheduler/scheduler/scheduler.go index d0360b4df4..6342e40fe3 100644 --- a/pgo-scheduler/scheduler/scheduler.go +++ b/pgo-scheduler/scheduler/scheduler.go @@ -1,7 +1,7 @@ package scheduler /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo-scheduler/scheduler/tasks.go b/pgo-scheduler/scheduler/tasks.go index a2c715d3be..a79a60ba7f 100644 --- a/pgo-scheduler/scheduler/tasks.go +++ b/pgo-scheduler/scheduler/tasks.go @@ -1,7 +1,7 @@ package scheduler /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo-scheduler/scheduler/types.go b/pgo-scheduler/scheduler/types.go index 7b0b07353e..7fcbbf944f 100644 --- a/pgo-scheduler/scheduler/types.go +++ b/pgo-scheduler/scheduler/types.go @@ -1,7 +1,7 @@ package scheduler /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo-scheduler/scheduler/validate.go b/pgo-scheduler/scheduler/validate.go index 37c24dc7ab..4a9a3ffb67 100644 --- a/pgo-scheduler/scheduler/validate.go +++ b/pgo-scheduler/scheduler/validate.go @@ -1,7 +1,7 @@ package scheduler /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo-scheduler/scheduler/validate_test.go b/pgo-scheduler/scheduler/validate_test.go index 6abe1a7396..0a3846dc18 100644 --- a/pgo-scheduler/scheduler/validate_test.go +++ b/pgo-scheduler/scheduler/validate_test.go @@ -1,7 +1,7 @@ package scheduler /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/backrest.go b/pgo/api/backrest.go index 13e2ff702b..59a9a0b30f 100644 --- a/pgo/api/backrest.go +++ b/pgo/api/backrest.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/cat.go b/pgo/api/cat.go index 00d17c7fb6..74cd173a9a 100644 --- a/pgo/api/cat.go +++ b/pgo/api/cat.go @@ -1,7 +1,7 @@ package api /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/clone.go b/pgo/api/clone.go index 2e7ebfccba..b3008d82c7 100644 --- a/pgo/api/clone.go +++ b/pgo/api/clone.go @@ -1,7 +1,7 @@ package api /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/cluster.go b/pgo/api/cluster.go index 74407c0dbc..19bea26c9d 100644 --- a/pgo/api/cluster.go +++ b/pgo/api/cluster.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/common.go b/pgo/api/common.go index 6fcd876ebf..c1be82f2ec 100644 --- a/pgo/api/common.go +++ b/pgo/api/common.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/config.go b/pgo/api/config.go index 90848edcfd..0e0e10509c 100644 --- a/pgo/api/config.go +++ b/pgo/api/config.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/df.go b/pgo/api/df.go index fa993051aa..693fce6c0d 100644 --- a/pgo/api/df.go +++ b/pgo/api/df.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/failover.go b/pgo/api/failover.go index 4ebbab9471..60131f96db 100644 --- a/pgo/api/failover.go +++ b/pgo/api/failover.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/label.go b/pgo/api/label.go index e083f998a8..e7c41c44e5 100644 --- a/pgo/api/label.go +++ b/pgo/api/label.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/namespace.go b/pgo/api/namespace.go index 96f10ba8d7..43590ed8d9 100644 --- a/pgo/api/namespace.go +++ b/pgo/api/namespace.go @@ -1,7 +1,7 @@ package api /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/pgadmin.go b/pgo/api/pgadmin.go index 0d410355cd..28e784ee94 100644 --- a/pgo/api/pgadmin.go +++ b/pgo/api/pgadmin.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/pgbouncer.go b/pgo/api/pgbouncer.go index efee86ca53..6562f2b904 100644 --- a/pgo/api/pgbouncer.go +++ b/pgo/api/pgbouncer.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/pgdump.go b/pgo/api/pgdump.go index 3bc0804c7b..2488721459 100644 --- a/pgo/api/pgdump.go +++ b/pgo/api/pgdump.go @@ -1,7 +1,7 @@ package api /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/pgorole.go b/pgo/api/pgorole.go index 804f0c1eb2..cfc163ded5 100644 --- a/pgo/api/pgorole.go +++ b/pgo/api/pgorole.go @@ -1,7 +1,7 @@ package api /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/pgouser.go b/pgo/api/pgouser.go index e0026d20ca..f6c4e38e0d 100644 --- a/pgo/api/pgouser.go +++ b/pgo/api/pgouser.go @@ -1,7 +1,7 @@ package api /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/policy.go b/pgo/api/policy.go index b7e9cf5d6f..c21ccc0288 100644 --- a/pgo/api/policy.go +++ b/pgo/api/policy.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/pvc.go b/pgo/api/pvc.go index f4fac4ceb4..41fec8cc9e 100644 --- a/pgo/api/pvc.go +++ b/pgo/api/pvc.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/reload.go b/pgo/api/reload.go index 9235cc1ea9..e07dcd513a 100644 --- a/pgo/api/reload.go +++ b/pgo/api/reload.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/restart.go b/pgo/api/restart.go index 13dc205972..d1bc84fd29 100644 --- a/pgo/api/restart.go +++ b/pgo/api/restart.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/restore.go b/pgo/api/restore.go index e22cea904b..c120f0ac2a 100644 --- a/pgo/api/restore.go +++ b/pgo/api/restore.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/restoreDump.go b/pgo/api/restoreDump.go index bd911c1b75..ab54f922a5 100644 --- a/pgo/api/restoreDump.go +++ b/pgo/api/restoreDump.go @@ -1,7 +1,7 @@ package api /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/scale.go b/pgo/api/scale.go index 6defb09127..fd5833433d 100644 --- a/pgo/api/scale.go +++ b/pgo/api/scale.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/scaledown.go b/pgo/api/scaledown.go index 1cc6691b72..8e9c63081b 100644 --- a/pgo/api/scaledown.go +++ b/pgo/api/scaledown.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/schedule.go b/pgo/api/schedule.go index 4007e77e1b..d70ebe0a1d 100644 --- a/pgo/api/schedule.go +++ b/pgo/api/schedule.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/status.go b/pgo/api/status.go index ad70bd2f96..30a8c003dc 100644 --- a/pgo/api/status.go +++ b/pgo/api/status.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/test.go b/pgo/api/test.go index 887d67b056..3106c4ca63 100644 --- a/pgo/api/test.go +++ b/pgo/api/test.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/upgrade.go b/pgo/api/upgrade.go index 6079a29023..f5e1f0cbec 100644 --- a/pgo/api/upgrade.go +++ b/pgo/api/upgrade.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/user.go b/pgo/api/user.go index 38424ab17b..4001f38ddb 100644 --- a/pgo/api/user.go +++ b/pgo/api/user.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/version.go b/pgo/api/version.go index 9ca743add1..a6dd33e007 100644 --- a/pgo/api/version.go +++ b/pgo/api/version.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/api/workflow.go b/pgo/api/workflow.go index 3289329aa1..12525976ac 100644 --- a/pgo/api/workflow.go +++ b/pgo/api/workflow.go @@ -1,7 +1,7 @@ package api /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/auth.go b/pgo/cmd/auth.go index 322e5f5e9c..8b8b9e4164 100644 --- a/pgo/cmd/auth.go +++ b/pgo/cmd/auth.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/backrest.go b/pgo/cmd/backrest.go index a0a183fa86..ee687085fd 100644 --- a/pgo/cmd/backrest.go +++ b/pgo/cmd/backrest.go @@ -2,7 +2,7 @@ package cmd /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/backup.go b/pgo/cmd/backup.go index 61225cc3ea..062a7dd0f5 100644 --- a/pgo/cmd/backup.go +++ b/pgo/cmd/backup.go @@ -2,7 +2,7 @@ package cmd /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/cat.go b/pgo/cmd/cat.go index e97301d40d..d439dd3187 100644 --- a/pgo/cmd/cat.go +++ b/pgo/cmd/cat.go @@ -2,7 +2,7 @@ package cmd /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/clone.go b/pgo/cmd/clone.go index 5f544e52e3..d294945f9c 100644 --- a/pgo/cmd/clone.go +++ b/pgo/cmd/clone.go @@ -2,7 +2,7 @@ package cmd /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/cluster.go b/pgo/cmd/cluster.go index 3ee443fcd8..f42f43d8c5 100644 --- a/pgo/cmd/cluster.go +++ b/pgo/cmd/cluster.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -220,9 +220,11 @@ func printCluster(detail *msgs.ShowClusterDetail) { for _, service := range detail.Services { if service.ExternalIP == "" { - fmt.Println(TreeBranch + "service : " + service.Name + " - ClusterIP (" + service.ClusterIP + ")") + fmt.Println(TreeBranch + "service : " + service.Name + " - ClusterIP (" + service.ClusterIP + ")" + " - Ports (" + + strings.Trim(strings.Join(strings.Fields(fmt.Sprint(service.ClusterPorts)), ", "), "[]") + ")") } else { - fmt.Println(TreeBranch + "service : " + service.Name + " - ClusterIP (" + service.ClusterIP + ") ExternalIP (" + service.ExternalIP + ")") + fmt.Println(TreeBranch + "service : " + service.Name + " - ClusterIP (" + service.ClusterIP + ") ExternalIP (" + service.ExternalIP + + ")" + " - Ports (" + strings.Trim(strings.Join(strings.Fields(fmt.Sprint(service.ClusterPorts)), ", "), "[]") + ")") } } diff --git a/pgo/cmd/common.go b/pgo/cmd/common.go index f1e8f84e70..371bcc86c9 100644 --- a/pgo/cmd/common.go +++ b/pgo/cmd/common.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/config.go b/pgo/cmd/config.go index 16a29d0603..cc05bc1e45 100644 --- a/pgo/cmd/config.go +++ b/pgo/cmd/config.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/create.go b/pgo/cmd/create.go index 57e4e77eb6..aca18a4f08 100644 --- a/pgo/cmd/create.go +++ b/pgo/cmd/create.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -496,7 +496,7 @@ func init() { // pgo create pgbouncer createPgbouncerCmd.Flags().StringVar(&PgBouncerCPURequest, "cpu", "", "Set the number of millicores to request for CPU "+ "for pgBouncer. Defaults to being unset.") - createPgbouncerCmd.Flags().StringVar(&PgBouncerCPULimit, "cpu-limit", "", "Set the number of millicores to request for CPU "+ + createPgbouncerCmd.Flags().StringVar(&PgBouncerCPULimit, "cpu-limit", "", "Set the number of millicores to limit for CPU "+ "for pgBouncer.") createPgbouncerCmd.Flags().StringVar(&PgBouncerMemoryRequest, "memory", "", "Set the amount of memory to request for "+ "pgBouncer. Defaults to server value (24Mi).") diff --git a/pgo/cmd/delete.go b/pgo/cmd/delete.go index d29341355e..5077f16e5d 100644 --- a/pgo/cmd/delete.go +++ b/pgo/cmd/delete.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/df.go b/pgo/cmd/df.go index 576376d1bc..13b80fa758 100644 --- a/pgo/cmd/df.go +++ b/pgo/cmd/df.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/failover.go b/pgo/cmd/failover.go index 4a667429a7..2f23afef9d 100644 --- a/pgo/cmd/failover.go +++ b/pgo/cmd/failover.go @@ -2,7 +2,7 @@ package cmd /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/flags.go b/pgo/cmd/flags.go index bb831e4006..a11086e7b5 100644 --- a/pgo/cmd/flags.go +++ b/pgo/cmd/flags.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/label.go b/pgo/cmd/label.go index 3a888663b6..1c4e65fbe6 100644 --- a/pgo/cmd/label.go +++ b/pgo/cmd/label.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/namespace.go b/pgo/cmd/namespace.go index 1065193ad8..3f9a31734b 100644 --- a/pgo/cmd/namespace.go +++ b/pgo/cmd/namespace.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/pgadmin.go b/pgo/cmd/pgadmin.go index 52412324d4..2db81d3bec 100644 --- a/pgo/cmd/pgadmin.go +++ b/pgo/cmd/pgadmin.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/pgbouncer.go b/pgo/cmd/pgbouncer.go index 9d302a8cdb..12950c5325 100644 --- a/pgo/cmd/pgbouncer.go +++ b/pgo/cmd/pgbouncer.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/pgdump.go b/pgo/cmd/pgdump.go index 744ebe7274..bfd86be1c4 100644 --- a/pgo/cmd/pgdump.go +++ b/pgo/cmd/pgdump.go @@ -2,7 +2,7 @@ package cmd /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/pgorole.go b/pgo/cmd/pgorole.go index 171b03e401..1cfd2586bd 100644 --- a/pgo/cmd/pgorole.go +++ b/pgo/cmd/pgorole.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/pgouser.go b/pgo/cmd/pgouser.go index 2ccc72d970..b45ef75118 100644 --- a/pgo/cmd/pgouser.go +++ b/pgo/cmd/pgouser.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/policy.go b/pgo/cmd/policy.go index 3afa306923..9b6b68cb96 100644 --- a/pgo/cmd/policy.go +++ b/pgo/cmd/policy.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/pvc.go b/pgo/cmd/pvc.go index 47bc481cb0..570711dcb8 100644 --- a/pgo/cmd/pvc.go +++ b/pgo/cmd/pvc.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/reload.go b/pgo/cmd/reload.go index cf6c5b647c..787594ef0c 100644 --- a/pgo/cmd/reload.go +++ b/pgo/cmd/reload.go @@ -2,7 +2,7 @@ package cmd /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/restart.go b/pgo/cmd/restart.go index 5303466f9b..0ec7812219 100644 --- a/pgo/cmd/restart.go +++ b/pgo/cmd/restart.go @@ -2,7 +2,7 @@ package cmd /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/restore.go b/pgo/cmd/restore.go index bafe7418e3..8cb54dd862 100644 --- a/pgo/cmd/restore.go +++ b/pgo/cmd/restore.go @@ -2,7 +2,7 @@ package cmd /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/root.go b/pgo/cmd/root.go index 075a9f13e8..1819d98eb7 100644 --- a/pgo/cmd/root.go +++ b/pgo/cmd/root.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -61,7 +61,7 @@ func init() { defExclOSTrust := (runtime.GOOS == "windows") RootCmd.PersistentFlags().StringVarP(&Namespace, "namespace", "n", "", "The namespace to use for pgo requests.") - RootCmd.PersistentFlags().StringVar(&APIServerURL, "apiserver-url", "", "The URL for the PostgreSQL Operator apiserver that will process the request from the pgo client.") + RootCmd.PersistentFlags().StringVar(&APIServerURL, "apiserver-url", "", "The URL for the PostgreSQL Operator apiserver that will process the request from the pgo client. Note that the URL should **not** end in a `/`.") RootCmd.PersistentFlags().StringVar(&PGO_CA_CERT, "pgo-ca-cert", "", "The CA Certificate file path for authenticating to the PostgreSQL Operator apiserver.") RootCmd.PersistentFlags().StringVar(&PGO_CLIENT_KEY, "pgo-client-key", "", "The Client Key file path for authenticating to the PostgreSQL Operator apiserver.") RootCmd.PersistentFlags().StringVar(&PGO_CLIENT_CERT, "pgo-client-cert", "", "The Client Certificate file path for authenticating to the PostgreSQL Operator apiserver.") diff --git a/pgo/cmd/scale.go b/pgo/cmd/scale.go index 831ec2ddf9..dd2910658e 100644 --- a/pgo/cmd/scale.go +++ b/pgo/cmd/scale.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/scaledown.go b/pgo/cmd/scaledown.go index 20241c3d46..a00bd17f6a 100644 --- a/pgo/cmd/scaledown.go +++ b/pgo/cmd/scaledown.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/schedule.go b/pgo/cmd/schedule.go index 5413001efb..c0c1330048 100644 --- a/pgo/cmd/schedule.go +++ b/pgo/cmd/schedule.go @@ -2,7 +2,7 @@ package cmd /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/show.go b/pgo/cmd/show.go index b42ba2a7d9..faca68b3c9 100644 --- a/pgo/cmd/show.go +++ b/pgo/cmd/show.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/status.go b/pgo/cmd/status.go index 681ad08d6c..4dbbf67b88 100644 --- a/pgo/cmd/status.go +++ b/pgo/cmd/status.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/test.go b/pgo/cmd/test.go index 111475fbed..76495204bd 100644 --- a/pgo/cmd/test.go +++ b/pgo/cmd/test.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/update.go b/pgo/cmd/update.go index 806b44388e..582e1c619a 100644 --- a/pgo/cmd/update.go +++ b/pgo/cmd/update.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -169,8 +169,8 @@ var UpdateCmd = &cobra.Command{ Short: "Update a pgouser, pgorole, or cluster", Long: `The update command allows you to update a pgouser, pgorole, or cluster. For example: - pgo update cluster --selector=name=mycluster --autofail=false - pgo update cluster --all --autofail=true + pgo update cluster --selector=name=mycluster --disable-autofail + pgo update cluster --all --enable-autofail pgo update namespace mynamespace pgo update pgbouncer mycluster --rotate-password pgo update pgorole somerole --pgorole-permission="Cat" @@ -215,7 +215,7 @@ var UpdateClusterCmd = &cobra.Command{ Short: "Update a PostgreSQL cluster", Long: `Update a PostgreSQL cluster. For example: - pgo update cluster mycluster --autofail=false + pgo update cluster mycluster --disable-autofail pgo update cluster mycluster myothercluster --disable-autofail pgo update cluster --selector=name=mycluster --disable-autofail pgo update cluster --all --enable-autofail`, diff --git a/pgo/cmd/upgrade.go b/pgo/cmd/upgrade.go index e6672f1aa8..5d27fbea5b 100644 --- a/pgo/cmd/upgrade.go +++ b/pgo/cmd/upgrade.go @@ -2,7 +2,7 @@ package cmd /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -41,10 +41,10 @@ var UpgradeCCPImageTag string var UpgradeCmd = &cobra.Command{ Use: "upgrade", Short: "Perform a cluster upgrade.", - Long: `UPGRADE allows you to perform a comprehensive PGCluster upgrade - (for use after performing a Postgres Operator upgrade). + Long: `UPGRADE allows you to perform a comprehensive PGCluster upgrade + (for use after performing a Postgres Operator upgrade). For example: - + pgo upgrade mycluster Upgrades the cluster for use with the upgraded Postgres Operator version.`, Run: func(cmd *cobra.Command, args []string) { @@ -69,8 +69,9 @@ func init() { RootCmd.AddCommand(UpgradeCmd) // flags for "pgo upgrade" - UpgradeCmd.Flags().BoolVarP(&IgnoreValidation, "ignore-validation", "", false, "Disables version checking against the image tags when performing an cluster upgrade.") UpgradeCmd.Flags().StringVarP(&UpgradeCCPImageTag, "ccp-image-tag", "", "", "The image tag to use for cluster creation. If specified, it overrides the default configuration setting and disables tag validation checking.") + UpgradeCmd.Flags().BoolVarP(&IgnoreValidation, "ignore-validation", "", false, "Disables version checking against the image tags when performing an cluster upgrade.") + UpgradeCmd.Flags().BoolVar(&NoPrompt, "no-prompt", false, "No command line confirmation.") } func createUpgrade(args []string, ns string) { @@ -90,7 +91,6 @@ func createUpgrade(args []string, ns string) { request.UpgradeCCPImageTag = UpgradeCCPImageTag response, err := api.CreateUpgrade(httpclient, &SessionCredentials, &request) - if err != nil { fmt.Println("Error: " + err.Error()) os.Exit(2) @@ -104,5 +104,4 @@ func createUpgrade(args []string, ns string) { fmt.Println("Error: " + response.Status.Msg) os.Exit(2) } - } diff --git a/pgo/cmd/user.go b/pgo/cmd/user.go index 7216ce9e1d..57593b1eef 100644 --- a/pgo/cmd/user.go +++ b/pgo/cmd/user.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -20,6 +20,7 @@ import ( "os" "strings" + "github.com/crunchydata/postgres-operator/internal/apiserver" utiloperator "github.com/crunchydata/postgres-operator/internal/util" "github.com/crunchydata/postgres-operator/pgo/api" "github.com/crunchydata/postgres-operator/pgo/util" @@ -88,7 +89,7 @@ func createUser(args []string, ns string) { } // determine if the user provies a valid password type - if _, err := msgs.GetPasswordType(PasswordType); err != nil { + if _, err := apiserver.GetPasswordType(PasswordType); err != nil { fmt.Println("Error:", err.Error()) os.Exit(1) } @@ -401,7 +402,7 @@ func updateUser(clusterNames []string, namespace string) { } // determine if the user provies a valid password type - if _, err := msgs.GetPasswordType(PasswordType); err != nil { + if _, err := apiserver.GetPasswordType(PasswordType); err != nil { fmt.Println("Error:", err.Error()) os.Exit(1) } diff --git a/pgo/cmd/version.go b/pgo/cmd/version.go index 25e6253767..e406d681af 100644 --- a/pgo/cmd/version.go +++ b/pgo/cmd/version.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/watch.go b/pgo/cmd/watch.go index 69d288a1d8..7c05ec406d 100644 --- a/pgo/cmd/watch.go +++ b/pgo/cmd/watch.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/cmd/workflow.go b/pgo/cmd/workflow.go index 239fcd6ef2..6dd0f3bcbc 100644 --- a/pgo/cmd/workflow.go +++ b/pgo/cmd/workflow.go @@ -1,7 +1,7 @@ package cmd /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/generatedocs.go b/pgo/generatedocs.go index daafa3224c..86b0f79209 100644 --- a/pgo/generatedocs.go +++ b/pgo/generatedocs.go @@ -1,7 +1,7 @@ package main /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/pgo.go b/pgo/pgo.go index 6895b7863a..9cbd551c46 100644 --- a/pgo/pgo.go +++ b/pgo/pgo.go @@ -1,7 +1,7 @@ package main /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/util/confirmation.go b/pgo/util/confirmation.go index c227055cb1..732f4de70a 100644 --- a/pgo/util/confirmation.go +++ b/pgo/util/confirmation.go @@ -1,7 +1,7 @@ package util /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/util/pad.go b/pgo/util/pad.go index 276469471a..8c4affbbdf 100644 --- a/pgo/util/pad.go +++ b/pgo/util/pad.go @@ -1,7 +1,7 @@ package util /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pgo/util/validation.go b/pgo/util/validation.go index 7d90f6a6ac..28ee9ac6e0 100644 --- a/pgo/util/validation.go +++ b/pgo/util/validation.go @@ -1,7 +1,7 @@ package util /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apis/crunchydata.com/v1/cluster.go b/pkg/apis/crunchydata.com/v1/cluster.go index e67d0f107d..9d1128c5d2 100644 --- a/pkg/apis/crunchydata.com/v1/cluster.go +++ b/pkg/apis/crunchydata.com/v1/cluster.go @@ -1,7 +1,7 @@ package v1 /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apis/crunchydata.com/v1/common.go b/pkg/apis/crunchydata.com/v1/common.go index 723c2a0a60..db997e8954 100644 --- a/pkg/apis/crunchydata.com/v1/common.go +++ b/pkg/apis/crunchydata.com/v1/common.go @@ -1,7 +1,7 @@ package v1 /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apis/crunchydata.com/v1/common_test.go b/pkg/apis/crunchydata.com/v1/common_test.go index 8ad909e64f..853be90ba1 100644 --- a/pkg/apis/crunchydata.com/v1/common_test.go +++ b/pkg/apis/crunchydata.com/v1/common_test.go @@ -1,7 +1,7 @@ package v1 /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apis/crunchydata.com/v1/doc.go b/pkg/apis/crunchydata.com/v1/doc.go index 3d5c49cd25..db93b2be8b 100644 --- a/pkg/apis/crunchydata.com/v1/doc.go +++ b/pkg/apis/crunchydata.com/v1/doc.go @@ -52,8 +52,9 @@ cluster. ``` curl --cacert $PGO_CA_CERT --key $PGO_CLIENT_KEY --cert $PGO_CA_CERT -u \ admin:examplepassword -H "Content-Type:application/json" --insecure -X \ + POST --data \ - '{"ClientVersion":"4.5.0", + '{"ClientVersion":"4.5.9", "Namespace":"pgouser1", "Name":"mycluster", $PGO_APISERVER_URL/clusters @@ -72,7 +73,7 @@ show all of the clusters that are in the given namespace. curl --cacert $PGO_CA_CERT --key $PGO_CLIENT_KEY --cert $PGO_CA_CERT -u \ admin:examplepassword -H "Content-Type:application/json" --insecure -X \ POST --data \ - '{"ClientVersion":"4.5.0", + '{"ClientVersion":"4.5.9", "Namespace":"pgouser1", "Clustername":"mycluster"}' \ $PGO_APISERVER_URL/showclusters @@ -82,7 +83,7 @@ $PGO_APISERVER_URL/showclusters curl --cacert $PGO_CA_CERT --key $PGO_CLIENT_KEY --cert $PGO_CA_CERT -u \ admin:examplepassword -H "Content-Type:application/json" --insecure -X \ POST --data \ - '{"ClientVersion":"4.5.0", + '{"ClientVersion":"4.5.9", "Namespace":"pgouser1", "Clustername":"mycluster"}' \ $PGO_APISERVER_URL/clustersdelete @@ -90,16 +91,16 @@ $PGO_APISERVER_URL/clustersdelete Schemes: http, https BasePath: / - Version: 4.5.0 + Version: 4.5.9 License: Apache 2.0 http://www.apache.org/licenses/LICENSE-2.0 Contact: Crunchy Data https://www.crunchydata.com/ - Consumes: - - application/json + Consumes: + - application/json - Produces: - - application/json + Produces: + - application/json swagger:meta */ @@ -108,7 +109,7 @@ package v1 // +k8s:deepcopy-gen=package,register /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apis/crunchydata.com/v1/policy.go b/pkg/apis/crunchydata.com/v1/policy.go index 28347f9950..d9ae30983d 100644 --- a/pkg/apis/crunchydata.com/v1/policy.go +++ b/pkg/apis/crunchydata.com/v1/policy.go @@ -1,7 +1,7 @@ package v1 /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apis/crunchydata.com/v1/register.go b/pkg/apis/crunchydata.com/v1/register.go index 00db119bda..347fd8345a 100644 --- a/pkg/apis/crunchydata.com/v1/register.go +++ b/pkg/apis/crunchydata.com/v1/register.go @@ -1,7 +1,7 @@ package v1 /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/apis/crunchydata.com/v1/replica.go b/pkg/apis/crunchydata.com/v1/replica.go index 386fa033d0..00c7d8cf44 100644 --- a/pkg/apis/crunchydata.com/v1/replica.go +++ b/pkg/apis/crunchydata.com/v1/replica.go @@ -1,7 +1,7 @@ package v1 /* - Copyright 2018 - 2020 Crunchy Data Solutions, Inc. + Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apis/crunchydata.com/v1/task.go b/pkg/apis/crunchydata.com/v1/task.go index 5e54d97ab3..b672000542 100644 --- a/pkg/apis/crunchydata.com/v1/task.go +++ b/pkg/apis/crunchydata.com/v1/task.go @@ -1,7 +1,7 @@ package v1 /* - Copyright 2017 - 2020 Crunchy Data Solutions, Inc. + Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apis/crunchydata.com/v1/zz_generated.deepcopy.go b/pkg/apis/crunchydata.com/v1/zz_generated.deepcopy.go index 80fd389e4f..36c7fb5424 100644 --- a/pkg/apis/crunchydata.com/v1/zz_generated.deepcopy.go +++ b/pkg/apis/crunchydata.com/v1/zz_generated.deepcopy.go @@ -1,7 +1,7 @@ // +build !ignore_autogenerated /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/backrestmsgs.go b/pkg/apiservermsgs/backrestmsgs.go index 12d72844b9..999198a0a9 100644 --- a/pkg/apiservermsgs/backrestmsgs.go +++ b/pkg/apiservermsgs/backrestmsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/catmsgs.go b/pkg/apiservermsgs/catmsgs.go index ded313371f..b1eb5dd69f 100644 --- a/pkg/apiservermsgs/catmsgs.go +++ b/pkg/apiservermsgs/catmsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/clonemsgs.go b/pkg/apiservermsgs/clonemsgs.go index 7f78139af1..c67b1bdc94 100644 --- a/pkg/apiservermsgs/clonemsgs.go +++ b/pkg/apiservermsgs/clonemsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/clustermsgs.go b/pkg/apiservermsgs/clustermsgs.go index cfe07dfdd7..b71930774f 100644 --- a/pkg/apiservermsgs/clustermsgs.go +++ b/pkg/apiservermsgs/clustermsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -243,10 +243,12 @@ type ShowClusterService struct { Name string Data string ClusterIP string + ClusterPorts []string ExternalIP string ClusterName string Pgbouncer bool BackrestRepo bool + PGAdmin bool } const PodTypePrimary = "primary" @@ -451,6 +453,7 @@ type ClusterTestRequest struct { const ( ClusterTestInstanceTypePrimary = "primary" ClusterTestInstanceTypeReplica = "replica" + ClusterTestInstanceTypePGAdmin = "pgadmin" ClusterTestInstanceTypePGBouncer = "pgbouncer" ClusterTestInstanceTypeBackups = "backups" ClusterTestInstanceTypeUnknown = "unknown" diff --git a/pkg/apiservermsgs/common.go b/pkg/apiservermsgs/common.go index cce7f6be40..4cb5c08ac3 100644 --- a/pkg/apiservermsgs/common.go +++ b/pkg/apiservermsgs/common.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -15,7 +15,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -const PGO_VERSION = "4.5.0" +const PGO_VERSION = "4.5.9" // Ok status const Ok = "ok" diff --git a/pkg/apiservermsgs/configmsgs.go b/pkg/apiservermsgs/configmsgs.go index 06ed680008..a7f0631401 100644 --- a/pkg/apiservermsgs/configmsgs.go +++ b/pkg/apiservermsgs/configmsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -15,13 +15,9 @@ See the License for the specific language governing permissions and limitations under the License. */ -import ( - "github.com/crunchydata/postgres-operator/internal/config" -) - // ShowConfigResponse ... // swagger:model type ShowConfigResponse struct { - Result config.PgoConfig + Result interface{} Status } diff --git a/pkg/apiservermsgs/dfmsgs.go b/pkg/apiservermsgs/dfmsgs.go index 22541840e7..7e7e980eac 100644 --- a/pkg/apiservermsgs/dfmsgs.go +++ b/pkg/apiservermsgs/dfmsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/failovermsgs.go b/pkg/apiservermsgs/failovermsgs.go index bfeefcb49a..00deaf2320 100644 --- a/pkg/apiservermsgs/failovermsgs.go +++ b/pkg/apiservermsgs/failovermsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/labelmsgs.go b/pkg/apiservermsgs/labelmsgs.go index eabf3e8ecf..1076255240 100644 --- a/pkg/apiservermsgs/labelmsgs.go +++ b/pkg/apiservermsgs/labelmsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/namespacemsgs.go b/pkg/apiservermsgs/namespacemsgs.go index 3921604a00..dda8a3fe3a 100644 --- a/pkg/apiservermsgs/namespacemsgs.go +++ b/pkg/apiservermsgs/namespacemsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/pgadminmsgs.go b/pkg/apiservermsgs/pgadminmsgs.go index 5d68b9352d..9241a9cc43 100644 --- a/pkg/apiservermsgs/pgadminmsgs.go +++ b/pkg/apiservermsgs/pgadminmsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/pgbouncermsgs.go b/pkg/apiservermsgs/pgbouncermsgs.go index 0feab5f15e..997a3e5d61 100644 --- a/pkg/apiservermsgs/pgbouncermsgs.go +++ b/pkg/apiservermsgs/pgbouncermsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/pgdumpmsgs.go b/pkg/apiservermsgs/pgdumpmsgs.go index e247fca304..584c382461 100644 --- a/pkg/apiservermsgs/pgdumpmsgs.go +++ b/pkg/apiservermsgs/pgdumpmsgs.go @@ -5,7 +5,7 @@ import ( ) /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/pgorolemsgs.go b/pkg/apiservermsgs/pgorolemsgs.go index 1f62efa1ab..1705452624 100644 --- a/pkg/apiservermsgs/pgorolemsgs.go +++ b/pkg/apiservermsgs/pgorolemsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/pgousermsgs.go b/pkg/apiservermsgs/pgousermsgs.go index 815f8f1fdf..e636c71b61 100644 --- a/pkg/apiservermsgs/pgousermsgs.go +++ b/pkg/apiservermsgs/pgousermsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/policymsgs.go b/pkg/apiservermsgs/policymsgs.go index ec3e7cf2f9..99ab2074d7 100644 --- a/pkg/apiservermsgs/policymsgs.go +++ b/pkg/apiservermsgs/policymsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/pvcmsgs.go b/pkg/apiservermsgs/pvcmsgs.go index f59ddd7983..7c4f1a366c 100644 --- a/pkg/apiservermsgs/pvcmsgs.go +++ b/pkg/apiservermsgs/pvcmsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/reloadmsgs.go b/pkg/apiservermsgs/reloadmsgs.go index 34a3738399..ae23783d05 100644 --- a/pkg/apiservermsgs/reloadmsgs.go +++ b/pkg/apiservermsgs/reloadmsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/restartmsgs.go b/pkg/apiservermsgs/restartmsgs.go index c0b32d3d00..ffe5db91d5 100644 --- a/pkg/apiservermsgs/restartmsgs.go +++ b/pkg/apiservermsgs/restartmsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/schedulemsgs.go b/pkg/apiservermsgs/schedulemsgs.go index 4b037a5992..529d60ddb6 100644 --- a/pkg/apiservermsgs/schedulemsgs.go +++ b/pkg/apiservermsgs/schedulemsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/statusmsgs.go b/pkg/apiservermsgs/statusmsgs.go index 94994c75b9..923cd7fe77 100644 --- a/pkg/apiservermsgs/statusmsgs.go +++ b/pkg/apiservermsgs/statusmsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/upgrademsgs.go b/pkg/apiservermsgs/upgrademsgs.go index ab7fecc47a..7e30d254de 100644 --- a/pkg/apiservermsgs/upgrademsgs.go +++ b/pkg/apiservermsgs/upgrademsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/usermsgs.go b/pkg/apiservermsgs/usermsgs.go index 1f0ba56295..a39b78a060 100644 --- a/pkg/apiservermsgs/usermsgs.go +++ b/pkg/apiservermsgs/usermsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -15,12 +15,6 @@ See the License for the specific language governing permissions and limitations under the License. */ -import ( - "errors" - - pgpassword "github.com/crunchydata/postgres-operator/internal/postgres/password" -) - type UpdateClusterLoginState int // set the different values around whether or not to disable/enable a user's @@ -31,21 +25,6 @@ const ( UpdateUserLoginDisable ) -var ( - // ErrPasswordTypeInvalid is used when a string that's not included in - // PasswordTypeStrings is used - ErrPasswordTypeInvalid = errors.New("invalid password type. choices are (md5, scram-sha-256)") -) - -// passwordTypeStrings is a mapping of strings of password types to their -// corresponding value of the structured password type -var passwordTypeStrings = map[string]pgpassword.PasswordType{ - "": pgpassword.MD5, - "md5": pgpassword.MD5, - "scram": pgpassword.SCRAM, - "scram-sha-256": pgpassword.SCRAM, -} - // CreateUserRequest contains the parameters that are passed in when an Operator // user requests to create a new PostgreSQL user // swagger:model @@ -152,15 +131,3 @@ type UserResponseDetail struct { Username string ValidUntil string } - -// GetPasswordType returns the enumerated password type based on the string, and -// an error if it cannot match one -func GetPasswordType(passwordTypeStr string) (pgpassword.PasswordType, error) { - passwordType, ok := passwordTypeStrings[passwordTypeStr] - - if !ok { - return passwordType, ErrPasswordTypeInvalid - } - - return passwordType, nil -} diff --git a/pkg/apiservermsgs/usermsgs_test.go b/pkg/apiservermsgs/usermsgs_test.go deleted file mode 100644 index d2f70388fc..0000000000 --- a/pkg/apiservermsgs/usermsgs_test.go +++ /dev/null @@ -1,63 +0,0 @@ -package apiservermsgs - -/* - Copyright 2020 Crunchy Data Solutions, Inc. - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -import ( - "testing" - - pgpassword "github.com/crunchydata/postgres-operator/internal/postgres/password" -) - -func TestGetPasswordType(t *testing.T) { - t.Run("valid", func(t *testing.T) { - tests := map[string]pgpassword.PasswordType{ - "": pgpassword.MD5, - "md5": pgpassword.MD5, - "scram": pgpassword.SCRAM, - "scram-sha-256": pgpassword.SCRAM, - } - - for passwordTypeStr, expected := range tests { - t.Run(passwordTypeStr, func(t *testing.T) { - passwordType, err := GetPasswordType(passwordTypeStr) - - if err != nil { - t.Error(err) - return - } - - if passwordType != expected { - t.Errorf("password type %q should yield %d", passwordTypeStr, expected) - } - }) - } - }) - - t.Run("invalid", func(t *testing.T) { - tests := map[string]error{ - "magic": ErrPasswordTypeInvalid, - "scram-sha-512": ErrPasswordTypeInvalid, - } - - for passwordTypeStr, expected := range tests { - t.Run(passwordTypeStr, func(t *testing.T) { - if _, err := GetPasswordType(passwordTypeStr); err != expected { - t.Errorf("password type %q should yield error %q", passwordTypeStr, expected.Error()) - } - }) - } - }) -} diff --git a/pkg/apiservermsgs/versionmsgs.go b/pkg/apiservermsgs/versionmsgs.go index 7685221c44..91618ec76a 100644 --- a/pkg/apiservermsgs/versionmsgs.go +++ b/pkg/apiservermsgs/versionmsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +Copyright 2017 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/watchmsgs.go b/pkg/apiservermsgs/watchmsgs.go index 9d50a81ccd..4d6c48e65c 100644 --- a/pkg/apiservermsgs/watchmsgs.go +++ b/pkg/apiservermsgs/watchmsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2019 - 2020 Crunchy Data Solutions, Inc. +Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/apiservermsgs/workflowmsgs.go b/pkg/apiservermsgs/workflowmsgs.go index 2908d75347..4c4be0bd45 100644 --- a/pkg/apiservermsgs/workflowmsgs.go +++ b/pkg/apiservermsgs/workflowmsgs.go @@ -1,7 +1,7 @@ package apiservermsgs /* -Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +Copyright 2018 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/events/eventing.go b/pkg/events/eventing.go index 66fc353117..0a6f1887e3 100644 --- a/pkg/events/eventing.go +++ b/pkg/events/eventing.go @@ -1,7 +1,7 @@ package events /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -19,18 +19,16 @@ import ( "encoding/json" "errors" "fmt" - crunchylog "github.com/crunchydata/postgres-operator/internal/logging" - "github.com/nsqio/go-nsq" - log "github.com/sirupsen/logrus" "os" "reflect" "time" + + "github.com/nsqio/go-nsq" + log "github.com/sirupsen/logrus" ) // String returns the string form for a given LogLevel func Publish(e EventInterface) error { - //Add logging configuration - crunchylog.CrunchyLogger(crunchylog.SetParameters()) eventAddr := os.Getenv("EVENT_ADDR") if eventAddr == "" { return errors.New("EVENT_ADDR not set") diff --git a/pkg/events/eventtype.go b/pkg/events/eventtype.go index 15b1bcd726..7e5f75d4f2 100644 --- a/pkg/events/eventtype.go +++ b/pkg/events/eventtype.go @@ -1,7 +1,7 @@ package events /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/events/pgoeventtype.go b/pkg/events/pgoeventtype.go index 75c076b311..305c9197f0 100644 --- a/pkg/events/pgoeventtype.go +++ b/pkg/events/pgoeventtype.go @@ -1,7 +1,7 @@ package events /* - Copyright 2019 - 2020 Crunchy Data Solutions, Inc. + Copyright 2019 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/clientset.go b/pkg/generated/clientset/versioned/clientset.go index 7c5e89774a..7376ce294a 100644 --- a/pkg/generated/clientset/versioned/clientset.go +++ b/pkg/generated/clientset/versioned/clientset.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/doc.go b/pkg/generated/clientset/versioned/doc.go index e2534c0fe7..c8faf9c342 100644 --- a/pkg/generated/clientset/versioned/doc.go +++ b/pkg/generated/clientset/versioned/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/fake/clientset_generated.go b/pkg/generated/clientset/versioned/fake/clientset_generated.go index 384d0e7737..168269e377 100644 --- a/pkg/generated/clientset/versioned/fake/clientset_generated.go +++ b/pkg/generated/clientset/versioned/fake/clientset_generated.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/fake/doc.go b/pkg/generated/clientset/versioned/fake/doc.go index 6318a06f3c..79128b5478 100644 --- a/pkg/generated/clientset/versioned/fake/doc.go +++ b/pkg/generated/clientset/versioned/fake/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/fake/register.go b/pkg/generated/clientset/versioned/fake/register.go index 26c69c1594..bd68e535c8 100644 --- a/pkg/generated/clientset/versioned/fake/register.go +++ b/pkg/generated/clientset/versioned/fake/register.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/scheme/doc.go b/pkg/generated/clientset/versioned/scheme/doc.go index 462fec5e30..264e52dac0 100644 --- a/pkg/generated/clientset/versioned/scheme/doc.go +++ b/pkg/generated/clientset/versioned/scheme/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/scheme/register.go b/pkg/generated/clientset/versioned/scheme/register.go index 4850f74045..de17632bfe 100644 --- a/pkg/generated/clientset/versioned/scheme/register.go +++ b/pkg/generated/clientset/versioned/scheme/register.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/crunchydata.com_client.go b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/crunchydata.com_client.go index aac71b2aa3..dfd0dd03c2 100644 --- a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/crunchydata.com_client.go +++ b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/crunchydata.com_client.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/doc.go b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/doc.go index b7311c21af..c7adf35aa6 100644 --- a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/doc.go +++ b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/doc.go b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/doc.go index 759d8fff95..f1a03c292f 100644 --- a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/doc.go +++ b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_crunchydata.com_client.go b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_crunchydata.com_client.go index f8d6b6b350..6afd73a7ff 100644 --- a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_crunchydata.com_client.go +++ b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_crunchydata.com_client.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_pgcluster.go b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_pgcluster.go index 516955d577..d2e6d3315b 100644 --- a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_pgcluster.go +++ b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_pgcluster.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_pgpolicy.go b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_pgpolicy.go index f44e8a4ebb..f7dab372d4 100644 --- a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_pgpolicy.go +++ b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_pgpolicy.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_pgreplica.go b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_pgreplica.go index d6dc4fbd40..4af4e39a5f 100644 --- a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_pgreplica.go +++ b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_pgreplica.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_pgtask.go b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_pgtask.go index 2db70f152f..687b066cf9 100644 --- a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_pgtask.go +++ b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/fake/fake_pgtask.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/generated_expansion.go b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/generated_expansion.go index 066f811e51..3f12094466 100644 --- a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/generated_expansion.go +++ b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/generated_expansion.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/pgcluster.go b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/pgcluster.go index 035712a6ef..be6f04c03b 100644 --- a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/pgcluster.go +++ b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/pgcluster.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/pgpolicy.go b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/pgpolicy.go index 402b99f523..c12e5a88b5 100644 --- a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/pgpolicy.go +++ b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/pgpolicy.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/pgreplica.go b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/pgreplica.go index 88fb060a69..51824abfd8 100644 --- a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/pgreplica.go +++ b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/pgreplica.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/pgtask.go b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/pgtask.go index 25b2cd1055..e177170e95 100644 --- a/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/pgtask.go +++ b/pkg/generated/clientset/versioned/typed/crunchydata.com/v1/pgtask.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/informers/externalversions/crunchydata.com/interface.go b/pkg/generated/informers/externalversions/crunchydata.com/interface.go index dfe44a0fcb..8aec2edcfb 100644 --- a/pkg/generated/informers/externalversions/crunchydata.com/interface.go +++ b/pkg/generated/informers/externalversions/crunchydata.com/interface.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/informers/externalversions/crunchydata.com/v1/interface.go b/pkg/generated/informers/externalversions/crunchydata.com/v1/interface.go index c34a37f8e7..cbaf0ff49a 100644 --- a/pkg/generated/informers/externalversions/crunchydata.com/v1/interface.go +++ b/pkg/generated/informers/externalversions/crunchydata.com/v1/interface.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/informers/externalversions/crunchydata.com/v1/pgcluster.go b/pkg/generated/informers/externalversions/crunchydata.com/v1/pgcluster.go index 92f0d9a6a9..96ce541cb8 100644 --- a/pkg/generated/informers/externalversions/crunchydata.com/v1/pgcluster.go +++ b/pkg/generated/informers/externalversions/crunchydata.com/v1/pgcluster.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/informers/externalversions/crunchydata.com/v1/pgpolicy.go b/pkg/generated/informers/externalversions/crunchydata.com/v1/pgpolicy.go index ea70fa720d..83034c1453 100644 --- a/pkg/generated/informers/externalversions/crunchydata.com/v1/pgpolicy.go +++ b/pkg/generated/informers/externalversions/crunchydata.com/v1/pgpolicy.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/informers/externalversions/crunchydata.com/v1/pgreplica.go b/pkg/generated/informers/externalversions/crunchydata.com/v1/pgreplica.go index 99332793ac..55eba0af23 100644 --- a/pkg/generated/informers/externalversions/crunchydata.com/v1/pgreplica.go +++ b/pkg/generated/informers/externalversions/crunchydata.com/v1/pgreplica.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/informers/externalversions/crunchydata.com/v1/pgtask.go b/pkg/generated/informers/externalversions/crunchydata.com/v1/pgtask.go index bf1cbd60a8..149acc91a3 100644 --- a/pkg/generated/informers/externalversions/crunchydata.com/v1/pgtask.go +++ b/pkg/generated/informers/externalversions/crunchydata.com/v1/pgtask.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/informers/externalversions/factory.go b/pkg/generated/informers/externalversions/factory.go index 56886a005a..00e6004f0a 100644 --- a/pkg/generated/informers/externalversions/factory.go +++ b/pkg/generated/informers/externalversions/factory.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/informers/externalversions/generic.go b/pkg/generated/informers/externalversions/generic.go index 130dd5ad37..7fa4a6e032 100644 --- a/pkg/generated/informers/externalversions/generic.go +++ b/pkg/generated/informers/externalversions/generic.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/informers/externalversions/internalinterfaces/factory_interfaces.go b/pkg/generated/informers/externalversions/internalinterfaces/factory_interfaces.go index 4086ab3a09..a7b137f9b6 100644 --- a/pkg/generated/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/pkg/generated/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/listers/crunchydata.com/v1/expansion_generated.go b/pkg/generated/listers/crunchydata.com/v1/expansion_generated.go index ca6b77b1a3..91a28bb8bd 100644 --- a/pkg/generated/listers/crunchydata.com/v1/expansion_generated.go +++ b/pkg/generated/listers/crunchydata.com/v1/expansion_generated.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/listers/crunchydata.com/v1/pgcluster.go b/pkg/generated/listers/crunchydata.com/v1/pgcluster.go index 10db1c63a2..d8ce1e5b88 100644 --- a/pkg/generated/listers/crunchydata.com/v1/pgcluster.go +++ b/pkg/generated/listers/crunchydata.com/v1/pgcluster.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/listers/crunchydata.com/v1/pgpolicy.go b/pkg/generated/listers/crunchydata.com/v1/pgpolicy.go index d996df08ee..bae64cad46 100644 --- a/pkg/generated/listers/crunchydata.com/v1/pgpolicy.go +++ b/pkg/generated/listers/crunchydata.com/v1/pgpolicy.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/listers/crunchydata.com/v1/pgreplica.go b/pkg/generated/listers/crunchydata.com/v1/pgreplica.go index 23632d1ee4..825e3321aa 100644 --- a/pkg/generated/listers/crunchydata.com/v1/pgreplica.go +++ b/pkg/generated/listers/crunchydata.com/v1/pgreplica.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pkg/generated/listers/crunchydata.com/v1/pgtask.go b/pkg/generated/listers/crunchydata.com/v1/pgtask.go index 94a405754c..927284e070 100644 --- a/pkg/generated/listers/crunchydata.com/v1/pgtask.go +++ b/pkg/generated/listers/crunchydata.com/v1/pgtask.go @@ -1,5 +1,5 @@ /* -Copyright 2020 Crunchy Data Solutions, Inc. +Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/postgres-operator.go b/postgres-operator.go index 325303c9a2..9c532eed11 100644 --- a/postgres-operator.go +++ b/postgres-operator.go @@ -1,7 +1,7 @@ package main /* -Copyright 2017 - 2020 Crunchy Data +Copyright 2017 - 2022 Crunchy Data Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/pv/create-pv-nfs-label.sh b/pv/create-pv-nfs-label.sh index a77e3e68e3..ec11b1b573 100755 --- a/pv/create-pv-nfs-label.sh +++ b/pv/create-pv-nfs-label.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2018 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2018 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/pv/create-pv-nfs-legacy.sh b/pv/create-pv-nfs-legacy.sh index 4850e73652..1f6a381035 100755 --- a/pv/create-pv-nfs-legacy.sh +++ b/pv/create-pv-nfs-legacy.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2017 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/pv/create-pv-nfs.sh b/pv/create-pv-nfs.sh index 8b2ef4ab67..60dd1f04d6 100755 --- a/pv/create-pv-nfs.sh +++ b/pv/create-pv-nfs.sh @@ -1,5 +1,5 @@ #!/bin/bash -# Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2017 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/pv/create-pv.sh b/pv/create-pv.sh index 46bbf4dbe8..44fb402031 100755 --- a/pv/create-pv.sh +++ b/pv/create-pv.sh @@ -1,5 +1,5 @@ #!/bin/bash -# Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2017 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/pv/delete-pv.sh b/pv/delete-pv.sh index cd653a1778..3b1513184b 100755 --- a/pv/delete-pv.sh +++ b/pv/delete-pv.sh @@ -1,5 +1,5 @@ #!/bin/bash -# Copyright 2017 - 2020 Crunchy Data Solutions, Inc. +# Copyright 2017 - 2022 Crunchy Data Solutions, Inc. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/redhat/atomic/help.1 b/redhat/atomic/help.1 index bc21518dd8..139f354070 100644 --- a/redhat/atomic/help.1 +++ b/redhat/atomic/help.1 @@ -56,4 +56,4 @@ The Red Hat Enterprise Linux version from which the container was built. For exa \fB\fCRelease=\fR .PP -The specific release number of the container. For example, Release="4.5.0" +The specific release number of the container. For example, Release="4.5.9" diff --git a/redhat/atomic/help.md b/redhat/atomic/help.md index 8950e24d47..9ac7292550 100644 --- a/redhat/atomic/help.md +++ b/redhat/atomic/help.md @@ -45,4 +45,4 @@ The Red Hat Enterprise Linux version from which the container was built. For exa `Release=` -The specific release number of the container. For example, Release="4.5.0" +The specific release number of the container. For example, Release="4.5.9" diff --git a/testing/kubeapi/deployment.go b/testing/kubeapi/deployment.go index 4b864d326a..52ab85e4c9 100644 --- a/testing/kubeapi/deployment.go +++ b/testing/kubeapi/deployment.go @@ -22,3 +22,13 @@ func (k *KubeAPI) ListDeployments(namespace string, labels map[string]string) ([ return list.Items, err } + +// GetDeployment returns deployment by name, if exists. +func (k *KubeAPI) GetDeployment(namespace, name string) *apps_v1.Deployment { + deployment, err := k.Client.AppsV1().Deployments(namespace).Get(name, meta_v1.GetOptions{}) + if deployment == nil && err != nil { + deployment = &apps_v1.Deployment{} + } + + return deployment +} diff --git a/testing/pgo_cli/cluster_annotation_test.go b/testing/pgo_cli/cluster_annotation_test.go new file mode 100644 index 0000000000..66c94898f1 --- /dev/null +++ b/testing/pgo_cli/cluster_annotation_test.go @@ -0,0 +1,247 @@ +package pgo_cli_test + +/* + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +import ( + "testing" + "time" + + "github.com/stretchr/testify/require" +) + +func TestClusterAnnotation(t *testing.T) { + t.Parallel() + + withNamespace(t, func(namespace func() string) { + t.Run("on create", func(t *testing.T) { + t.Parallel() + tests := []struct { + testName string + annotations map[string]string + clusterFlags []string + addFlags []string + removeFlags []string + deployments []string + }{ + { + testName: "create-global", + annotations: map[string]string{ + "global": "here", + "global2": "foo", + }, + clusterFlags: []string{"--pgbouncer"}, + addFlags: []string{"--annotation=global=here", "--annotation=global2=foo"}, + removeFlags: []string{"--annotation=global-", "--annotation=global2-"}, + deployments: []string{"create-global", "create-global-backrest-shared-repo", "create-global-pgbouncer"}, + }, { + testName: "create-postgres", + annotations: map[string]string{ + "postgres": "present", + }, + clusterFlags: []string{}, + addFlags: []string{"--annotation-postgres=postgres=present"}, + removeFlags: []string{"--annotation-postgres=postgres-"}, + deployments: []string{"create-postgres"}, + }, { + testName: "create-pgbackrest", + annotations: map[string]string{ + "pgbackrest": "what", + }, + clusterFlags: []string{}, + addFlags: []string{"--annotation-pgbackrest=pgbackrest=what"}, + removeFlags: []string{"--annotation-pgbackrest=pgbackrest-"}, + deployments: []string{"create-pgbackrest-backrest-shared-repo"}, + }, { + testName: "create-pgbouncer", + annotations: map[string]string{ + "pgbouncer": "aqui", + }, + clusterFlags: []string{"--pgbouncer"}, + addFlags: []string{"--annotation-pgbouncer=pgbouncer=aqui"}, + removeFlags: []string{"--annotation-pgbouncer=pgbouncer-"}, + deployments: []string{"create-pgbouncer-pgbouncer"}, + }, { + testName: "remove-one", + annotations: map[string]string{ + "leave": "me", + }, + clusterFlags: []string{"--pgbouncer"}, + addFlags: []string{"--annotation=remove=me", "--annotation=leave=me"}, + removeFlags: []string{"--annotation=remove-"}, + deployments: []string{"remove-one", "remove-one-backrest-shared-repo", "remove-one-pgbouncer"}, + }, + } + + for _, test := range tests { + test := test // lock test variable in for each run since it changes across parallel loops + t.Run(test.testName, func(t *testing.T) { + t.Parallel() + createCMD := []string{"create", "cluster", test.testName, "-n", namespace()} + createCMD = append(createCMD, test.clusterFlags...) + createCMD = append(createCMD, test.addFlags...) + output, err := pgo(createCMD...).Exec(t) + t.Cleanup(func() { + teardownCluster(t, namespace(), test.testName, time.Now()) + }) + require.NoError(t, err) + require.Contains(t, output, "created cluster:") + + requireClusterReady(t, namespace(), test.testName, (2 * time.Minute)) + if contains(test.clusterFlags, "--pgbouncer") { + requirePgBouncerReady(t, namespace(), test.testName, (2 * time.Minute)) + } + + t.Run("add", func(t *testing.T) { + for _, deploymentName := range test.deployments { + for expectedKey, expectedValue := range test.annotations { + hasAnnotation := func() bool { + actualAnnotations := TestContext.Kubernetes.GetDeployment(namespace(), deploymentName).Spec.Template.ObjectMeta.GetAnnotations() + actualValue := actualAnnotations[expectedKey] + if actualValue == expectedValue { + return true + } + + return false + } + + requireWaitFor(t, hasAnnotation, time.Minute, time.Second, + "timeout waiting for deployment \"%q\" to have annotation \"%s: %s\"", deploymentName, expectedKey, expectedValue) + } + } + }) + + t.Run("remove", func(t *testing.T) { + t.Skip("Bug: annotation in not removed on update") + updateCMD := []string{"update", "cluster", test.testName, "-n", namespace(), "--no-prompt"} + updateCMD = append(updateCMD, test.removeFlags...) + output, err := pgo(updateCMD...).Exec(t) + require.NoError(t, err) + require.Contains(t, output, "updated pgcluster") + + for _, deploymentName := range test.deployments { + for expectedKey, _ := range test.annotations { + notHasAnnotation := func() bool { + actualAnnotations := TestContext.Kubernetes.GetDeployment(namespace(), deploymentName).Spec.Template.ObjectMeta.GetAnnotations() + actualValue := actualAnnotations[expectedKey] + if actualValue != "" { + return false + } + + return true + } + + requireWaitFor(t, notHasAnnotation, time.Minute, time.Second, + "timeout waiting for annotation key \"%s\" to be removed from deployment \"%s\"", expectedKey, deploymentName) + } + } + }) + }) + } + }) + + t.Run("on update", func(t *testing.T) { + t.Parallel() + + tests := []struct { + testName string + annotations map[string]string + clusterFlags []string + addFlags []string + deployments []string + }{ + { + testName: "update-global", + annotations: map[string]string{ + "global": "here", + "global2": "foo", + }, + clusterFlags: []string{"--pgbouncer"}, + addFlags: []string{"--annotation=global=here", "--annotation=global2=foo"}, + deployments: []string{"update-global", "update-global-backrest-shared-repo", "update-global-pgbouncer"}, + }, { + testName: "update-postgres", + annotations: map[string]string{ + "postgres": "present", + }, + clusterFlags: []string{}, + addFlags: []string{"--annotation-postgres=postgres=present"}, + deployments: []string{"update-postgres"}, + }, { + testName: "update-pgbackrest", + annotations: map[string]string{ + "pgbackrest": "what", + }, + clusterFlags: []string{}, + addFlags: []string{"--annotation-pgbackrest=pgbackrest=what"}, + deployments: []string{"update-pgbackrest-backrest-shared-repo"}, + }, { + testName: "update-pgbouncer", + annotations: map[string]string{ + "pgbouncer": "aqui", + }, + clusterFlags: []string{"--pgbouncer"}, + addFlags: []string{"--annotation-pgbouncer=pgbouncer=aqui"}, + deployments: []string{"update-pgbouncer-pgbouncer"}, + }, + } + + for _, test := range tests { + test := test // lock test variable in for each run since it changes across parallel loops + t.Run(test.testName, func(t *testing.T) { + t.Parallel() + createCMD := []string{"create", "cluster", test.testName, "-n", namespace()} + createCMD = append(createCMD, test.clusterFlags...) + output, err := pgo(createCMD...).Exec(t) + t.Cleanup(func() { + teardownCluster(t, namespace(), test.testName, time.Now()) + }) + require.NoError(t, err) + require.Contains(t, output, "created cluster:") + + requireClusterReady(t, namespace(), test.testName, (2 * time.Minute)) + if contains(test.clusterFlags, "--pgbouncer") { + requirePgBouncerReady(t, namespace(), test.testName, (2 * time.Minute)) + } + + updateCMD := []string{"update", "cluster", test.testName, "-n", namespace(), "--no-prompt"} + updateCMD = append(updateCMD, test.addFlags...) + output, err = pgo(updateCMD...).Exec(t) + require.NoError(t, err) + require.Contains(t, output, "updated pgcluster") + + t.Run("add", func(t *testing.T) { + for _, deploymentName := range test.deployments { + for expectedKey, expectedValue := range test.annotations { + hasAnnotation := func() bool { + actualAnnotations := TestContext.Kubernetes.GetDeployment(namespace(), deploymentName).Spec.Template.ObjectMeta.GetAnnotations() + actualValue := actualAnnotations[expectedKey] + if actualValue == expectedValue { + return true + } + + return false + } + + requireWaitFor(t, hasAnnotation, time.Minute, time.Second, + "timeout waiting for deployment \"%q\" to have annotation \"%s: %s\"", deploymentName, expectedKey, expectedValue) + } + } + }) + }) + } + }) + }) +} diff --git a/testing/pgo_cli/cluster_backup_test.go b/testing/pgo_cli/cluster_backup_test.go index d2f8508c3d..b937e218a8 100644 --- a/testing/pgo_cli/cluster_backup_test.go +++ b/testing/pgo_cli/cluster_backup_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/cluster_cat_test.go b/testing/pgo_cli/cluster_cat_test.go index 4cb159be8d..123648f5cf 100644 --- a/testing/pgo_cli/cluster_cat_test.go +++ b/testing/pgo_cli/cluster_cat_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/cluster_clone_test.go b/testing/pgo_cli/cluster_clone_test.go index 606139e820..62ded0c10a 100644 --- a/testing/pgo_cli/cluster_clone_test.go +++ b/testing/pgo_cli/cluster_clone_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/cluster_create_test.go b/testing/pgo_cli/cluster_create_test.go index 26f0c2be4f..228177a749 100644 --- a/testing/pgo_cli/cluster_create_test.go +++ b/testing/pgo_cli/cluster_create_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/cluster_delete_test.go b/testing/pgo_cli/cluster_delete_test.go index cba99408f7..08cf13df79 100644 --- a/testing/pgo_cli/cluster_delete_test.go +++ b/testing/pgo_cli/cluster_delete_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/cluster_df_test.go b/testing/pgo_cli/cluster_df_test.go index 8171a7aa45..056c947d3c 100644 --- a/testing/pgo_cli/cluster_df_test.go +++ b/testing/pgo_cli/cluster_df_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/cluster_failover_test.go b/testing/pgo_cli/cluster_failover_test.go index d35a6d87f5..ff1bf789bf 100644 --- a/testing/pgo_cli/cluster_failover_test.go +++ b/testing/pgo_cli/cluster_failover_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/cluster_label_test.go b/testing/pgo_cli/cluster_label_test.go index 0f54f7af93..67d9023604 100644 --- a/testing/pgo_cli/cluster_label_test.go +++ b/testing/pgo_cli/cluster_label_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/cluster_pgbouncer_test.go b/testing/pgo_cli/cluster_pgbouncer_test.go index 9c5b72ba66..30aebd9571 100644 --- a/testing/pgo_cli/cluster_pgbouncer_test.go +++ b/testing/pgo_cli/cluster_pgbouncer_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/cluster_policy_test.go b/testing/pgo_cli/cluster_policy_test.go index df7197deb4..eb08beee07 100644 --- a/testing/pgo_cli/cluster_policy_test.go +++ b/testing/pgo_cli/cluster_policy_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/cluster_pvc_test.go b/testing/pgo_cli/cluster_pvc_test.go index bd91b28435..a55d962435 100644 --- a/testing/pgo_cli/cluster_pvc_test.go +++ b/testing/pgo_cli/cluster_pvc_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/cluster_reload_test.go b/testing/pgo_cli/cluster_reload_test.go index e2900ee4fb..e0ffd7cc46 100644 --- a/testing/pgo_cli/cluster_reload_test.go +++ b/testing/pgo_cli/cluster_reload_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/cluster_restart_test.go b/testing/pgo_cli/cluster_restart_test.go index 3f438b6570..b741717e6d 100644 --- a/testing/pgo_cli/cluster_restart_test.go +++ b/testing/pgo_cli/cluster_restart_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/cluster_scale_test.go b/testing/pgo_cli/cluster_scale_test.go index 11ce9a9c21..475b54339d 100644 --- a/testing/pgo_cli/cluster_scale_test.go +++ b/testing/pgo_cli/cluster_scale_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/cluster_scaledown_test.go b/testing/pgo_cli/cluster_scaledown_test.go index f1926a4d4d..e8fc1f1a46 100644 --- a/testing/pgo_cli/cluster_scaledown_test.go +++ b/testing/pgo_cli/cluster_scaledown_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/cluster_test_test.go b/testing/pgo_cli/cluster_test_test.go index 153d47f467..d1f40fe826 100644 --- a/testing/pgo_cli/cluster_test_test.go +++ b/testing/pgo_cli/cluster_test_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/cluster_user_test.go b/testing/pgo_cli/cluster_user_test.go index 9e59757a9a..17e416eab3 100644 --- a/testing/pgo_cli/cluster_user_test.go +++ b/testing/pgo_cli/cluster_user_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/operator_namespace_test.go b/testing/pgo_cli/operator_namespace_test.go index ef327c2ece..32b8f5a85e 100644 --- a/testing/pgo_cli/operator_namespace_test.go +++ b/testing/pgo_cli/operator_namespace_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/operator_rbac_test.go b/testing/pgo_cli/operator_rbac_test.go index 8fa4609894..4a18548905 100644 --- a/testing/pgo_cli/operator_rbac_test.go +++ b/testing/pgo_cli/operator_rbac_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/operator_test.go b/testing/pgo_cli/operator_test.go index 743b872614..81442de7dc 100644 --- a/testing/pgo_cli/operator_test.go +++ b/testing/pgo_cli/operator_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/suite_helpers_test.go b/testing/pgo_cli/suite_helpers_test.go index 4ec5ed613b..c0bf2a9121 100644 --- a/testing/pgo_cli/suite_helpers_test.go +++ b/testing/pgo_cli/suite_helpers_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -44,6 +44,16 @@ type Pool struct { func (p *Pool) Close() error { p.Pool.Close(); return p.Proxy.Close() } +// contains will take a string slice and check if it contains a string +func contains(s []string, str string) bool { + for _, v := range s { + if v == str { + return true + } + } + return false +} + // clusterConnection opens a PostgreSQL connection to a database pod. Any error // will cause t to FailNow. func clusterConnection(t testing.TB, namespace, cluster, dsn string) *Pool { @@ -327,12 +337,6 @@ func withCluster(t testing.TB, namespace func() string, during func(func() strin var name string var once sync.Once - defer func() { - if name != "" { - teardownCluster(t, namespace(), name, created) - } - }() - during(func() string { once.Do(func() { generated := names.SimpleNameGenerator.GenerateName("pgo-test-") @@ -343,6 +347,10 @@ func withCluster(t testing.TB, namespace func() string, during func(func() strin created = time.Now() name = generated } + + t.Cleanup(func() { + teardownCluster(t, namespace(), name, created) + }) }) return name }) @@ -364,13 +372,6 @@ func withNamespace(t testing.TB, during func(func() string)) { var namespace *core_v1.Namespace var once sync.Once - defer func() { - if namespace != nil { - err := TestContext.Kubernetes.DeleteNamespace(namespace.Name) - assert.NoErrorf(t, err, "unable to tear down namespace %q", namespace.Name) - } - }() - during(func() string { once.Do(func() { ns, err := TestContext.Kubernetes.GenerateNamespace( @@ -381,6 +382,11 @@ func withNamespace(t testing.TB, during func(func() string)) { _, err = pgo("update", "namespace", namespace.Name).Exec(t) assert.NoErrorf(t, err, "unable to take ownership of namespace %q", namespace.Name) } + + t.Cleanup(func() { + err := TestContext.Kubernetes.DeleteNamespace(namespace.Name) + assert.NoErrorf(t, err, "unable to tear down namespace %q", namespace.Name) + }) }) return namespace.Name diff --git a/testing/pgo_cli/suite_pgo_cmd_test.go b/testing/pgo_cli/suite_pgo_cmd_test.go index 91aec62228..f19fb4a879 100644 --- a/testing/pgo_cli/suite_pgo_cmd_test.go +++ b/testing/pgo_cli/suite_pgo_cmd_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/testing/pgo_cli/suite_test.go b/testing/pgo_cli/suite_test.go index 4f2056d08e..bca4b81a5e 100644 --- a/testing/pgo_cli/suite_test.go +++ b/testing/pgo_cli/suite_test.go @@ -1,7 +1,7 @@ package pgo_cli_test /* - Copyright 2020 Crunchy Data Solutions, Inc. + Copyright 2020 - 2022 Crunchy Data Solutions, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at